As I noted within my post #9955859@lemm.ee (alternate link), I found that thumbnail generation in Element is an enourmous privacy, and security vulnerability. Thumbnails are generated server-side, regardless of E2EE settings. What this means is that the URLs that one sends would be leaked out of your encrypted chats to the server.

  • Kalcifer@lemm.eeOP
    0·
    9 months ago

    OP can edit comment, sign with a different key and claim his comment was edited by the admins.

    Dang, that is a scenario that I hadn’t considered. I’m not sure that there’s anything that can be done about it.

    content-signature:h0Iy5AaMSi9fo+LeWpR1hFpbRygi066LKPL7+5aDJ4Y0mf33R8/E+wn9At+N0dvNr8HH1eAghGkpfCbfcoe5NzzcsRMgfl+qSYjrpb4DmN124DLLoFd7q55R/aqXdqqZP+4DaVTLVN5G2MKg5SPL0SMhHxTl6f4BUxhQCWy6PapqwvsG3D59hVQtNlgm4/ab7oo5ORIR+ENV59+rrssNxaNBsKud4rths93SFMCf/si3Uewo0VNCorTb/KUMoZaHv21zmneq5UxZRkqXD3ZR4/H7vDILWArp350OSpZxm69kTJAeBH3VuvYkKunMlouzsxEJqdLDaaApYWwSyyUYLQ==
    • glowie@infosec.pub
      0·
      9 months ago

      Why not just host your own lemmy instance on a cheap vps and be satisfied you’re the only admin heh