Security researches may claim that allowing third party clients may make it easier to compromised clients to exist and expose third-party data (aka data from people not using those clients but those contacting those using those clients).
But, let's be real, we all know clients should not be trusted. IIRC that's why Signal implements deniable authentication. One thing I would love to implement on a Signal client (or on the official one) is the possibility to a user to edit any message in the history, thus, making screenshots of message logs completely pointless, as those can be easily forged.
WhatsApp also implements deniable authentication but message logs from it are used and considered proof in courts (unless someone detects device rooting or similar). So, it's useless in practice.
Gustavo
npub1pu…ky6em
2025-02-28 18:36:17 UTC
in reply to nevent1q…s2q4
Author Public Key
npub1pudu5mxvpme2sgmmegdazt4vgsyu7v0em2xr55nzvzt92kem35nsrky6emSeen on
wss://relay.momostr.pinkPublished at
2025-02-28 18:36:17 UTCEvent JSON
{
"id": "f239fb2cffb27a98e52ce04c5aaccadb32d9d3f7a987559ec0b66ebd22f0323f",
"pubkey": "0f1bca6ccc0ef2a8237bca1bd12eac4409cf31f9da8c3a52626096555b3b8d27",
"created_at": 1740767777,
"kind": 1,
"tags": [
[
"p",
"0f1bca6ccc0ef2a8237bca1bd12eac4409cf31f9da8c3a52626096555b3b8d27"
],
[
"e",
"0212213c6b7a90df05a711c20d9a8599305534227b71dc5637fe2cfa3ba8b388",
"",
"root",
"0f1bca6ccc0ef2a8237bca1bd12eac4409cf31f9da8c3a52626096555b3b8d27"
],
[
"proxy",
"https://urusai.social/@qgustavor/114082957076531124",
"web"
],
[
"proxy",
"https://urusai.social/users/qgustavor/statuses/114082957076531124",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://urusai.social/users/qgustavor/statuses/114082957076531124",
"pink.momostr"
],
[
"-"
]
],
"content": "Security researches may claim that allowing third party clients may make it easier to compromised clients to exist and expose third-party data (aka data from people not using those clients but those contacting those using those clients).\n\nBut, let's be real, we all know clients should not be trusted. IIRC that's why Signal implements deniable authentication. One thing I would love to implement on a Signal client (or on the official one) is the possibility to a user to edit any message in the history, thus, making screenshots of message logs completely pointless, as those can be easily forged.\n\nWhatsApp also implements deniable authentication but message logs from it are used and considered proof in courts (unless someone detects device rooting or similar). So, it's useless in practice.",
"sig": "bf850ca9b6833f8b5f6235dcfc6e4a8e14ff9f4ab03ece4ae0c754de6c0e7a902faf8dbdd348b526d5210dc59ff63f188dcdae9b72037ae7817d4fa815d4adf1"
}