5
votes
Given Tilde's dedication to user security and privacy, it would be awesome if we could use GPG encryption in PMs.
This is of course already possible with base 64 encoding and some work on the user's side, but adding the ability to encrypt messages as a native feature would better encourage this as a security measure. This is a standard feature on a lot of darknet markets. Tildes could allow users to upload a public GPG key. Then a private key could be held entirely client-side in session storage to be used by JavaScript.
This feature would probably add too much complexity to the site's simplistic front end. But I'd be interested to have a discussion on the pros/cons.
I think the biggest problem with supporting that is, yes ~ is dedicated to security and privacy but also accountability for actions as well which, if every PM was encrypted, would be problematic.
And if neither party was willing to do so, as would likely be the case if they were dealing with trading in illegal materials... what then? I very much doubt @deimos wants to turn this place into a black market.
True, they could, but if a bunch of encrypted messages start being passed around that is a sure sign to investigate the situation further. Whereas if it was explicitly supported through built-in site features that would be impossible to notice.
p.s. I am not entirely opposed to the idea... I just don't know what the legal ramifications would be for ~ given it's a Canadian Not-for-profit Corporation and I very much doubt @deimos wants to risk losing his non-profit status by explicitly allowing it or risk getting indicted for potentially helping facilitate a black market on the site.
This is because darknet markets typically deal with illegal activities.
It would also make things more than a little difficult if people wanted to access tildes on different devices, with the naive solution being to also upload the private key - I hope you see where I'm going with this.
All in all not a good direction to go.
This doesn’t seem like a necessary feature to me. If you want encrypted private messaging, there’s plenty of tools to accomplish that.
Secure private messaging seems out of scopes for a discussion forum and link aggregator.
I wouldn't think GPG would be obligatory, so not all PMs would be encrypted. I'm curious what situations would require PMs to be opened where both the sender and receiver are not willing to decrypt the messages.
For me, the main argument against this would be usability. I don't want to have to manually transfer keys around in order to read my PMs.