Now that I think about it, why aren't most messaging apps peer to peer? Shouldn't that be the standard? I mean it's literally the point of messages: sending from one person to another.
a) Often the intended recipient isn't online when the message is sent, and it may happen that there is never a time when both sender and recipient are online simultaneously (e.g. sender's device only turns on to send the occasional message, receiver's device is usually off but turns on occasionally to check if there are messages)
b) Often one or both devices can only connect to, but can't be connected to (because behind a NAT, a mobile device, firewall, etc.)
c) Communication is often desired between accounts rather than devices -- I may want to send/receive on my work computer, home computer, phone, and watch
In before someone suggests storing encrypted messages in a public blockchain. This is a really good overview of the challenges with these messaging systems. Store and forward has been our MO since email and Usenet were invented because always on always connected devices that aren’t restricted by some network obstacle are not really feasible or even desirable most of the time. I do wonder what alternatives we have to something like a trusted online service to store and forward messages or a public blockchain. Some kind of crypto based system where nobody but the owner of a private key can even locate the message? A decentralized system where multiple copies of multiple fragments of your message are stored so nobody can piece together your (encrypted) message without controlling the majority of the nodes?
If only the ecosystem had been built to use E2EE by default, always. They fucked up with the design allowing bridges and bots, left E2EE for later, and now they're in the vicious circle of downgrade attacks until all major clients switch to E2EE with no insecure fall-back option.
there aren't downgrade attacks. we turned on E2EE by default in May for private rooms, and there's no negotiation involved. if you're on a client that supports E2EE (i.e. almost all major ones, now) and you try to DM someone, they simply won't be able to read you unless they support E2EE. i.e. they can't downgrade the convo.
That's good. The last time I had a look at Matrix clients it was a mess. IIUC the E2EE isn't enabled by default for the old Riot client, only RiotX and Riot web have it.
What happens if someone with old Riot client creates a room and someone with e.g. RiotX joins it, will it force E2EE on? Or will it fall back to non-E2EE messaging?
The creator and admins of the room picks the encryption preferences, iiuc: if you have a client that doesn’t support E2EE, you might be able to create an encrypted room (?) but it would be pretty useless. The clients all clearly mark the encryption status of the room you’re in.
So if an ignorant/malicious user creates a room without E2EE and doesn't care to enable it even when requested, all users are forced to converse in effectively plaintext, and the solution is "clients tell users it's not E2EE".
IMO it should be the case that it's always E2EE, no other options. Until that's the case I think Matrix ecosystem isn't keeping up with centralized solutions like Signal.
I'm really intrigued by the Scuttlebutt protocol, but in practice it's super hard to get plugged into the community because, as a new user, nobody follows you. I haven't figured out how to just engage people in conversation -- I reply to their posts but nobody sees my replies.
If there are other applications that can run over the protocol, I'm interested in learning about them.
Yeah, that behaviour's designed to counter spam and unwanted bots, but it does mean newbies need to be invited into a community. Meanwhile it's lonely talking into the void.
If you're happy posting your SSB ID publicly, I'll follow you, and that may help. Or you can use the #new-people tag if you want to introduce/announce yourself :)
This really isn’t my field, I am more of a full stack developer who mostly works on web apps with a heavy interest in networking. So definitely not an authority on the subject.
I think that’s basically the sort of system that most places employ. It’s nice because it’s easy to set up but you really need to trust Skype. Say they actually try to use end to end encryption. How does that work? Well, you could say “I am Alice and I want to establish a connection to Bob. Here is my public key he can use to send me messages and I’d like his public key so I can send him his.” That of course would need to happen in addition to establishing a network connection. So no if Skype is a good actor they will pass my public key to Bob, get his and send it to me as well as coordinate us establishing a direct connection.
But what if Skype is a bad actor? Well they could take my public key and send Bob one of their own. Then they could also send me their own. Now they can listen in on my conversation. They can also in a similar fashion make it seem like I’m connected directly to Bob’s networked device but really just relay the connection through their servers. Neither Bob nor I would have any way of knowing that without having exchanged public keys prior and having verified them. So this system is basically insecure against Skype wanting to listen to my conversations or being compelled to do so by a state actor.
Is IPv6 likely to be a practical solution to the router/NAT issue? Are routers assigning globally-routable IPs to their clients, is that already a thing?
IPv6 solves one of the reasons to use NAT. One more intractable reason is that many players (cellphone network operators, corporate networks) consider it a positive thing that individual devices are not globally accessible.
For cellphone networks it's not just a provider-side incentive, as inbound traffic will drain battery and you'd have no good way to stop it. But this only requires some sort of spam filter to be in front of the cellular link, like with a friends-based system where you keep connections to some friend's online nodes when you lock your phone, and just exchange IP+port info on both sides to just send a UDP packet to each other's IP+port from your own IP+port, punching your firewall. Theoretically you might even actively control your firewall to allow closing it off and also maintaining some permanent open entries for your friends to reach you with no indirection from their usual network(s). A provider could make money by selling (quota for) provider-side user-controlled firewall entries, and you could have your OS give out quota to apps.
It's feasible once you reach the point where it's worth the effort of implementing.
The NATs will be gone, but they'd be just replaced by firewalls with "default deny incoming" policies for most users. Some users might change this, but there would be enough people using defaults that one could not rely on p2p connectivity.
(The current networks are often not set up to handle malicious incoming internet traffic, and new protocol is not going to change this)
> why aren't most messaging apps peer to peer [...] it's literally the point of messages: sending from one person to another.
Messaging apps are more like postal services — "please deliver this message to $person" — you're describing driving across town to drop something in a mailbox directly. A peer-to-peer messaging system wouldn't have many benefits over an E2E-encrypted one (in a centralized E2E-encrypted service you already enjoy technical guarantees that the courier can't peek inside the metaphorical envelope), but would have several usability drawbacks that would drive away casual users, which the sibling comments mention.
Driving away casual users has its own problems: you might drive them away to insecure services ("ah fuck it, this thing doesn't work, I'll just DM them on Twitter"), and the lack of casual users will make your remaining users stand out in traffic analysis (e.g. state agency says "hmm, askxnakjsn is using SuperEncryptoP2PMessenger, better go make sure they aren't a dissident").
For multiple reasons but first of all because it would require both devices to be connected and online.
The common alternative to overcome this is to pass the messages through the server and encrypt/decrypt them on the device (aka e2e encryption). I acknowledge that might not be secure enough for certain use cases.
P2P requires both clients to be running at the same time in order to communicate. If you friend's phone is off and you send a message, they won't get it when they turn their phone on.
Seems to me like there should be a DHT way to solve this. When you boot up, you take your place in the table and query your neighbors for messages. If someone's unreachable when a message is sent, you hand the message to their neighbors to hold it until they appear.
Which requires you to trust your neighbours. To which you might say: aha! Just use end to end encryption! And sure, you can. But at that point, what benefits are you getting over using E2E with a centralised system? Very few. And you’re getting a bunch of drawbacks in terms of reliability too.
E2EE only protects content. Metadata is also very important and where as p2p apps like Briar, Ricochet, Cwtch and TFC hide it from all, centralized and decentralized apps have one or more weak points that allow eavesdropping on larger amounts of metadata.
Depending on whether you expect IM to work like physical mail or a phone call, this may be the expected behaviour.
It seems the majority here seem to be expecting the former, although I think of IM as more like the latter: if the recipient is not available, then the message is simply dropped, much like I can't call someone who is not answering the phone.
