[jonajon]

> This is the wrong idea of what an encrypted and secure social network should be. Networks need to be moving away from this centralized model into a system of routed nodes for a secure, encrypted peer-to-peer system.

There are many people working on this problem from many different angles. The logical first step for us was to create a zero-knowledge public key infrastructure that decentralizes trust. This system doesn't preclude decentralization of data, which is another problem in itself, and it's something we're working on. The Cryptosphere project (https://github.com/cryptosphere/cryptosphere) has some really neat ideas that need to be discussed more widely.

We have to keep in mind, though, that decentralization of data is not always practical in terms of large-scale adoption and accessibility. It’s one of the reasons why Diaspora didn’t go as far as it could have, IMO.

> It's not open either, which is arguably even worse than having a central system in the first place.

We’re progressively releasing our code on Github and plan on being fully open in the near future. If you haven’t already, you can check out our white paper and some of our repositories at https://github.com/symeapp.

> while the content itself is encrypted, the "metadata" still isn't, which renders everything moot anyway. Timestamped messages are still too much information to be giving away to people

This is the same as what happens when you use PGP. You have a timestamped message and a clear link between sender and recipient. If you need to hide the fact that you are communicating with a person in particular, Syme (or PGP for that matter) may not be the right tools.

There are several very interesting solutions to the problem of metadata that are being discussed currently (https://leap.se/es/docs/tech/hard-problems#Meta-data.problem). We don't think an acceptable solution has been found yet, but auto-alias pairs seem like a promising avenue.

[sillysaurus2]

> while the content itself is encrypted, the "metadata" still isn't, which renders everything moot anyway. Timestamped messages are still too much information to be giving away to people

This is the same as what happens when you use PGP. You have a timestamped message and a clear link between sender and recipient. If you need to hide the fact that you are communicating with a person in particular, Syme (or PGP for that matter) may not be the right tools.

You've set your sights much too low, and it's unfortunately going to limit your product's market value.

Hiding metadata is a difficult problem to solve, but it's vital.

[Amadou]

Hiding metadata is a difficult problem to solve, but it's vital.

I expect you'll have to burn bandwidth. Broadcast "all" messages to "all" users, users can only decrypt the messages intended for them, discard the others. There are probably tricks you can do to reduce it to a fraction of "all" messages but I bet it will still be a substantial amount of bandwidth.

Perhaps usenet will see a revival.

[zachlatta]

If you're interested in this approach, take a look at Bitmessage. https://bitmessage.org/wiki/Main_Page

[jonajon]

There's currently no good solution to the problem of metadata when you're handling persistent messaging. It remains an active field of research, and we hope we can contribute to the discussion.