• ᗪᗩᗰᑎ@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    “Popular,” and even “ease of use,” are not relevant for the label of Gold Standard when we’re talking about security

    First, ease of use is absolutely relevant when it comes to security. If it’s too technical, difficult, or confusing, nobody will use it. Just look at how prevalent PGP is in emails - it’s basically doesn’t exist outside of niche nerd circles. What percentage of Linux admins ever deal with SELinux before getting told to just us AppArmor because it’s easier? So yes, ease of use is a factor.

    Second, ‘security’ is too broad a topic. I don’t see a point in debating what is “the best” if a threat model isn’t outlined first.

    I originally stated “Signal is the gold standard for encrypted private messaging”, which stands true regardless of other security features because it defaults to end-to-end encryption for everything by default and works out of the box. At the end of the day your messages are guaranteed to be encrypted and private - anonymity is not in the equation.

    That said, I did bring up the point about leaking metadata, but looking at SimpleX I see that even they claim [0]:

    The protocol does not protect against attacks targeted at particular users with known identities - e.g., if the attacker wants to prove that two known users are communicating, they can achieve it. At the same time, it substantially complicates large-scale traffic correlation, making determining the real user identities much less effective.

    So, without digging much into it, it seems there’s some limitations to your claims about SimpleX’s superiority to Signal in terms of even anonymity.

    Jami

    I tried it when it was called Ring, tried it again sometime after the name change. It’s a P2P messenger that provides E2EE. The architecture means all metadata leaks to ISPs and the internet. So you should be using it with Tor (or some other layer), and because your contacts also need to do that, and one of them is bound to fuck up, it’s better to use either something that’s metadata-resistant by default (like Briar) or to stick to Signal. Also, because its P2P, it requires both parties to be online to even work - at least last I tried it. This doesn’t work in the modern world.

    Tox

    Without getting into the various security issues over the years (here are two recent ones [3] [4], one which allowed remote code execution!), the Android client is spartan to say the least, and there’s no iOS client [1], making this unusable with half the people I’d like to communicate with in the US. Your regional mileage may vary [2].

    Confide

    Isn’t even open source so completely out of the question - security through obscurity, as the story post about the Converso apps proves, cannot be trusted.

    I’ll skip the rest as I’ve already spent too much time on this, but I will say I do believe Threema might be as good if not better than Signal, but it’s a paid app and it’s hard enough to convince friends/family to get onboard with a free app, never mind something that requires payment.

    [0] https://github.com/simplex-chat/simplexmq/blob/stable/protocol/overview-tjr.md#trust-in-servers

    [1] https://tox.chat/clients.html

    [2] https://www.statista.com/statistics/236550/percentage-of-us-population-that-own-a-iphone-smartphone/

    [3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44847

    [4] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25022

    • Oh, I didn’t intend to skip the Tox comments. I haven’t used that in a whole, and was unaware of the CVEs. Those, and the fact there’s no iOS app, are good reasons to not use it. I found its use of DHT limited its performance and often had device battery life impacts; it still had a better protocol than Signal. The CVEs and other issues are technical implementation problems that can be fixed, unlike Signal’s design flaws.

      Confide was just an example of a new class of fully anonymous, ephemeral chat clients, and maybe not the best choice. There are a half-dozen of these, all using similar mechanisms, some of which are OSS. I need to do a deeper survey of these, because they’re an interesting new approach to full-security chat.

      Anyway, just saying I hit "sendx prematurely.

    • Man, this is great. I’ll admit that after leaving Reddit I was starting to miss the petty arguing about semantics. It’s great to see Lemmy picking up the slack!

      First, ease of use is absolutely relevant when it comes to security.

      Eh, I disagree. A little convenient security is not as good as full inconvenient security. Governments and corporations everywhere are glad that there are many people who share your opinion, though - and a very many people do agree with you, as you point out in your comment about PGP.

      Just to be clear, I didn’t mean to accuse you of ignorance about leaking metadata. I was expressing greater value of it than you do; metadata is a tool of oppression and exploitation, and companies like Signal minimize its impact in order to support their business model. Private messaging, to me, means privacy; not partial privacy. Not privacy of some things. It’s why it’s important to secure DNS queries. Google absolutely exploits DNS metadata from 8.8.8.8 queries - a perfect analog to Signal’s collection of phone numbers and routing. Who you talk to is extremely valuable metadata, metadata which is not private under Signal. So, again, I disagree with you that simplicity trumps metadata privacy in declaring a “gold standard” privacy protocol.

      For SimpleX, the key is the statement “individuals with known identities.” If you publish your identity publically on your web page, and your friend does too, yeah. Attackers can tell you two are communicating. The difference from Signal is that, with SimpleX you can not publish your identity. You can also easily create new (unpublished) identities, and use a different one for each friend. With Signal, you have no option other than buying burner phones and having your friends all reconnect every time you get a new phone. And knowing what I do of the telecom industry, burner phones - while improving privacy - are not immune to a committed attacker such as a government.

      You’re right that Jami has flaws; I won’t begin to try to defend them, although it still has better metadata protection than Signal.

      It’s a false equivalency to claim that because a protocol is not perfect, that it’s no better than an even less perfect protocol. I might as well claim that because Signal isn’t perfect, it’s no better than SMS.

      Maybe I should be asking: why do you believe that a system that requires users to expose their identities and route centrally unencryptable metadata through a central server is sufficient? Does it not concern you that, because Signal (the company) effectively shut down the use of third h party servers, giving them full access to all of this metadata? Why do they deserve the label “gold standard” - purely as a result of their popularity?

      SimpleX is my current favorite, but I won’t suggest that it’s easy to use. It needs one missing feature (multi-device channel sharing) and some usability enhancements. It could also benefit from easier ID rotation to enhance its already quite good anonymity protection. But the core protocol is the most solid of the existing options, and it works well. And for people who are at risk, and truly need security - e.g. political dissidents - including privacy of metadata, I would recommend putting up with little inconveniences, and not cut corners on privacy.