I have noticed that since the protests began there has been a huge influx of my contacts onto Signal and I've gotten a few questions about how to use PGP. I'm glad folks are starting to take privacy in their messengers more seriously, but a lot of the privacy-focused messengers are pretty bad (with Bridgefy being a particularly egregious case). Unfortunately there seems to be a trade off continuum between user friendliness and privacy in all currently available offerings and for most people I think Signal hits the sweet spot. I'd be interested to hear what other tools people would recommend here, as I haven't used all of them (eg Telegram/Matrix).
My money is on p2p matrix. It doesn't solve the immediate case Bridgefy does yet (I think it expects to have an internet connection), but it does solve the 'we have to trust central services like signal and or have incredibly difficult ux' scenario somewhat. Metadata resistant to a point etc.
Cwtch.im (pronounced couch) is an app I'm looking closely at but doesn't seem to have much movement in terms of shipping new releases or getting it going in apks or Fdroid. But I keep any eye there too.
Signal's disappearing messages will appear on your other devices such as the desktop app long after disappearing on the phone, and you still get group message asking if you'd like to join back the group you just left. Imagine these messages popping up right at the moment during police interrogation.
We're working on a PGP app called Safe Easy Privacy on iOS. Our idea is that if PGP was easier to use more would use it for private communications, we're still in the early stages and we know that PGP isn't the perfect solution, but it's better than nothing. We've noticed people saying they're using Safe to share keys with people who aren't tech savvy.
* building social graphs of users’ interactions, both in real time and after the fact
* decrypting and reading direct messages
* impersonating users to anyone else on the network
* completely shutting down the network
* performing active man-in-the-middle attacks, which allow an adversary not only to read messages, but to tamper with them as well
This app basically allows for the exact opposite of what people are expecting from the app. Doesn't that qualify as some sort of fraud or false advertising? If not, I wonder if we need further regulation to protect the public from developers that are either incompetent or straight malicious.
We're acutely aware of this conversation, and know that we must prioritize the safety of our user base. All of the issues reported on the article are already being fixed, and we should have updates published in the next few weeks.
>A key shortcoming that makes many of these attacks possible is that Bridgefy offers no means of cryptographic authentication, which one person uses to prove she’s who she claims to be.
Identity is critical in encrypted messaging. Identity is a hard problem in practice. Very few things do an adequate job. The things that do are awkward and require concepts that few people understand.
Somebody needs to expend a bunch of effort to provide identity. It doesn't have to be you (in a PKI the effort is expended by the Certificate Authorities and those overseeing them, not by Relying Parties) but it does have to be somebody you trust.
For personal identity the most plausible outside authority is government, and it's unlikely that people protesting a government would trust it to identify them - after all government counter-protest forces would presumably be able to make use of that against them.
So you're probably screwed in the larger sense. Is this tip that "There is a team with food and water on the North side of the bridge" from "Kirsty" real? Well you haven't the faintest idea who "Kirsty" is so even if you could magically be entirely confident the message is really from "Kirsty" that doesn't help you decide.
Signal does the absolute most it's practical to attempt here, you can choose to check that your friend Kirsty is actually your friend Kirsty by some trustworthy means (e.g. meeting up physically) and then Signal promises you'll know that future messages are really from Kirsty. But trust isn't transitive so PGP's apparently more powerful offering doesn't actually do anything except maybe give you a false sense of security.
Bridgefy doesn't offer even that very limited capability from Signal, but I'm dubious about the practical import for a live protest. I can buy that BLM or Extinction Rebellion which are long-term organisations with sustained buy-in from local organisers benefit from something like that (and indeed ER uses Signal) but individual protests or protesters I don't think so.
Does anyone have a design that works for this kind of adhoc meshing network with good privacy guarantees? It seems like a really hard problem to solve, especially the social graph problem because inherently messages will take time to propagate through the network based on proximity. Maybe adding random wait and hop count increments? Efficient routing kind of depends on being able to discover the network graph.
Briar works quite well, but due to the darknet nature you only exchange data with those you paired with (by exchanging a "link" via some other channel or meeting in-person and scanning a QR code on each other's device (then followed by a short wireless p2p exchange to properly exchange all required information)).
It's afaik android-only, and doesn't use nodes as relays for private messages.
The proposed change to use the signal protocol wouldn't seem to address all the metadata issues with their core tech. Their statement mentioned nothing more than "oops we're a startup", the signal change, and an intention to continue to invest in the "mesh".
It does seem like a nice feature for existing platforms to be able to enable in disasters and at events.
As for protests, maybe some communication is better than none if the government is shutting things down?
People do. More than a few hams have been involved in the recent US protests.
Radio has different characteristics that make it an imperfect substitute in protests. The biggest one is that people already have cell phones, but pre-event coordination also becomes much more important, and people have to practice. (Not much, but radio discipline is a thing, and in an emergency you need it.)
The only usable tool for any organization of resistance is Telegram. Anything else is garbage. Here's why:
Bluetooth/Mesh based local broadcast apps such as FireChat and Bridgfy are literally extreme low signal to noise streams of thoughts coming from everyone around you. We don't even need to get to the privacy or security part to eliminate it due to it being completely unusable in areas with more than a couple people.
Signal:
Slow, requires phone number to register and access to contacts. Users still receive messages after leaving a group, and the history still remain on the desktop app. Disappearing messages disappeared on the phone you'll still get it after it purported it have disappeared.
Wire:
Extremely slow.
Why is Telegram good?
* Super fast
* Good balance of security and usability.
* Early flaws in mtproto has largely been fixed.
* You can choose a username, instead of a phone number
* Good privacy settings to select who can find you, how to find you, who can call you, who can pull you into group chats etc.
* Desktop app has feature parity with the mobile apps. No glaring flaws found in Signal.
* Operationally extremely battle tested by successful protests around the world such as Hong Kong, Iran and Belarus.
* Any problems found on the ground, when reported, will be fixed in a matter of days to weeks by Telegram. They are that responsive.
Words of advise to Silicon Valley companies and security professionals in general. Stop bashing Telegram and actually go and try using your proposed alternatives in protests. Most if not all of these so-called secure chats are completely unusable for any organizations trying to avoid being arrested or be used as evidence against you.
> You can choose a username, instead of a phone number
Unless this has changed recently -- and I can't find any indication that it has -- this is not true. You can choose a username in addition to a phone number, but you must have a phone number. Your username is effectively an alias for your number; your account is tied to the number, not the username.
>actually go and try using your proposed alternatives in protests. Most if not all of these so-called secure chats are completely unusable
This cannot be stressed enough. One can do their imaginary layman revolutions and or secret operation in these chats, citing theoretical security features, etc. But when it comes to the real world, they simply do not work, in the same way your todolist mvc example doesn't work for project management and accounting.
But in Hong Kong's case, a number of Telegram chat room operators have been prosecuted by the police for anti-government activities. If TG is really secure then this shouldn't have happened.
[+] [-] eindiran|5 years ago|reply
[+] [-] Multicomp|5 years ago|reply
Cwtch.im (pronounced couch) is an app I'm looking closely at but doesn't seem to have much movement in terms of shipping new releases or getting it going in apks or Fdroid. But I keep any eye there too.
[+] [-] wyuenho|5 years ago|reply
[+] [-] rodneyg_|5 years ago|reply
[+] [-] slg|5 years ago|reply
* deanonymizing users
* building social graphs of users’ interactions, both in real time and after the fact
* decrypting and reading direct messages
* impersonating users to anyone else on the network
* completely shutting down the network
* performing active man-in-the-middle attacks, which allow an adversary not only to read messages, but to tamper with them as well
This app basically allows for the exact opposite of what people are expecting from the app. Doesn't that qualify as some sort of fraud or false advertising? If not, I wonder if we need further regulation to protect the public from developers that are either incompetent or straight malicious.
[+] [-] nordsieck|5 years ago|reply
Fraud typically requires some sort of mens rea. It sounds to me like Bridgefy is just really bad as making secure applications.
> If not, I wonder if we need further regulation to protect the public from developers that are either incompetent or straight malicious.
There is a long history of people trying to create liability for software bugs. It was a bad idea then and it's still a bad idea today.
[+] [-] vkou|5 years ago|reply
[+] [-] jorgeribs|5 years ago|reply
We're acutely aware of this conversation, and know that we must prioritize the safety of our user base. All of the issues reported on the article are already being fixed, and we should have updates published in the next few weeks.
Here's our blog post: https://bridgefy.me/bridgefys-commitment-to-privacy-and-secu...
As always, we're available to keep the conversation going; please refer to the email address included in the blog post.
Thanks!
[+] [-] upofadown|5 years ago|reply
Identity is critical in encrypted messaging. Identity is a hard problem in practice. Very few things do an adequate job. The things that do are awkward and require concepts that few people understand.
[+] [-] tialaramex|5 years ago|reply
For personal identity the most plausible outside authority is government, and it's unlikely that people protesting a government would trust it to identify them - after all government counter-protest forces would presumably be able to make use of that against them.
So you're probably screwed in the larger sense. Is this tip that "There is a team with food and water on the North side of the bridge" from "Kirsty" real? Well you haven't the faintest idea who "Kirsty" is so even if you could magically be entirely confident the message is really from "Kirsty" that doesn't help you decide.
Signal does the absolute most it's practical to attempt here, you can choose to check that your friend Kirsty is actually your friend Kirsty by some trustworthy means (e.g. meeting up physically) and then Signal promises you'll know that future messages are really from Kirsty. But trust isn't transitive so PGP's apparently more powerful offering doesn't actually do anything except maybe give you a false sense of security.
Bridgefy doesn't offer even that very limited capability from Signal, but I'm dubious about the practical import for a live protest. I can buy that BLM or Extinction Rebellion which are long-term organisations with sustained buy-in from local organisers benefit from something like that (and indeed ER uses Signal) but individual protests or protesters I don't think so.
[+] [-] rtkwe|5 years ago|reply
[+] [-] namibj|5 years ago|reply
It's afaik android-only, and doesn't use nodes as relays for private messages.
[+] [-] nkingsy|5 years ago|reply
It does seem like a nice feature for existing platforms to be able to enable in disasters and at events.
As for protests, maybe some communication is better than none if the government is shutting things down?
[+] [-] xwdv|5 years ago|reply
[+] [-] _jal|5 years ago|reply
Radio has different characteristics that make it an imperfect substitute in protests. The biggest one is that people already have cell phones, but pre-event coordination also becomes much more important, and people have to practice. (Not much, but radio discipline is a thing, and in an emergency you need it.)
[+] [-] cortesoft|5 years ago|reply
[+] [-] TheButlerian|5 years ago|reply
[deleted]
[+] [-] jokz|5 years ago|reply
[+] [-] generalizations|5 years ago|reply
[+] [-] Yc4win|5 years ago|reply
[+] [-] wyuenho|5 years ago|reply
Bluetooth/Mesh based local broadcast apps such as FireChat and Bridgfy are literally extreme low signal to noise streams of thoughts coming from everyone around you. We don't even need to get to the privacy or security part to eliminate it due to it being completely unusable in areas with more than a couple people.
Signal:
Slow, requires phone number to register and access to contacts. Users still receive messages after leaving a group, and the history still remain on the desktop app. Disappearing messages disappeared on the phone you'll still get it after it purported it have disappeared.
Wire:
Extremely slow.
Why is Telegram good?
* Super fast
* Good balance of security and usability.
* Early flaws in mtproto has largely been fixed.
* You can choose a username, instead of a phone number
* Good privacy settings to select who can find you, how to find you, who can call you, who can pull you into group chats etc.
* Desktop app has feature parity with the mobile apps. No glaring flaws found in Signal.
* Operationally extremely battle tested by successful protests around the world such as Hong Kong, Iran and Belarus.
* Any problems found on the ground, when reported, will be fixed in a matter of days to weeks by Telegram. They are that responsive.
Words of advise to Silicon Valley companies and security professionals in general. Stop bashing Telegram and actually go and try using your proposed alternatives in protests. Most if not all of these so-called secure chats are completely unusable for any organizations trying to avoid being arrested or be used as evidence against you.
[+] [-] chipotle_coyote|5 years ago|reply
Unless this has changed recently -- and I can't find any indication that it has -- this is not true. You can choose a username in addition to a phone number, but you must have a phone number. Your username is effectively an alias for your number; your account is tied to the number, not the username.
[+] [-] wruza|5 years ago|reply
This cannot be stressed enough. One can do their imaginary layman revolutions and or secret operation in these chats, citing theoretical security features, etc. But when it comes to the real world, they simply do not work, in the same way your todolist mvc example doesn't work for project management and accounting.
[+] [-] mamborambo|5 years ago|reply