← Back to context

Comment by elagost

7 years ago

With the rapid churn of various chat clients it's hard to get something to stick, and I attempted to settle on XMPP+OMEMO (or OTR), since it's a protocol, not an "app" (eww). Not a single person I know still uses XMPP, and it's easier to just tell people "Download Signal". However, that requires a phone number, and is useless on a desktop if your phone's off. Despite being Free Software, it's fairly locked down.

Secure communication with most people is nigh impossible these days, because nobody wants to not use SMS.

There has to be a better solution, and despite email+PGP's flaws, it's the only system I've seen that's stood the test of time. There are pretty good plugins for Mail.app (macOS) and Outlook (Windows), and if you use Linux you probably can deal with gpg. We use it at work for email, and pretty much everyone can work with it at any level of technical expertise. Anyone else have any solutions that have worked in their circles, including non-technical family members?

Signal Desktop has never required your phone to be on. It's completely independent once set up (apart from the occasional contact list sync). It has been this way since the first version of Signal Desktop. You're probably thinking of WhatsApp Web, which works the way you describe. I've seen this incorrect information spread on HN too many times, and I'm not sure how so many people came to think that. It's been 100% wrong from the beginning.

  • You are correct. Thanks for pointing that out; I tested it out this morning and verified I was able to send/receive messages on the desktop program with my phone in airplane mode.

I'm running a "beta test" of sorts of XMPP+OMEMA with non-technical people in my circles, and while Conversations (Android) and Monal (iOS) are getting there, there are still functionality and compatibility gaps.

Gajim is a usable client for desktops, but it's certainly picky about which users it is friendly with (that is, I can't recommend it to non-technical folks).

On the other hand "it uses IDs like email" is a concept my friends could understand, and the promise of end-to-end encryption over a server I control (as compared to some faceless organization somewhere else) was appealing to them.

And so I'm first level support for my peers and report issues upstream in the hope of improving the ecosystem.

And while it's closer to an email replacement (in that it avoids the ID issues of the WhatsApp clones and provides multiple clients for different purposes), it's still only a complement to email due to the ephemeral nature of messages, not a replacement.

  • As far as usable desktop XMPP+OMEMO clients go, Dino is much friendlier to non-technical users, but paradoxically, it's only available on Unix-like OSes. It runs on WSL and is probably buildable for X on MacOS, but by that point, you've lost non-technical users in both cases.

    • Wow, that one looks good. Thanks for the pointer!

      I wonder how much is in there that precludes cross-compiling to Windows.

Why not Keybase as secure messaging? It's easy to get people to use it and it provides much more than just XMPP+OMEMO.

Matrix works, and has fairly easy-to-use clients (and I've switched a few non-technical folks without too much trouble). It's also an open protocol, not just an app.

The main criticism (and I'm preemptively responding to tptacek here) is that they haven't yet made E2EE the default (though this should happen in a few weeks now that cross-signing appears to be done). I also think the key backup system should be much better explained -- there is a usability bug open for it and I've posted some suggestions.

  • Use Matrix if you want to contribute to Matrix or are an enthusiast about what Matrix is trying to do. But don't use it as a secure messenger, or tell at-risk people to use it. It may someday be a serious option for secure messaging, but it is not that today.

    I'm not a Matrix hater, but I think Matrix's cheering section gets the project in trouble, since their answers about privacy and security are demonstrably worse than those of other secure messengers. All Matrix is trying to do is build a modern, generalized IRC with optional built-in encryption, which is a project congenial and relevant to my own interests (my only funded startup tried to do the same thing!). That's great, as long as you're not trying to get people to use it to hide things from governments.

    • Is there a specific issue other than "it's not the default" that precludes it from secure messaging? This is the thing I don't understand about your position -- you have been saying for a very long time that "it's not ready yet" but as far as I can see the default-to-unencrypted setup is the main issue you have with it? I get that asking a journalist to use it right now is a bad idea, but if E2EE was the default today what other issues do you see?

      From my PoV, Matrix has many features that might actually end up increasing security over Signal's design. Just as an example, you cannot blacklist or even get alerted to new devices being added to an E2EE conversation with Signal (and if you look at things like the Assistance and Access legislation here in Australia, that is a serious concern). With Matrix you do detect it and can blacklist the other device (and with cross-signing being done very soon, you can also be sure that verification of devices will be a rare event). I also think the new emoji-based verification is a massive improvement over Signal's "safety numbers" setup.

      2 replies →

    • > Use Matrix if you want to contribute to Matrix or are an enthusiast about what Matrix is trying to do. But don't use it as a secure messenger, or tell at-risk people to use it.

      Also replying to this (likely too late!) in the hopes of a little clarification. In particular, "don't use it as a secure messenger" seems like strange advice in view of the fact that there don't seem to be any better options. That is to say, there are no options that fulfill all three of these requirements:

      1. Full support for group chat with end-to-end encryption between all participants. (Matrix even includes cryptographic controls on how much history is shared, though that's not a requirement.)

      2. Completely open source with no centrally controlled servers.

      3. Does not require any PII (including a phone number) to begin using.

      As far as I know, every messenger fails on at least one of these counts, and many fail at all three. It's one thing to criticize Matrix (there are a lot of things about it that suck right now, to the point that I'd never recommend it to a casual user), but to do so without any alternative doesn't seem helpful.

      Have I missed something better?

You can try recommending quicksy. It's been launched fairly recent and is an effort from the conversations developer to reach a similar userfriendliness as other phonenumber-based messengers have, while still being open to other users who decided to go with the regular accounts (e.g. you). You can even bind your phonenumber to your jabber account, so you show up as a concact without them having to add your jabber id to their phonebook.

to be fair i see signal as a alternative to a more secure texting means in presentation. of course this requires data so then there may be better alternatives for sure but what people are used too.