This post was published 120 days ago. The infomation described in this article may have changed.
I just found Freedit by lurking on another social site with a similar name (you could guess which one I’m referring to). I’d love to build a community based on the software, but I don’t think it’s really complete without the ability to send and receive private messages between users. Is there a roadmap or planned feature for this within Freedit?🏷️ features
I agree that encryption is desirable, but since it’s impossible to implement without JS, I think it would still be preferable to have plaintext private messages as long as the user is made aware that the content could still potentially be read by the server admin. This could be combined with a recommendation that users who want strong privacy should encrypt their messages with a local PGP application like Alice and Bob (aliceandbob.io) prior to sending them.
Link 1: https://securedrop.org/news/future-directions-for-securedrop/ Link 2: https://github.com/orgs/freedomofpress/projects/17/views/5?filterQuery=encrypt
In order to use e2e messaging (receive private messages) the user must upload a public key or generate one (also in the client with a browser).
The public key is stored in the user’s profile and is used to encrypt messages sent to the user. The only supported key-agreement algorithm is ECDH. And the only supported encryption algorithm is AES-256-GCM.
Now, you can test to send e2ee(end to end encryption) messages.
In order to use e2ee msg, your receiver must generate a key pair and upload public key. So if you want to receive e2ee msg, you must do the same.
There are some bugs that you may not decrypt your msg. (I don’t know why). So you’d better send one msg to yourself to make sure you can decrypt your msg.