depscribe thank you, somehow the Android-linking feature totally went over my head.

zkz

Correct me if I'm wrong, but if I understand correctly, the Ibex protocol implemented by Threema at the end of 2022 seems to have implemented PFS beyond TLS:

"At the transport layer, Threema has always supported Perfect Forward Secrecy (PFS). And just like for group calls (see above), PFS has always been enforced at the end-to-end layer for individual calls. The new Ibex protocol now also supports the exchange of ephemeral keys for chat messages on the end-to-end layer (with ECDH). A new key is used for each message, from which it is not possible to derive previous keys (thanks to KDF ratcheting)."

Here an external security analysis of the Ibex protocol.

Braxman is a charlatan who spreads massive amounts of misinformation about privacy and security. He pretends to be an expert but doesn't know what he's talking about. He's also involved in the attacks on GrapheneOS including harassment. Promoting his content here isn't allowed.

    Ironic that he's the reason I use and donate to GOS. Sorry, didn't realize he's attacked GOS.

    5 days later

    admin I didn't know this. Do you have further reading/links so I can educate myself more about this, please?

      • [deleted]

      Jobloggs it makes sense now that I have never seen him once mention or recommend GrapheneOS in any of his videos. I would also like to see the background for his approach. He may be a scaremongerer among the normie population but some of his information is factually correct and if one looks at it critically there is a good takeaway from that. Also he was one of the people who brought me to use of GrapheneOS in the end.

      admin Wow, I don't know that :( I detest people like that. Who burns people just for profit or ego...

      You cannot protect the ignorant and gullible from themselves, but to prey on them is despicable.

      I think XMPP may be user friendly. SimpleX seems to be the best though.

      Session was very shady when I used it. They store everything in a blockchain, meaning no deletion of messages, and if they are cracked everything is breached

        4 months later

        missing-root
        Hi,
        sorry, but Session messenger does not store anything into a blockchain!
        Unfortunately, you haven't read the FAQ of Session.
        If you had, you would have had a better experience or a better feeling when using it. ;-)

        BTW: Session Messenger has made great progress in the meantime and the developers are very busy.

          My descendants and I have been using Session for at least a year, and find it satisfactory.

          We were using Wickr. I have Threema on my phone, but so far no one has been dumb enough to pay to follow me there.

          We won’t touch anything that even smells like Facebook, no matter how good they say it is.

          11 days later

          Eagle_Owl interesting, they must have switched a lot of things.

          I remember them using the Signal protocol, and storing messages forever on a blockchain.

          Then my state of knowledge was that the messages are autodeleted after some time.

          • de0u replied to this.

            missing-root I remember them using the Signal protocol, and storing messages forever on a blockchain.

            The only time I read up on Session the situation was as it is now. The network needs some nodes to route messages with some degree of anonymity, and also to hopefully-briefly store messages while endpoints are hopefully-briefly offline. This has some structural similarities to the needs of the Tor network, though the hopefully-brief storage part is different.

            The Tor network historically relies on volunteers to run the nodes. My understanding of Session is that they are trying a different idea, namely to piggyback message transfer on nodes that are participating in a blockchain network. The fact that the same computers are doing both jobs does not imply that Session messages are stored on the Oxen blockchain, or ever were stored on the Oxen blockchain.

            Whether the idea of piggybacking non-blockchain functions on blockchain nodes will work out is unproven. But at least in theory it would be possible to migrate Session to a volunteer store-and-forward network similar to Tor's volunteer forwarding network.

            4 months later

            PMUSR Has Session removed its PFS and why?

            Yes, it was in December 2020.
            Alleged reason: Signal Protocol was built to operate in a centralised environment.
            The real reason: multi-device functionality was a top priority at the time, but could not be realised in the short term with PFS. So the chief developer at the time decided to do without PFS to reach the goal.
            This Difficulty can also be seen at the Threema devs, who have been working hard on this for years (!) and are now close to the finish line. Finally!
            But: their beta version (iOS only, Android OS will follow later) still does not allow PFS.

            See blogpost at getsession.org.
            Extract - please read it in full if you are interested:
            Quote:
            Mission: Possible — Session Protocol

            In Session’s case, our analysis has led us to a conclusion: the features we think will be most important for our users are best served by migrating Session to its own encryption protocol — the Session Protocol.
            The Signal Protocol is great at what it does, and what it does is security — a whole lot of it. Session does security too, but the problem is that Session’s scope also includes a focus on anonymity and decentralisation. Now that Session is well-established and we’re working to add features, one issue keeps cropping up: the Signal Protocol simply wasn’t built to work this way. It was built to operate in a centralised environment, and we’ve been trying to shoehorn it into Session’s starkly different infrastructure. That’s where the Session Protocol comes in. This new protocol will let us improve stability and streamline the development of new features. Of course, nothing in life comes easy, and there are a few features that won’t join us on the next leg of this adventure. However, the benefits of the Session Protocol make this transition well worth it.
            End of quote.

            9 days later

            Session is a great concept but terrible execution in UX :(
            SimpleX is a solid UX but a bit rough especially for groups, still, it works as intended, not buggy. The security and privacy is best in class and top of the line.
            Status is based on the Ethereum blockchain, so do not expect any metadata protections, but it's nice if you need a great UX without phone number. It's honestly a good messenger, not sure why it doesnt get brought up more often