red-star-fighter
commented
3 years ago Emotes could be preserved, as they only send the name and ID in the message. In fact, encrypted messages could use custom emotes without requiring nitro.
Open VioletStorm opened 3 years ago
red-star-fighter
commented
3 years ago Emotes could be preserved, as they only send the name and ID in the message. In fact, encrypted messages could use custom emotes without requiring nitro.
VioletStorm
commented
3 years ago Emotes could be preserved, as they only send the name and ID in the message. In fact, encrypted messages could use custom emotes without requiring nitro.
Well I'm a fan of that!
DefkieHaust
commented
3 years ago It would be great if we could have entire servers encrypted
hairyfred
commented
3 years ago It would be great if we could have entire servers encrypted
You would have to give every user in the server the key Its not really practical hense how are you going to give each user the key securly
VioletStorm
commented
3 years ago It would be great if we could have entire servers encrypted
You would have to give every user in the server the key Its not really practical hense how are you going to give each user the key securly
The biggest issue here is that you can't encrypt other messages for members on their behalf. I suppose someone could use a slash command to encrypt their messages in a server, but I don't think a slash command would be good for this. It would be quite cumbersome.
Having something in the right side panel that you could just enable with a toggle that would automatically encrypt and decrypt all messages for that DM would be so much easier, and like Fred said it would be a hassle to give a key to a whole server, much easier on a person by person basis though.
VioletStorm
commented
3 years ago Although group DMs would be the same deal as 1 on 1, so that could satisfy that multiple people being encrypted need?
KaKi87
commented
3 years ago Regardless of the encryption algorithm used, it would be nice to make it available on both Aliucord and BetterDiscord so it could be multiplatform. Thanks
red-star-fighter
commented
3 years ago The ability for an encryption plugin to be multiplatform would be paramount for its success. I'd personally wish for a version for goosemod too, as goosemod can be installed on top of other client mods.
VioletStorm
commented
3 years ago The ability for an encryption plugin to be multiplatform would be paramount for its success. I'd personally wish for a version for goosemod too, as goosemod can be installed on top of other client mods.
Since blowfish is a standard, all you'd need is a way to input the key into your DMs, and then a system to decipher any messages that look like blowfish automatically thereafter, as well as encrypt messages you send. That's something that any client mod could easily implemented, since so long as it uses a real blowfish algorithm everything else would "just work", no client to client communication would even once be needed.
Vendicated
commented
2 years ago @mantikafasi is working on encryption
hiddeninthesand
commented
2 years ago It would be great if we could have entire servers encrypted
You would have to give every user in the server the key Its not really practical hense how are you going to give each user the key securly
Would an asymmetric key-pair not work? It's how the Signal protocol securely exchanges keys, and if Discord cannot be trusted to not MITM attack public key exchanges, a rudimentary verification system could be implemented.
TymanWasTaken
commented
2 years ago It would be great if we could have entire servers encrypted
You would have to give every user in the server the key Its not really practical hense how are you going to give each user the key securly
Would an asymmetric key-pair not work? It's how the Signal protocol securely exchanges keys, and if Discord cannot be trusted to not MITM attack public key exchanges, a rudimentary verification system could be implemented.
I already have a basic implementation of exchanging AES keys via RSA and then encrypting with AES, it just needs to be finished really (I also went completely excessive and used max length for pretty much everything lmao) https://github.com/TymanWasTaken/aliucord-plugins/tree/main/EncryptDMs
hiddeninthesand
commented
2 years ago Does it work transparently without user intervention required?
TymanWasTaken
commented
2 years ago Does it work transparently without user intervention required?
The initial setup will require some interaction (as I'm not just going to make it autosend messages for you) but after setup it will just intercept all messages sent and received to encrypt/decrypt them respectively
hiddeninthesand
commented
2 years ago Are keys ever backed up to Discord? I'm not sure if that would fall under API abuse but I can imagine it'd be possible to do.
TymanWasTaken
commented
2 years ago Are keys ever backed up to Discord? I'm not sure if that would fall under API abuse but I can imagine it'd be possible to do.
I mean if you really want to backup keys the place it stores all keys is /sdcard/Aliucord/settings/EncryptDMs.json
TymanWasTaken
commented
2 years ago Keep in mind I'm not going to go all out with this because Just use signal or matrix or something actually designed with encryption in mind
Description
"Encrypt" DMs using the Blowfish method.
More info
Add a button to the tray in DMs which allows you to enable encryption within that specific DM and lets you set a keyphrase. Once enabled, all messages sent in that DM will automatically be encrypted. All people within the DM who have this mod enabled and the proper passphrase entered will have the encrypted messages displayed in decrypted plaintext. Others can always use a decrypter app. Emotes could be excluded from encryption if sent without text, unsure if they could be preserved through encryption though.