Comment by bogwog a day ago
> I don't really see how it's possible to mitigate client compromise
Easy: pass laws requiring chat providers to implement interoperability standards so that users can bring their own trusted clients. You're still at risk if your recipient is using a compromised client, but that's a problem that you have the power to solve, and it's much easier to convince someone to switch a secure client if they don't have to worry about losing their contacts.
Right, I get what you mean.
But in a way, I feel like sometimes it makes sense to not completely open everything. Say a messaging app, it makes sense to not just make it free for all. As a company, if I let you interoperate with my servers that I pay and maintain, I guess it makes sense that I may want to check who you are before. I think?
We probably can't make it free for all, but for something like a messaging app, we also need to recognize that it isn't optional to function in society. It should be regulated more like a utility:
- Facebook can still control the identity, but there needs to be a legal recourse for getting banned, and their policies can't discriminate against viewpoints, for example
- The client specs should be open so that an alternate client can be implemented (sort of like how Telegram is currently)
> Easy: pass laws requiring chat providers to implement interoperability standards so that users can bring their own trusted clients.
In Europe that's called the Digital Markets Act.