[kwlug-disc] Secure IM news
Chamunks
chamunks at gmail.com
Wed Nov 23 23:44:16 EST 2016
"Yep! Signal has made great improvements to OTR. I personally think the
best change is rather that the ratchet, being based on deterministic
algorithms (hashes), supports offline messaging in a way OTR couldn't and
therefore couldn't be used (effectively; you could with xabber but it was
The Worst Thing) for mobile. Actually, my belief was that OTR also used a
different key for each message, but it had to negotiate the key actively
with the partner, which is why you had to have an active both-people-online
session to use it. Do you know if I'm wrong about that?"
After some review you are correct. I'm not entirely certain of the
difference at this point I always thought / was under the impression OTR
was per session.
As for google's GCM, it's literally just a push system/relay and index of
registered devices on the GCM network it acts as a secure relay for data.
As you basically have to trust the internet underneath your fibers there
will be some proprietary systems in there somewhere you're not even going
to be aware of. Cisco/Juniper etc they're all proprietary IIRC. I would
be more concerned about the data sent via GCM more so than the fact that
its using GCM.
The benefit of this system is that you don't add security holes opening up
sockets to the internet meaning it's more secure than leaving an open
web-socket/socket. Or the alternative of having a DHT or something
tracking the online status of your neighboring devices. Signal isn't
intended to be an anonymity network its intended to provide provably secure
conversations past beyond the common standard.
If you want something ultra-secure that won't have anyone on it ( the
biggest problem with a messaging protocol is that someone needs to actually
use it for it to be useful ) you could try TOX
<https://wiki.tox.chat/clients> or something via the TOR network. That'd
really be the only truly open-source messaging system that would be secure
end to end and also anon and free of proprietary backing.
I do really like the concept of open standards though but I think that
Moxie Marlinspike is rightfully defending his protocol at the moment though
because if I were trying to build the reputation for my protocol I would
fend off people who would likely run things poorly and at the moment it
seems like he's doing a better job than anyone else. Once you get mass
adoption maybe he might be convinced into opening the standard.
On Wed, Nov 23, 2016 at 11:16 PM Nick Guenther <nguenthe at uwaterloo.ca>
wrote:
>
>
> Le 23 novembre 2016 21:41:08 HNE, Chamunks <chamunks at gmail.com> a écrit :
> >SignalApp is perfectly open they only use GCM for an efficient method
> >to
> >tell clients where to send the message to p2p. None of the messages
> >actually travel through GCM. This is how android's designed to work
>
> There are multiple layers of openness here. The code is open, but the
> service is not because they don't federate, and to protect the brand (the
> argument being that for the non-obsessed-geek crowd, that also protect a
> security by avoiding imitators) they actively stamp out anyone running even
> an alternate copy of the server. On top of that, the fact that any part of
> the infrastructure depends on Google's non-free systems is a lack of
> openness; isn't one of the core FSF software freedoms the ability to use
> the software wherever you can? Well, because of the tie into to GCM/Apple
> Push, you can't run it on BlackBerry 10, you can't run it under Pidgin
>
> >
> >The best part of the signal protocol is that unlike the OTR spec, it
> >ratchets its keys for every message since its so cheap on the CPU these
> >days to make more keys.
>
> Yep! Signal has made great improvements to OTR. I personally think the
> best change is rather that the ratchet, being based on deterministic
> algorithms (hashes), supports offline messaging in a way OTR couldn't and
> therefore couldn't be used (effectively; you could with xabber but it was
> The Worst Thing) for mobile. Actually, my belief was that OTR also used a
> different key for each message, but it had to negotiate the key actively
> with the partner, which is why you had to have an active both-people-online
> session to use it. Do you know if I'm wrong about that?
>
> I am not sure if you were debating my reluctance with this message. If you
> were, let me clarify that I'm not reluctant about Signal; it sucks that
> they have decided they don't have the resources to do federation, but I
> have peace with that and use and recommend Signal every day. My reluctance
> is about Matrix claiming "e2e group chats!" without maybe fully thinking
> through the threat model.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20161124/85425bfc/attachment.htm>
More information about the kwlug-disc
mailing list