This is not forward secure. It will also only work for messages under 256 bytes. I don't know what happens in this code if you exceed that message length.
You want to use ephemeral session keys here. Read the Secret Conversations whitepaper as an example.
If you are trusting facebook in any matter, you are misunderstanding something. Whatever they say, they have the keys to decrypt it. It is like trusting the thief to guard your house.
I dislike this "ZuccNet" as the real goal should be abandoning facebook ecosystem but I still think that anything for naive people is better than nothing, so thumbs up.
> If you think a message you've received in a secret conversation goes against our Community Standards, you can report it. Learn more about what a secret conversation is.
When you report a secret conversation, recent messages from that conversation will be decrypted and sent securely from your device to our Help Team for review. We won't tell the person you're talking to that you reported it.
Since Facebook's software is managing the keys, they have the ability to decrypt Secret Conversations.
You have to trust Facebook not to snoop. Whereas w/ ZuccNet, the public keys can be exchanged via a separate channel from Facebook, thus rendering Facebook unable to snoop.
The metadata of our conversations is really more important than the content most of the time. Especially if FB is tracking the conversation participants before and after the chat.
If we chat and then shortly there after you search for some fringe political group, it's pretty safe to see that as a strong indication that I'm involved with that group. Or if my geolocation places me at some political event and we chat during or just after it, you're implicated.
FB doesn't need the contents of messages, they need the metadata plus all the other user tracking.
1. Try encrypting a message larger than 256 characters. Even if you somehow succeed, it will fail to decrypt. (My understanding of JS crypto is that it will throw an error if you try.)
2. It lacks forward secrecy.
A much better design would be to encrypt with an ephemeral (one-time) 256-bit AES key (using CBC+HMAC), then encrypt the key with RSA. (AES-GCM is probably easier, but if you're worried about message commitment, that's not recommended.)
(On sweis's comment about Secret Conversations: I don't trust closed source implementations--and neither do a lot of us on HN, so that's a non-starter. Tell the Facebook team to open source it, with reproducible builds, if you want it to be trusted.)
Interesting idea. The problem that I see is once me and my friend(s) decide together to use some special tool we could just as well decide to use another platform. Might be easier to use as well (even my father knows how to use, for example, Signal). Surely Zuck will not be reading other platform messages if preventing that is your goal ;-)
And all these years I've been using it as a photo sharing site, trip planning site, event planning site, news aggregator, messenger, and about a dozen other things.
Data mining is the price you pay to have those things for free. I'll leave it up to individuals to decide whether or not it's worth the cost.
sweis|5 years ago
Here's the technical whitepaper: https://about.fb.com/wp-content/uploads/2016/07/messenger-se...
Here's some of the academic work on messaging franking that it has driven: https://eprint.iacr.org/2017/664.pdf
Here's the instructions how to use it: https://www.facebook.com/help/messenger-app/1084673321594605
Of course, you need to trust that the client from the app store and no, the implementation is not open source.
sweis|5 years ago
This is not forward secure. It will also only work for messages under 256 bytes. I don't know what happens in this code if you exceed that message length.
You want to use ephemeral session keys here. Read the Secret Conversations whitepaper as an example.
stiray|5 years ago
I dislike this "ZuccNet" as the real goal should be abandoning facebook ecosystem but I still think that anything for naive people is better than nothing, so thumbs up.
matmann2001|5 years ago
> If you think a message you've received in a secret conversation goes against our Community Standards, you can report it. Learn more about what a secret conversation is. When you report a secret conversation, recent messages from that conversation will be decrypted and sent securely from your device to our Help Team for review. We won't tell the person you're talking to that you reported it.
Since Facebook's software is managing the keys, they have the ability to decrypt Secret Conversations. You have to trust Facebook not to snoop. Whereas w/ ZuccNet, the public keys can be exchanged via a separate channel from Facebook, thus rendering Facebook unable to snoop.
ballenf|5 years ago
If we chat and then shortly there after you search for some fringe political group, it's pretty safe to see that as a strong indication that I'm involved with that group. Or if my geolocation places me at some political event and we chat during or just after it, you're implicated.
FB doesn't need the contents of messages, they need the metadata plus all the other user tracking.
some_furry|5 years ago
https://github.com/tomquirk/zuccnet/blob/42e351e36b3b5dbaef0...
1. Try encrypting a message larger than 256 characters. Even if you somehow succeed, it will fail to decrypt. (My understanding of JS crypto is that it will throw an error if you try.)
2. It lacks forward secrecy.
A much better design would be to encrypt with an ephemeral (one-time) 256-bit AES key (using CBC+HMAC), then encrypt the key with RSA. (AES-GCM is probably easier, but if you're worried about message commitment, that's not recommended.)
(On sweis's comment about Secret Conversations: I don't trust closed source implementations--and neither do a lot of us on HN, so that's a non-starter. Tell the Facebook team to open source it, with reproducible builds, if you want it to be trusted.)
Recommended reading for the author: https://soatok.blog/2020/11/14/going-bark-a-furrys-guide-to-...
gigel82|5 years ago
This doesn't address it; if you're willing to go to these lengths, just switch to another platform that encrypts E2E.
netsharc|5 years ago
armoredkitten|5 years ago
Still, it's a fun proof of concept tool.
e12e|5 years ago
For a little while it was possible to just use pidgin, and have OTR work with Google talk (also boycotting fédération), Facebook and general XMPP.
But now the silo walls have been reinforced.
Gys|5 years ago
faitswulff|5 years ago
xanax|5 years ago
RandallBrown|5 years ago
Data mining is the price you pay to have those things for free. I'll leave it up to individuals to decide whether or not it's worth the cost.
foolinaround|5 years ago
benbristow|5 years ago
modeitsch|5 years ago
xuhu|5 years ago