Recruiting Testers for End to End Encrypted Private Messaging Extension

Kyrne

Hello my fellow Flarumites,

I'm once again gathering testers for an upcoming extension of mine. I'm getting very close to finishing up my version of the long awaited private messaging extension. This extension will feature a proprietary end to end encryption system developed by myself loosely based on Signal.

This extension will be be FREE when it comes out but I want to make sure there are no lingering issues. No prior experience is necessary.

Interested? Glad to hear, please reply to this discussion with your Discord username or message me @Kyrne#9728.

I look forward to hearing from you all!

Kylo

Kyrne oh what a great surprise it is!

[deleted]

Kyrne you already know my discord address 👍

Littlegolden

Kyrne So great!💌 @Golden#0481

Kyrne

Did a bit of work on the UX today. Here's a little preview (WIP, subject to change, suggestions welcome, etc)

[deleted]

Kyrne I think a lot of people, including me, are very excited to see this finally come to life !

hrvoje_hr

You can count on me as well.

Fenix#9286

matteocontrini

Kyrne wow 🙂 being e2e encrypted, does this mean that messages are not stored on the server and are only visible while your local login session stays alive?

Yalfoosh

You can count on me, sent you a DM

katos

Count me in to help testing as always @Kyrne

Kyrne

matteocontrini messages will still be stored on the server but will not be viewable by admins.

MikeJones

You know I like helping you test! But I may be camping and away from data this weekend

Kyrne

Going to try to keep everyone updated on progress with the ext.

I don't have an ETA at the moment but as of today the core systems are basically done and it would almost work as it is. I still need to integrate the encryption system and this will take the longest.

I hope to have it out to 2-3 of you come the weekend with a full release by the end of May. This is obviously subject to change.

matteocontrini

Kyrne do you think it would be possible to have a version of this without the encryption? 😅

I think the UX/UI you designed is great, but having the encryption makes it hard or impossible to moderate private chats, which is something that is usually done by forum owners/moderators to prevent spam.

Kyrne

matteocontrini potentially in the future. I talked to another person about it and they thought it would be good to have a "request moderation feature." In which messages would be selected and then encrypted in a way moderators can view.

Yalfoosh

Kyrne This is better, because it doesn't screw with privacy laws. I have headaches because of GDPR and privacy laws in Europe because of how Byobu is structured. For spam there is fof/ignore-users, which you should have on a forum regardless of whether or not you have this extension.

While people might think that seeing other users' messages is part of the forum moderation, you have to be careful of how you advertise your messaging system. Byobu (or any other system without end-to-end encryption) is not even close to private messaging, and advertising your messaging like that could get you sued (instead you have to say it's direct messaging).

The only reason why you might need the messages themselves is for the police and courts. Private messaging should be the responsibility of those who message.

Alkir

Kyrne
I'm ready!
👨‍💻
Alkir#9885

matteocontrini

Yalfoosh I'm sorry, but that's what privacy policies are for... Users shouldn't "think" that messages are moderated, they should read it in the privacy policy before they accept it.

Yalfoosh

matteocontrini As I've said - sure. But you cannot say that is private messaging because there is no privacy since a third party can see whatever is said. It's direct messaging, and a legal headache (because privacy laws are different from country to country).

I guess my point is this: while it's true that you can just write whatever in the privacy policy, you cannot override law. If you're dealing with users in which country some part of your privacy policy is illegal, you'll have to disable either the extension for those users, disable their access to the forum as a whole, or just change the extension you have to comply with the law.

Ralkage

Yalfoosh when I was speaking to the other person in our ReFlar group at the time who was working on a “PM” system before we let him go, we had a huge debate about it being a “Private Message” vs “Direct Message” system and I always fought for the latter 🤣

I mean are Private Messages actually private if you allow other people such as Admins or Mods read messages that are supposed to be considered “private” in the first place? This is why Vbulletin never had a UI to view private messages and it wasn’t until someone created an add-on for it that cause a big fuss in the modding community.

I will always favor “Direct Messages” all the time because that’s what they are essentially. We can thank Instagram for making that terminology popular.