I've been thinking about this for a while, that there's kind of not a great solution, that I know of or can think of, for long-form internal political discussions within an organisation. There are of course existing platforms that are not private (like you could have a Facebook group for instance).

There's obviously a lot of encrypted chat apps out there but they're all more "texting" form and are not great for like forum-style discussion.

The best I can think of might be Matrix, but it's more of a chatroom style format and I've not tried using it for this forum-style of discussion which I'm not sure if it works smoothly for.

Tbh a mailing list would kind of be my ideal (I assume there's mailing list software out there that integrates with PGP so we can protect our emails) but so many people in organising spaces are pretty tech-resistant boomers (no offence to the older generation, I'm aware it's a generalisation that doesn't apply to everyone) and it'd be hard to get everyone to use PGP I think. Also email is just not very secure in the first place and would expose a lot of metadata, making it not suitable for organisations that are heavily criminalised or otherwise have a higher threat model. Not to mention that the mail server in question would be able to read the emails sent to the mailing list, as it has to decrypt emails sent to the mailing list in order to encrypt it with all recipients' personal PGP keys. And there's just so many points of failure in terms of all messages to the mailing list getting accessed if just one member gets compromised.

Maybe I'm missing an obvious solution, in which case please tell me of course. But this is just an issue that's crossed my mind over the years as I've watched organisations use insecure platforms for long-form discussion, and I cringe, but I don't think I know the ideal solution either.

  • xj9 [they/them, she/her]
    ·
    5 days ago

    I can't believe I forgot about it, but secure scuttlebutt fits the bill here pretty well. The protocol has issues and the default clients are open to anyone by default, but the security properties of the design are pretty interesting and definitely applicable to building encrypted long form communicate nets. Bamboo Earthstar and Willow are all based on similar ideas and may also be useful. I have gotten a little use out of Briar, but being mostly phone-centric makes it hard to use the forum for actually long messages and complex discussions.

    I have been working on a protocol for mobile adhoc mesh networking an general purpose coms that could fit the bill, but i'm still in the very early stages so its not really useful, but some of the research and project links at the bottom might be interesting.