Jean-luc Peak-hard

  • 0 Posts
  • 6 Comments
Joined 8 months ago
cake
Cake day: June 17th, 2025

help-circle
  • Any we client including Matrix webclient is incredibly vulnerable to the server just injecting JS

    That doesn’t preclude fediverse clients from enabling E2EE. A web-client isn’t a requirement.

    Like there is no point of E2E encryption in Twitter, Musk can read your messages if you open them on any device he can execute arbitrary code on.

    Agreed, nobody should trust twitter, but I would trust most mastodon clients to send encrypted messages, if/when implemented correctly. Does it guarantee that messages will never be read? No, but it does an extra layer that wasn’t there before.




  • Check out CryptPad.org, it’s:

    • Open Source; so it can’t be taken away from you should the org cease to exist.
    • Self-hostable; although you can use or pay to use other people’s instances.
    • Collaborative; with real-time editing like Google docs
    • Federated; so you can collaborate with others whether you’re using a self-hosted instance or using any other server.
    • End-to-end encrypted: The server admins can’t see any of your data.

    Only downsides so far is that the UX is a bit slow when first loading documents and there are no mobile apps.

    EDIT: Forgot to add the important par, they recently added support for OnlyOffice in the browser, which to me, was a pretty big deal.