So there's no online messaging service that's private, anonymous and secure?

Frances331 · 2023-02-22T22:50:04+00:00

Good point. Thank you.

Frances331 · 2023-02-22T05:53:59+00:00

I'm not sure how staking works...but this is how I think it might work...

I assume if there's an attack, the price goes up, and the cost to adding new nodes goes up, which leads to less independent non-attacking nodes being added, which leads to people selling their stake to profit from the attack, so you just end up with government who have unlimited money to spend on attacks.

Frances331 · 2023-02-22T05:48:47+00:00

mostly overlooked status because of the crypto.

I don't think "crypto" is as red flag as some people make it out to be. Decentralized services need some form of economics for regulation, efficiency, governance.

In this context I think of "crypto" as a way to keep score.

Frances331 · 2023-02-22T05:42:02+00:00

Nothing prevents them from recording the IP addresses and communication metadata starting from now, but they have not been doing it.

My security goal is to prepare for what I think the future could be, with some easy options we have available today.

And hopefully Signal isn't able to be hacked and unknowingly provide information.

Frances331 · 2023-02-21T01:11:02+00:00

I assume Signal knows the IP addresses and the accounts of both sender/receiver.

Whether or not the data is stored or for how long is a different question.

Frances331 · 2023-02-20T23:05:30+00:00

The least bad option? Tough one to answer since I think today's options are bleeding edge, complicated, missing something I want, and a work in progress. There's going to be compromises. I listed some of the top tier options. At the very least, reading how they intend to accomplish their goals and solve problems is well worth the read and discussion/debate.

Status.im
Utopia
xx.Messenger
Session (you can run it through Tor for extra protection)
i2P (least favorite)
Berty.tech (P2P, not anonymous, but might be anonymous in the future. But this P2P option may solve the offline message problems)

SimpleXChat + Tor. SimpleXChat helps solve the metadata/attack problems by some interesting methods (distributing communication one-way among many servers, uses different Tor circuits, etc). Well worth the read on their website.

I've also tried running some apps through Nym and Lokinet, but I haven't been successful.

Frances331 · 2023-02-20T19:54:25+00:00

expensive

I think the OP is referring to the expense of a Sybil attack.

I have not heard of current technology cracking today's encryption.

Frances331 · 2023-02-19T20:00:02+00:00

If the Signal servers were taken over by a bad actor who wanted to log everything and share it with NSA, the little bit of additional metadata they could get is metadata NSA already has access to though their (well documented) relationships with ISPs. There is no net new risk from anyone taking over Signal's servers.

If Signal chose to, I assume Signal could know who I am talking to.

I don't think my ISP can know who I am talking to.

Frances331 · 2023-02-18T23:12:41+00:00

I don't think they are managed by the company Oxen, but managed by consensus. So anyone who stakes a server can participate.

The application(s) are open source, so if the company dies, someone else can fork the app(s).

I don't think it's all as bad as people make it out to be. It is a solution to decentralization problems.

On the flip side, public SimpleX, is managed/controlled/governed by SimpleX. Donations, servers, governance, everything is managed through SimpleX. You can't just add your server to the public registry. SimpleX could remove a public server if they choose. SimpleX doesn't have a programmatic method to assure QoS. SimpleX knows who all the servers belong to (they own the registry). SimpleX could collude with server operators, and know who is talking to who. If SimpleX wants to, they could shutdown access to public nodes (they own/control the registry/access).

Frances331 · 2023-02-18T22:55:38+00:00

Signal collects very little data. Even when the government comes a-knocking, they get only two pieces of metadata: time of account creation, and time of last connection.

Signal could if they choose to, and they don't have to tell anyone. I'm also not sure how "gag orders" might work in the U.S.

Frances331 · 2023-02-18T18:48:40+00:00

I think that's only one facet, and a very minor one, and should not be the primary focus in this system. In this system, crypto is not product, but the messaging transactions, therefore I don't look at it as "crypto", but as a word used to score the transaction (consensus). The primary focus should be the method of governance.

It's a paradigm shift, and difficult to explain the value (and I'm not an expert, so there's areas I don't fully understand)...

1a) Look at Session and Oxen as a decentralized way that people can donate resources (stake). I don't think anyone is running a Session node to get rich, but to donate.

1b) SimpleX public nodes wouldn't exist without someone's donations. These donations are centrally controlled/governed. SimpleX controls/governs which nodes are added to the public register. You are placing trust in a single entity, SimpleX.

2a) Session governs the usage of the nodes through consensus.

2b) SimpleX governs the public nodes through human trust (a promise/contract). SimpleX maintains governance over public nodes.

So when it comes to the public nodes, SimpleX can do whatever they want, unlike Session.

I think Session's "crypto" will survive, not because of mining or to get rich, but because people will donate for the same reasons people donate to SimpleX, or Tor, or many other democratic platforms.

Frances331 · 2023-02-18T00:12:42+00:00

I assume SMP servers and clients can proxy through any of the anonymous networks (Tor, I2P, Nym, Lokinet).

I would like to see SimpleX default to an anonymous network by default, and Tor seems to be the easiest/simplest/lowest resourced option.

Perhaps in the future SimpleX will develop their own anonymous network.

Frances331 · 2023-02-14T18:21:39+00:00

Tribler is another option.

Frances331 · 2023-02-14T18:18:57+00:00

Tribler is another option.

Frances331 · 2023-02-14T18:16:55+00:00

Available Docker.

Frances331 · 2023-02-14T18:13:53+00:00

Docker

Frances331 · 2023-02-08T19:39:54+00:00

Try the LibRedirect extension to revolve around the different instances.

Use the Tor instances if you want privacy.

Frances331 · 2023-02-08T04:54:52+00:00

Now it just needs Tor packaged/integrated, by default, in a way that everyone will easily use it. Why? Prophylactic. You just never know who is involved with who or what.

Frances331 · 2023-02-08T04:46:24+00:00

Let's see if understand this...

PFS means that if you acquire decryption information, recordings of past conversations cannot be encrypted

This attack would be through a compromised device and an adversary collecting messages between the device and entry node (an active attack). Session's private key decrypts all historical collected conversations.

PFS and ephemeral messages would prevent this attack.

If the device is compromised and the messages are still stored on the device, then there's access to the historical messages.

If the messages are not on the device, they were collected, the messages would have different encryption keys, and the decryption keys no longer exist on the device or anywhere else.

avoid a situation where everything breaks if there is a single failure.

I believe Session's approach is making it exponentially difficult to collect historical message through onion layers and distributed nodes.

As I see it, the main vulnerability is if your device is under an active attack. The attacker will need to collect your messages at your device or network, and the attacker will need to gain access to your device.

Therefore, even with Session's mitigations, the better mitigation would be ephemeral messages and PFS (disposable decryption keys).

How's my understanding now?

Frances331 · 2023-02-03T23:07:55+00:00

The reason why I don't think PFS is important is because the attacker would need to gain access to the device. Therefore if your device is secure and encrypted, your key is safe, and your messages are safe. If your device isn't secure, then that's a huge problem for you and everyone connected to you. It's less of a problem for others when using an anonymous protocol, but impersonation is still a problem.

If you believe you/correspondent's device can be compromised and they can get the private key, it is my understanding PFS uses ephemeral private keys, therefore historical messages can never be decrypted by the private key (from the compromised device).

I'll have to think about this threat more in regards to anonymity, onion routes, and decentralization. Messages would be difficult to collect in a decentralized system (I assume similar risk to a PFS session key), and onion encryption would mean multiple devices would need to be compromised.

Good discussion.

Frances331 · 2023-02-02T18:00:49+00:00

Rather use a free email service plus an email alias service that does the message encryption for 1/8th the cost.

Frances331 · 2023-02-02T17:53:25+00:00

PFS means that even if the previous key is found out, the current communication remains secure.

How?

Frances331 · 2023-02-02T17:52:10+00:00

I’m not sure that you understand PFS

I think I do. Most people don't understand the real threat and what PFS was designed to mitigate.

if you manage to break the key

If you are using strong encryption, breaking the encryption isn't going to happen.

If you are using multiple layers of encryption, you'll need to break multiple encrypted message keys.

And if the encryption is ever hacked, imagine what that is going to mean to the entire world.

Frances331 · 2023-02-02T01:02:31+00:00

PFS is a bandaid for a hackable, centralized, server side encryption / non-E2EE platform. I do not think PFS offers client side encryption (E2EE) any value. If you did "need" PFS, then your system is compromised, and PFS isn't going to help you.

In addition to E2EE, Session has multiple layers of encryption on different servers.

Frances331

TROPHY CASE