Git-Mirrors/anarsec.guide
1
0
Fork 0
mirror of https://0xacab.org/anarsec/anarsec.guide.git synced 2025-06-08 23:02:55 -04:00
Code Issues Projects Releases Packages Wiki Activity

memory opsec, recommendations, cwtch

Browse source
This commit is contained in:
anarsec 2023-11-15 17:22:05 +00:00
parent e99852e67c
commit c2030e55b6
No known key found for this signature in database
5 changed files with 19 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

2
content/posts/e2ee/index.md
View file

@ -78,6 +78,8 @@ You can learn more about how to use Cwtch with the [Cwtch Handbook](https://docs
Anyone can connect to a public Cwtch account when it is online. In the future, Cwtch bots that are semi-trusted (which are hosted on a Cwtch server) will enable first contact when the public Cwtch account is offline.
Cwtch will reject connections from blocked contacts, and if the setting "Block Unknown Contacts" is enabled, you must be the one to add a contact in order to establish a connection. This greatly limits the kinds of features that untrusted contacts can access. However, this setting is less relevant for public projects that need to be able to be contacted by anyone.
**Resiliency to correlation attacks**
Real-time messaging applications are particularly susceptible to end-to-end correlation attacks because of the ability of an adversary, once they know their target's ID on the messaging platform, to trigger incoming network traffic on the target's side by sending them messages on the platform (when the target is online). "Appear Offline Mode" in Cwtch allows a user to selectively connect to trusted contacts and groups, while appearing offline to everyone else. An [issue](https://git.openprivacy.ca/cwtch.im/cwtch-ui/issues/712) is open to further address this.