Closed netuser01 closed 2 months ago
hantu85
commented
2 months ago Attachments are shared by uploading them to the server and generating URL that allows to retrieve them. This URL is sent to your contacts. URL contains random part, so guessing it is not simple. However, anyone that would know this URL will be able to download the time.
In case of OMEMO, it would download encrypted file, but encrypted file is downloadable when the URL is known by anyone.
netuser01
commented
2 months ago Thanks for your help.
netuser01
commented
2 months ago I just need some clarification. So, when OMEMO is enabled, everything is encrypted including the file? But anyone who could obtain the URL for the file could get at it, and this would be based on http which is unencrypted?
hantu85
commented
2 months ago Clients upload and fetches encrypted content of the file using HTTPS to be exact (or even HTTP/2 if supported by HTTP server). However, anyone knowing URL can download encrypted data with file content.
netuser01
commented
2 months ago Thanks
Hello,
Im using Siskin IM version 7.3.3 on a ipad using 17.5.1 as the OS.
I was wondering when I go to share files, even if I’m using OMEMO encryption for both sender and receiver, are my attachments unencrypted? I get a message saying that “when you share files, they are uploaded to HTTP server with unique URL. Anyone who knows the unique URL to the file is able to download it. Do you wish to proceed? “
I don’t want just anyone except the intended receiver to get access to the attachments.
Thanks for your help.