5 votes

Given Tilde's dedication to user security and privacy, it would be awesome if we could use GPG encryption in PMs.

This is of course already possible with base 64 encoding and some work on the user's side, but adding the ability to encrypt messages as a native feature would better encourage this as a security measure. This is a standard feature on a lot of darknet markets. Tildes could allow users to upload a public GPG key. Then a private key could be held entirely client-side in session storage to be used by JavaScript.

This feature would probably add too much complexity to the site's simplistic front end. But I'd be interested to have a discussion on the pros/cons.

7 comments

  1. [3]
    cfabbro
    Link
    I think the biggest problem with supporting that is, yes ~ is dedicated to security and privacy but also accountability for actions as well which, if every PM was encrypted, would be problematic.

    I think the biggest problem with supporting that is, yes ~ is dedicated to security and privacy but also accountability for actions as well which, if every PM was encrypted, would be problematic.

    7 votes
    1. [3]
      Comment deleted by author
      Link Parent
      1. [2]
        cfabbro
        (edited )
        Link Parent
        And if neither party was willing to do so, as would likely be the case if they were dealing with trading in illegal materials... what then? I very much doubt @deimos wants to turn this place into...

        And if neither party was willing to do so, as would likely be the case if they were dealing with trading in illegal materials... what then? I very much doubt @deimos wants to turn this place into a black market.

        5 votes
        1. [2]
          Comment deleted by author
          Link Parent
          1. cfabbro
            Link Parent
            True, they could, but if a bunch of encrypted messages start being passed around that is a sure sign to investigate the situation further. Whereas if it was explicitly supported through built-in...

            True, they could, but if a bunch of encrypted messages start being passed around that is a sure sign to investigate the situation further. Whereas if it was explicitly supported through built-in site features that would be impossible to notice.

            p.s. I am not entirely opposed to the idea... I just don't know what the legal ramifications would be for ~ given it's a Canadian Not-for-profit Corporation and I very much doubt @deimos wants to risk losing his non-profit status by explicitly allowing it or risk getting indicted for potentially helping facilitate a black market on the site.

            3 votes
  2. vakieh
    Link
    This is because darknet markets typically deal with illegal activities. It would also make things more than a little difficult if people wanted to access tildes on different devices, with the...

    This is a standard feature on a lot of darknet markets.

    This is because darknet markets typically deal with illegal activities.

    It would also make things more than a little difficult if people wanted to access tildes on different devices, with the naive solution being to also upload the private key - I hope you see where I'm going with this.

    All in all not a good direction to go.

    7 votes
  3. nathan
    Link
    This doesn’t seem like a necessary feature to me. If you want encrypted private messaging, there’s plenty of tools to accomplish that. Secure private messaging seems out of scopes for a discussion...

    This doesn’t seem like a necessary feature to me. If you want encrypted private messaging, there’s plenty of tools to accomplish that.

    Secure private messaging seems out of scopes for a discussion forum and link aggregator.

    4 votes
  4. teaearlgraycold
    Link
    I wouldn't think GPG would be obligatory, so not all PMs would be encrypted. I'm curious what situations would require PMs to be opened where both the sender and receiver are not willing to...

    I wouldn't think GPG would be obligatory, so not all PMs would be encrypted. I'm curious what situations would require PMs to be opened where both the sender and receiver are not willing to decrypt the messages.

    1 vote
  5. panic
    Link
    For me, the main argument against this would be usability. I don't want to have to manually transfer keys around in order to read my PMs.

    For me, the main argument against this would be usability. I don't want to have to manually transfer keys around in order to read my PMs.

    1 vote