https://micahflee.com/ddosecrets-publishes-410-gb-of-heap-dumps-hacked-from-telemessages-archive-server/ - the "obvious" way to fix this is to forbid unofficial clients, which is not the software freedom perspective, but right now I have no idea whether someone I'm sending messages to is using a hacked client that's exporting everything in plaintext to an insecure cloud service and that feels like a bad thing?
Or maybe the answer is that this is a social issue rather than a technical one and I should just not be communicating with anyone I don't trust to not do that
@mjg59 You probably know better than most others that one could use attestation to cryptographically identify the client, but is that really what we want?
I see it more as a social problem. People could be screen-recording your conversation anyway, even with the official client.
@mjg59 I fear your pool of worthy communitcatees may be rather small.
@mjg59 If you're really unlucky they'll remember what you write to them
@mjg59
Basically this.
The trustworthiness of the person you are talking with is part of your threat model. You shouldn't be sharing information with someone you don't trust regardless of how exactly we can confirm their identity and ensure the channel's security.
@mjg59
Regrettably, this post gets my backing.
I mean it's essentially my repeated advice to my kids, isn't it?
"Once you send that private (picture|text|whatever), it's up to the recipient to *keep* it private."
There's rarely a good technical solution if the other end of the conversation isn't trusted.
But you know all this. I'm just lending the weight of a Random Internet Guy to the social>technical vote.