Discussion

People use Discord and Slack for different reasons.

If you want to create an alternative — the place to start is NOT E2EE (end to end encryption).

A place to start is understanding all these different types of users and use-cases. And then deciding which of these user types you are making the software for.

Some of them need E2EE, but some do not.

Greg

@gregalotl@c.im · 2 weeks ago

@reiver
Welcome to 'Design Thinking'!

Strypey

@strypey@mastodon.nzoss.nz · 2 weeks ago

@reiver
> People use Discord and Slack for different reasons

My impression is that for most communities it's an alternative for web forums, not for IM or IRC. So for these folks, Lemmy, Discourse or nodeBB might be a more helpful suggestion than XMPP or Matrix.

I noticed this back when Slack pulled their bait-and-switch by turning off their IRC and XMPP bridges, and wrote up a page of replacement options;

https://web.archive.org/web/20190824090001/https://www.coactivate.org/projects/disintermedia/slacking-off

(1/2)

#Discord #Slack

@dansup

Slacking Off - Disintermedia - CoActivate

Nando161

@nando161@partyon.xyz · 2 weeks ago

@strypey @reiver @dansup https://prism-break.org/en/all/#instant-messaging

All Projects - PRISM Break

Opt out of global data surveillance programs like PRISM, XKeyscore and Tempora. Help make mass surveillance of entire populations uneconomical! We all have a right to privacy, which you can exercise today by encrypting your communications and ending your reliance on proprietary services.

Strypey

@strypey@mastodon.nzoss.nz · 2 weeks ago

Huh. Prism-break.org is still a thing. Who knew?

@nando161 @reiver @dansup

Ben Vidulich

@ben@gts.zl4bv.com · 2 weeks ago

@strypey @reiver

My understanding of OP's post is that people may use these tools for reasons other than forming personal communities with like-minded privacy enthusiasts. Each user's communication needs come with a different threat model and only some cases would benefit from E2EE.

For example, folks in corporate environments can benefit from E2EE while discussing commercially sensitive topics or customer information, but point-to-point encryption is usually enough because corporates will sue the chat software company if a data breach occurs. Data loss won't be part of the company's threat model unless it risks a material impact to profit.

Open source maintainers generally hold discussions in public or with a wide audience, so loss of confidentially isn't a concern. Therefore, E2EE is unnecessary most of the time for open source projects.

A patient having a telehealth consultation with their doctor strongly benefits from E2EE because any confidential discussions leaking could result in harm or discrimination.

A chat with family or friends could benefit from E2EE to avoid messages being harvested for targeted advertising. However, only some people consider ads a threat and therefore only some people will recognise a benefit from E2EE.

Strypey

@strypey@mastodon.nzoss.nz · 2 weeks ago

@ben All fair points. I'd only add that what's a sensitive communication is not only always obvious at the time. A decade ago in the US, a chat about having an abortion or a gender transition wouldn't usually have been considered sensitive enough to need E2EE.

In an age of normalised dragnet surveillance, normalised E2EE is how you avoid coming to the attention of people who might decide to do targeted surveillance on your later;

https://disintermedia.net.nz/get-a-room/

@reiver