home.social
Sign in Create account

#libolm — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #libolm, aggregated by home.social.

  1. Strypey @[email protected] ·

    @Forbearance
    > An irate blue wolf told me that Matrix was afflicted with a Library of Olms and we shouldn't use it

    This person is spreading FUD.

    "The CVEs have since been edited post-submission to conflate libolm with the Olm protocol itself. A genuine protocol vulnerability would be much more serious so we are working with MITRE to clarify."

    matrix.org/blog/2024/08/libolm

    libolm has been formally deprecated in favour of a new Olm library.

    #Matrix #Olm #LibOlm #vodozemac

    @drwho @matthew

    #matrix #olm #libolm #vodozemac
  2. CryptGoat @[email protected] ·

    FYI: A ton of third party #Matrix clients use the deprecated #libolm library for end-to-end encryption which suffers from multiple vulnerabilities:
    soatok.blog/2024/08/14/securit
    libolm has now been deprecated: gitlab.matrix.org/matrix-org/o
    These vulnerabilities appear to be known for quite a while now but are not a considered serious issues by authors of other Matrix clients.

    There is a "new" #Rust based crypto library called #vodezemac that has been used by the official #Element clients for about 2 years.

    #FluffyChat and #Nheko are working on their clients:
    github.com/krille-chan/fluffyc
    github.com/Nheko-Reborn/nheko/
    Keep in mind that these clients are personal projects maintained by their authors in their free time. Element has a dedicated team for security aspects.

    Edit: This post has been edited to include some corrections

    #Security #Messenger #Olm #FOSS #Privacy

    #privacy #foss #olm #messenger #security #nheko