How do you feel about Session's choice to removes Perfect Forward Secrecy?

>>105876017 (OP)
Has no impact on privacy so who cares

>>105876017 (OP)
does this mean that the enshittification has started?

>>105876117
It never had PFS since it would only help users if the adversary already has full device access

>>105876155
okay, i dont even know what Perfect Forward Secrecy is

>>105876047
I think decrypting your messages would have an impact on security

>>105876210
Basically that future message keys can't be derived by having the message key of a previous message

>>105876314
Yeah but not if the attack vector already requires full access to your device

>>105876343
If I'm texting Bob and Bob's phone gets seized and they were logging our encrypted messages, wouldn't they be able to decrypt all of our encrypted messages with access to Bob's private key on his phone?

>>105876358
PFS isn't about endpoint security but mitm attacks. If they have full access to Bob's device (not just mere physical access but bypassing all restrictions) they will see all of the messages anyway.
The only way you can prevent this is with self deleting messages, which can be enabled in session with a custom time limit (there's pros and cons for custom time limits but that's more about deanonymization and requires additional info), or you can manually delete all your messages on both devices (which only works if the device hasn't been copied yet). So even in your example:
1. is PFS irrelevant
2. are there solutions built into Session

>>105876343
>>105876468
>Basically that future message keys can't be derived by having the message key of a previous message
hm, i guess that would be useful if i meet someone at a party and we exchange keys somehow not via Internet. and then we can send messages to each other through random partner nodes (not directly) and people can't figure out how many messages ive sent to the same person.
assuming people grab a bunch of messages (similar to grabbing several crypto transactions), several of which they dont even have the key for. i dunno how signal messaging works but it would be useful if people receive 9 messages not for them for every 1 message actually for them.

>>105876633
Session nodes already send some bs data around so even if some party owned some malicious nodes it would still not help them a lot. But that's also not really connected to PFS. There are some legitimate drawbacks to Session and in my opinion they had no good reason to remove PFS but them not having PFS is only bad from a PR standpoint.

You Silence. Encrypted SMS and MMS

>>105878017
if you want to protect your communications why would you even bother working with sms

just use Signal / Element / SimpleX depending on use case

>>105878585
Is there any use case where SimpleX is useful? Everytime I've tried to get someone to use it, they've had trouble with the UI and the message delay is multiple minutes at times

>>105878017
No anonymity, gpg is somewhat leaky

>>105878585
>SimpleX
Overengineered bs

>>105876017 (OP)
What, they have no "metadata" on their messages? What does that mean? Fucking retarded.

Imho all those private chat apps are kinda useless onto themself most of the time, unless you are some sort of mega persecuted minority. Most of those are used by 5 kissless vir/g/ins in total, lack many user-friendly features, you can't really tell on your own if they are safe or not and still wont protect you against physical enforcement (a.k.a. soldering iron + your anus). If you really need to talk about something sensitive, do this in real life, behind closed doors. Avoid doing this remotely unless your entire life revolves around it (because you are darknet drug dealer or something, but AFAIR most of them still use PGP).

>>105878305
If it's thoroughly encrypted, I don't see a problem.
>>105879223
Never had this problem

>>105880734
>Never had this problem
It's inherent to PGP

>>105879451
>AFAIR most of them still use PGP).
how exactly do you think they exchange the pgp encrypted messages without a private chat app?