BTW someone should really remove Keybase from privacytools.
The only messenger which is opensource, decentralized and encrypted seems to be Session Messenger, an that isn’t even being recommended by Privacytools. Why?
Anyway, what a crap show, the messenger scene. Makes me ill.
Also if you look at our Cutting the Wire article we mention two points:
Morpheus Ventures holds a portfolio including companies in healthcare, voice AI, life insurance, and retail customer data analytics: All sectors that have historically used invasive data collection methods to survive.
Yet another red flag, and one of the more important ones to us, was is that Wire decided not to disclose this policy change to its users, and when asked why, Brøgger was flippant in his response, stating: “Our evaluation was that this was not necessary. Was it right or wrong? I don’t know.”
I am inclined to agree with @Supernova in regard to Zoom just wanting acquire technical and intellectual support regarding encryption. It is likely their way of responding to jitsi’s example of E2EE.
Zoom’s decision from a business point makes a lot of sense. It would be very risky to not have something planned in response. They also got a lot of bad press regarding their bad marketing (saying they had E2EE when they didn’t), so I think sitting back and waiting for Jitsi to implement it and doing nothing just was not a realistic pathway for them to regain any kind of trust.
It is also likely that Keybase had issues really finding a way to monetize their platform without compromising on their ideals. They were giving KBFS storage and everything away for free.
I don’t think the model for Zoom has ever been to have analytics as the main path generating revenue. It seems to be more about marketing paid plans for paid features. That said I am concerned by Zoom’s announcement that E2EE will only be for paid customers. Hopefully that changes in the future.
I do think generally a lot of companies use the Facebook APIs without realizing the kinds of data it is collecting on their users. This presentation at CCC 35C3 How Facebook tracks you on Android indicates a lot of companies don’t realize the impact.
Okay, so you’ve established your use case here, with your family.
I don’t see how this would be a problem. Wouldn’t your family already have your phone number?
This is a really poor generalization. In regard to E2EE, that’s in the hands of the client. Sure, a home server may be able to tell who is talking to who, and if you’re really concerned about that, maybe setup your own, or buy an instance from modular.im which is pretty cheap and invite your family to that.
You’ll find decentralized distributed platforms that lack servers have less features. That is really a trade off.
We have a issue open but as nothing has really changed we see no point in removing it yet.
The reason is because session is very new, and a bit experimental. We’re waiting to see how that pans out and what the community things of it in regards to stability. That said we have this tracking issue in regard to it’s inclusion.
Since the re-organization of the instant messenger page we’ve taken a policy of not recommending products which are not mature enough to be depended on for every day use.
I understand the need for a wait and see approach and I agree it is the wiser thing to do in these situations, but, does PT have an internal timeframe for delistings when a product has been potentially compromized? 2 weeks? 1 month? Is it a passive approach, ie, scouring the internet for newsbites or do members actively contact the company/devs to determine what is happening regarding the acquisition?
Regarding Signal and Telegram and their need for a phone number to register a user account; many people, not just me have taken issue with this as it is an invasion to one’s privacy. I should not need to have a phone number to chat securely with other people. Maybe I’m crazy for thinking like that, but it just doesn’t compute, that a secure messenger needs a meatspace identifier.
Now i know the counter arguments, but regardless of the origins of Signal, now in 2020, years later when SMS is essentially irrelevant, why are they still pursuing this avenue with phone numbers? Forget about your phone number being compromized internally by Signal somehow (even though there is possibility), but, if I have to get a phone number my security can still be compromized outside of the Signal eco-system by the telco and other agencies.
It just doesn’t make sense anymore to have a phone number necessary for an account. Riot doesn’t need it, Session doesn’t need it, ZOM doesn’t need it, and others like TwinMe etc. But this is a dead end talking point as Signal will apparently never have email signups. There was a thread about this and it was closed by the lead dev.
There is no specific time frame as every situation is different. In regards to Keybase, nothing has actually changed with the product source code is the same as it always was.
I think delisting at this point would be pending an announcement of it’s discontinuation. I doubt Zoom is going to do this, until at the very least their product has all of the features Keybase currently has, or at least most of them.
Sure, and with general people on the internet, that makes perfect sense. However you did mention your family. It’s entirely suitable to use Signal with your family and Riot with everyone else, or Riot for everything.
It comes down to:
Your family already knows your phone number
If you use riot with your family the home server admin might know who you talk to, but not what you’re saying. They’re not going to know if they are random people or indeed your family. If you have your own home server then they won’t know that either, unless they connect from another server.
Either I think are entirely acceptable in this threat model.
I think that was because Signal was designed to be private, but not anonymous.
Sure, sim jacking is an issue. However with Signal you can verify identity via a QR code. The keys are stored on the device, so they would have to change, and the other recipient would be notified of that change.
Please, picture the PTIO folks are willing volunteers, not really burdened by time frames in a usual corporate culture sense.
I think another reason they require a number is that to limit bot accounts. If the service is flooded with bot accounts spamming, it is not desirable. These are open source projects and thus plugging bots in should be trivial to code in theoretically.
Its a bummer to ask for a phone number, so I am eager to see how Session turns out as well.
No ofense, I understand your point but I think y’all contradict themselves over there. You list Jami which literally doesn’t work, but Session which is far more mature isn’t listed?
Good thing about Telegram, though, is that you do not need to show your phone number to other people, you can hide it on your settings from everyone and people can find you through your username.
Remember telegram doesn’t use audited encryption (MTProto 2.0 is not audited) and it is not on-by-default, meaning many people think their conversations are secured, when in fact they are not.
Also collecting phone numbers regardless of whether they are visible to contacts is a big no no.
Not sure how you can claim Jami doesn’t work. I have never had an issue with it working.
Also, Session seems to be even more alpha than is claimed. I have never received a notification that a new message has come through, and it alerts me non-stop about random useless updates about Loki.
Worse, the service is located in Australia and does nothing to offer assurances that the AUS gov’t isn’t compromising or can’t compromise their service. While they are hardly alone being based in a shitty country (Signal), Signal offers far more assurance that they cannot access your chats.
They claim “Only by decentralising the routing and storage of communications can it become truly private under this new legislation.”
Except many have said it’s expensive and not worth it to run a node, and they even admit that nothing is stopping the gov’t from running one (and then theoretically forcing Session to route traffic to it).
Of course, we just don’t know yet. Session is new and has not been tested in a situation such as this.
My point is not that you shouldn’t use Session, but they are far from being mature enough to back up many of their claims, and they are not mature enough in the dev process because it’s still really buggy.
I hope they become all of these things, it’s a cool ass app. But I think it’s weird people are championing them so early on.
The Loki Network is still using proxy connections, they haven’t even transitioned to their onion routing yet. Way too early to make any judgements on this system.
I was able to send maybe 5 messages and then it stopped working, I couldn’t receive a message to a phone which was next to mine, that kind of working.
Yes, I know that, but at least you’re not forced to give your phone number to someone on the internet, it’s still a shitty thing, but it’s better than nothing, I’m not defending Telegram, just comparing.
I have had a whole lotta issue with it, I’ve used it once and that’s about it, keep it installed for some time to see if it started to work but nothing. I don’t understand why you’re surprised, though, most of the people I’ve read say that it doesn’t work. Still, I love the project.
I’ve always received notifications, and the thing about updates happens when you delete the chat with those messages, I know it’s annoying but if you don’t delete it it doesn’t pop up.
Okay then, you’re right there.
The government running nodes is something which can apply to any software that relies on running nodes, but hopefully there are methods that can prevent them from gathering data.
Okay, I understand all that and I think you’re right, the only thing I’m saying is that it sends messages with a proxy and it does it flawlessly (except a few times, and bugs are related more to media-messages) compared to Jami, which at least in my case, wasn’t able to use for more than 1 day, compared to Session, which I used for almost 2 months.
Well, if that were really the reason, then all these other messenger services would do the same, especially Matrix/Riot, but that is not what we see. Of course, volume is different between Signal and Matrix, but still, if it were a real concern we would see Matrix enforce phone reg. Since they don’t, I think the real reason why Signal still uses phone number reg is:
it is because their system was built around SMS
conspiracy reason; because Signal is in the US and the NSA wants to be able to track phone numbers. I know i know, their servers are encrypted and couldn’t possible get access to user phone numbers right…mmmm.
.
.
.
A state law enforcement agency, or intelligence service, can then force local mobile telcos to disclose the names of the persons behind those phone numbers. In the case of the Hong Kong protests, Chinese officials could get a list of people who organized or coordinated protests via Telegram.
The above is regarding Telegram, but it could, also apply to Signal.
This feels uncertain. We should be able to track if shenanigans are going on the server side.
I feel like reason number 1 is more likely. Their move to mimic FB Messenger seems to suggest they would like to meet user expectations about instant messengers in general.
If the Chinese can do it (albeit with Telegram), why do you think the NSA can’t? I think that is whishful thinking.
Read the full article and pay close attention to Nobody.
“Changing to a different app like Signal is not a viable option for us. Because the way the protestors communicate heavily depends on the support of very large groups […] in which Telegram has really good support,” Chu said.
"On the other hand, Signal and Wire groups are limited to a few hundred people, and Signal makes your phone number visible to everyone anyway.
In regard to that Signal actually has very little data. They talk about Sealed Sender. In that article they also mention a real subpoena and what they were able to offer.
For something like that Matrix would have been a better choice. The reason being is that even if the Chinese government banned a particular home server, users could just create an account on another one.
"On the other hand, Signal and Wire groups are limited to a few hundred people, and Signal makes your phone number visible to everyone anyway.
and for groups of that size E2EE isn’t helpful. The government could easily just enter the chat room and monitor conversation.
There are in fact many Chinese users on Matrix. I also believe there’s many Chinese Matrix servers operating behind the GFW, some of them not federating).
And for private, smaller conversations there is E2EE on Matrix. The cross-signing and verification is an excellent addition.
Something I would like to see is it easier to use Riot through Tor.
So, in the case of the protests as an eg, Govt agents join a chat group on Signal and they can see all that groups phone numbers. They go to the Telcos, give the phone numbers and track them to their location. How is that not a threat vector?
Also in the document, the redacted submission does supply an account number or phone number. Yes, it only shows connection/disconnect, but the phone number is the important attack vector. A Govt agency can use that to track you. Once they have your location in 3D, they can target you in so many ways.
With a messenger that does not use a phone number for registration, it is more difficult by orders of magnitude to connect the virtual identity to a real persona. For instance, TwinMe messenger doesn’t even use an email address to create an account, the system creates a random string as your identifier.
Yes, and the standard use case for Signal, is not protesting the government. It is about keeping your conversations confidential unlike SMS.
For that you’d probably want something like Briar as you likely would not need VOIP or any of the other features Signal provides. My point was it’s better to not collect phone numbers at all than promise to hide them.
Also twinme is not open source, and only for mobile platforms. Briar is still a better choice if you have government protests in mind.
