e2e encryption is pain in the ass, key generation and exchanging, complex and annoying to do
No, no it’s not.
Yes, it’s more complex than sending plaintext. But for starters it’d be extremely simple to generate a keypair for every user and publish the public key with their profile. When sending DMs you’d use this public key to encrypt the message.
As for storing the private key you could encrypt it with (a derivative of) the user’s password, and store it decrypted possibly just in the user’s browser.
This simple measure would prevent simple ways of reading the DMs, though obviously you still need to trust that your instance admins are actually serving you the code they claim they do. But it’d definitely prevent “accidental” misuse.
Fediverse adds level of complexity on it, like you mention.
Malicious Lemmy instance could man-in-the-middle by providing it’s public key in behalf of the user in other side. Normally this can be mitigated by CA, but CA doesn’t fit very well in decentralized system.
You could add AES with users own password, but problem is that same malicious instance could also steal users password.
IMHO false sense of privacy is worst than knowing that stuff is unsecure. Again in my opinion fediverse is comparable to yelling in town square.
No, no it’s not.
Yes, it’s more complex than sending plaintext. But for starters it’d be extremely simple to generate a keypair for every user and publish the public key with their profile. When sending DMs you’d use this public key to encrypt the message.
As for storing the private key you could encrypt it with (a derivative of) the user’s password, and store it decrypted possibly just in the user’s browser.
This simple measure would prevent simple ways of reading the DMs, though obviously you still need to trust that your instance admins are actually serving you the code they claim they do. But it’d definitely prevent “accidental” misuse.
Fediverse adds level of complexity on it, like you mention.
Malicious Lemmy instance could man-in-the-middle by providing it’s public key in behalf of the user in other side. Normally this can be mitigated by CA, but CA doesn’t fit very well in decentralized system.
You could add AES with users own password, but problem is that same malicious instance could also steal users password.
IMHO false sense of privacy is worst than knowing that stuff is unsecure. Again in my opinion fediverse is comparable to yelling in town square.