Messages are encrypted before sending, and are decrypted before displaying them to the user. So, again, the evil MIM (man in the middle) cannot peep in to find out what you are talking about.-housetier
i just want to point out some important details
neither mircryption, fish, nor otr are safe from a
man in the middle (MITM) attack.
same
holds true for pgp, and therefor gnupg.
the wikipedia article mentions OTR as a counter measure against mitm,
this is not truethis is not a problem with the encryption itself, but with the way keys are exchanged / agreed upon.fish and mircryption use (can use) DH1080 (which is straight forward
diffie-hellman key agreement) to exchange secrets.
to work around mitm attacks one has to establish a truly secure channel to exchange secrets, or part of a secret.
for instance, meet in person and exchange keys in a safe/secure environment.
to make it more difficult for eavesdroppers one can use multiple weak security channels to transmit parts of the secret
with the intend of making the exchange happen in so many places at once, that it's too complicated to wiretap all channels.
anyways, nice article housetier!
and to everyone: protect your privacy!