Hacker News new | ask | show | jobs
by AdmiralAsshat 3112 days ago
One of the key features of something like Signal is not just security, but authentication: if I'm talking to my girlfriend over Signal and it tells me that her key suddenly changed, I stop talking to her, call her, and ask her what's up (and, to be fair, it's happened twice so far due to changing phones). It's supposed to stop a MITM attack, so that someone cannot pretend to be her and continue the conversation.

What will your authian bot do, however, if the key changes? Will it happily continue communicating with the new, possibly malevolent recipient?
2 comments
subway 3112 days ago
Does signal even allow bots? They have pretty draconian terms on allowing 3rd party clients to connect to their service.
link
authian 3111 days ago
Where the key changes and the API supports it, we will definitely use such a feature.

Concerning Signal though, it does not support bots (officially).

link