> I really don't see why someone should be on my shitlist for lying to godaddy dot com or whatever giant registrar unless you consider fudging identifying details about something that really doesn't matter,
I think I can see where you are coming from. You seem to compare this with, say, opening a GMail account under an alias, if I understand correctly.
However, holding domain names and, at the time, SSL certificates requires a different sort of accountability. I can elaborate on that if you wish, but I trust it won't be necessary.
> especially considering he was very openly associated with the project,
In the same way that Mr platinumrad or Ms at612 are associated with this discussion? By the use of an alias?
> some sort of horrible moral offense.
Yes. And please note he did not just lie to the registrar. When he got caught, he went and whined to some journo who published a piece criticising the registrar without bothering to contrast the information first. It all being presented as if it was the registrar in the wrong, when they were following the rules, which are there to protect the public in the first place. This coming from some bloke who was saying "don't trust Google, trust me. Because."
> I especially find your taking massive umbridge with fudging personal information baffling given how privacy-minded you otherwise seem.
I value my privacy. At the same time, when I enter a contract, I do so in good faith and of course part of it is letting the other party know who I am.
> really just makes it seem like the position you've taken against Signal is mostly predicated on some sort of grudge against Marlinspike himself.
Yes, you are correct. My apologies if that wasn't clear. I question the ethics, motivation, and competence of this one individual, who happens to be closely associated with said project.
> Yes, trashing F-Droid was not a great thing to do
To put it mildly. On an incidental note and more generally, have you ever seen him do a mea culpa?
> [but] isn't one of the most important goals of a secure messaging application to get people to actually use it and to achieve widespread adoption?
I do not know. I would guess not (based on defence experience). But the main point is that him saying "oh sure, it's secure" does not make it secure. He seems to be taking advantage of the public's inherent credulity and lack of awareness of what "security" actually means and involves. We have gone through this discussion already, so for an example of what I consider a better developed and correctly presented security solution, please see the Conversations IM application.
> The main lesson I've learned from GPG mail is that a perfectly private means of communication is worth very little if I can't actually convince anyone to use it with me.
This is a different, and long discussion, but it is probable that the reason why you are seeing that is the other party having mentally (or formally) done a cost/benefit analysis and deciding that their information is not of such value to justify the extra effort to protect it. Rightly or wrongly.
> Is OTR really a practical option? You message seems unclear about it.
It depends on your threat model, like other alternatives.
I have never initiated an OTR session myself, but I have received one from a contact in anger (whistleblowing).
> Also, how do you get all your contacts to use XMPP
In my case, I have been using XMPP for the last sixteen years, so my contacts have "grown organically", to use an en vogue marketing term.
It appears that Mac computers come with an XMPP client preinstalled (and possibly pre-configured?) Linux, the same. Android, there are a number of clients available. Windows, I think there is Gajim, ...
As far as a stereotypical common user is concerned, they are quite happy to install whatever applications their peers are using, which is how they end up with so much cruft on their computers, phones, etc. :-)
> and your server?
Nobody needs to use my server. It is like email, you can use whichever provider you like.
You misunderstand. He is running a company, what do you think their exit strategy is? You may want to look at his previous company and "red phone", I think was his product called.
> And normally one would associate such vehement and repetitive insistence on counter-factuals with trolling
Now gents, a number of you in the comments have wondered about what other alternatives are out there. You may have seen that I specifically advise against Signal, and other users have also expressed concerns about a number other applications, amongst which Wire and Telegram.
One that, to my knowledge has not been mentioned yet, but which would appear to meet some common measure of functionality versus convenience expressed here, is XMPP messaging application Conversations (https://conversations.im/).
I am not going to give it my personal recommendation because having tested it, I did not like a number of design decisions the developers have made, and I did not like their overall vision for the app. With that said, it's horses for courses.
On the end to end encryption front (all the rage these days, eh?), it appears that the Conversations devs have taken Signal's protocol and _done it right_. That means, they actually specced it (https://conversations.im/omemo/) and had it audited (https://conversations.im/omemo/audit.pdf), along with a couple important improvements such as eliminating the requirement for a trusted server or Google Play, which greatly reduces the attack surface.
Again, I personally do not like Conversations and I'm not going to use it myself--that's a personal preference thing, but kudos to the devs for doing a professional job, especially while everyone else are busy selling snake oil.
I say, go give Conversations a try, it may be the thing you were looking for.
>> Can I run a client from the Git repo and still use all of their infrastructure?
> Yes. You can.
The thing is, lucideer, the "restrictions" on the use of the source code are engineered to raise the barrier to independent use, notably by preventing or discouraging redistribution. This means that only those who are able and willing to compile Android source can run their own binaries. Everyone else has to go with the binaries they distribute which, as the other poster has correctly argued, cannot be independently verified.
> Do you have some personal issue with OWS?
I do not know about him. But I do. Please read on.
> and provided via F-Droid (though I have read their arguments against that w.r.t. performance)
Oh, so it's "performance" this time? It's not something about "updates" like last time¹, or "features", or "metrics"?
Do you really not think, if you go through the discussions, that there's just too many excuses? Does it make sense to you? Do you not get the feeling someone's got something to hide, if you would pardon the pun? :-)
"Please do not install software from F-Droid. It is an unverified build, exceptionally out of date, and should be considered malware."
You know what? I fucking trust F-Droid. And I for one I am very grateful to everyone who collaborate to make that happen and stand firm in their commitment to open source, and especially to Ciaran, the founder, who gives so much to the community in spite of very challenging family issues (which are publicly known). Top bloke he is.
And then you get some lying, incompetent, manipulative², and possibly delusional individual accuse them of distributing malware. That is seriously not cool.
¹ Cooperative and competent (or at least willing) open source developers can set it up so that F-Droid auto-builds every time you tag a new release.
² And I say this because I'm sure someone will correctly argue that he did not call F-Droid itself malware--that would be too crass even for this guy. He's very careful in choosing his words.
> The suggestion that the motivation for this article is profit for the NYT or Moxie is quite destructive.
No, that's literally how it works. Media need to sell copy (clicks these days) and companies need to get coverage. And that's perfectly OK if companies are acting ethically and journalists and editors are doing due diligence.
The person that you mention has good connections in the media and uses them to self-promote and promote the tat he sells.
> what's a reasonable heuristic for conducting private business?
You need to do a threat analysis.
I did not immediately find any good introductory resources via a quick Google search, but try it yourself. Very very briefly, it involves identifying the threats and their possible consequences, then working on either removing the former or minimising the latter.
Be aware that this is not merely a technological process. It is primarily a social one.
> Re: Google Play Services. Here's is the way I understand this to work, so please do correct me if I'm wrong.
> Signal uses Google Play Services to notify me that I have an incoming message from Signal.
More importantly:
a. That dependency, along with other "restrictions", sets an artificially high barrier to actually using the product independently. This is presumably so that they can maintain the pretence of being "open source".
b. Keep track of application downloads and whatever else Google provides to developers.
Moreover, as the paper that someone has linked elsewhere says, if you are allowing Google services in your app (Google Cloud Messaging, to be exact), you're at the mercy of anyone with control of it. A relatively trivial attack via GCM, as the paper hints, would involve simply replacing your application with a backdoored version, and you'd be none the wiser. It is a massive attack surface that just cannot be ignored.
Terminology. What you call free software I call open source. As you go on to mention, you can see the source but not use it in any meaningful way. In particular:
> but have clarified that it is indeed ok to build your own binary from the source they provide,
Exactly. Your own binary. From their source.
Build your own binary for someone else, and it's "malware", as the guy had the nerve to call F-Droid in that bug report (here: https://github.com/WhisperSystems/Signal-Android/issues/53). That sort of bad faith, coming from a known liar (see my other reply) is what I really cannot condone.
> and use their servers.
Yeah, similarly. Use a source other than theirs or servers other than theirs and they start whingeing.
That is not open source.
> I'm not quite convinced about their argument for official app store distribution and updates,
Possibly because every time it's a different excuse?
> but I can understand the argument.
Yes, so can I: they want to control the platform so that it is their users, so that they can sell it to someone else, like they did last time.
And I would be perfectly fine with that, if it wasn't done via lies, deception, and denigrating third parties, particularly the chaps at F-Droid who at least have the decency of using their real names (not to mention not seeing you as the product).
> Sticking with an app store does require trust in the provider though.
Agreed. How high is Google in your "trusted" list? Yes, I'm picking on Google because it's a bit of an easier target than Apple, but still.
> I think it would be best to avoid FUD.
I agree, and that's precisely why I feel the need to speak up. I challenge the honesty not of their enterprise (which is no different from that of Skype, Whatsapp, or any other player) but of the way they are pursuing their goal. See above.
> It certainly strikes me as one of the better options for pragmatic secure messaging,
I don't know. As mentioned elsewhere, XMPP meets all my requirements and is not vendor-dependent. But the availability of options depends on each user's definition of things like "pragmatic" and "secure" (and even "messaging" for that matter!)
From seeing what's out there though, it appears that modern versions of Whatsapp (which I don't use, I'm FOSS-only) offer essentially the same capabilities as this application though, including end-to-end encryption. And of course, essentially the same disadvantages. I could be mistaken here though.
> that allows for a fairly narrow and reasonable set of threats (Google/Apple/Microsoft (possibly more than one of each, depending on your platform), Whisper Systems themselves, probably most state actors).
I guess it also depends on each user's definition of "fairly narrow and reasonable". :-)
> I'm probably just inviting myself to get trolled by replying to this
I'm sorry that you get that impression, but I do appreciate your input.
> Cryptographer Matthew Green on Signal's crypto and code quality (it was called RedPhone/TextSecure at the time of this writing)
That's the application that they sold to Twitter, not the one being talked about here. I do not know how different the code bases are.
It is also around that time that the app had a gaping, amateurish hole in that it was simply leaking everything via logcat. And what does the guy do? Instead of addressing the issue like a professional, he goes on a complete tangent rubbishing F-Droid (https://github.com/WhisperSystems/Signal-Android/issues/53) and then making rather poor excuses as to why you should get your application from the Google store and not from anywhere else.
Excuses which by the way, have been evolving over time. I think he eventually admitted that he wants to keep track of how many users are using it (handy to show to your potential buyers).
He also has a history of lying, such as when he used fake WHOIS details to run his "Google anonymiser" thing. And of course, when he was shut down by the registrar, as you do when someone has given you false details, what did he do? He went to the press to whine about the registrar! After he entered a contract in bad faith, something which happens to be a prosecutable offence. That's the sort of person we are talking about here. I hope you will understand if his word does not exactly fill me with confidence.
That page starts with: "This is version 1.0 of our scorecard; it is out of date, and is preserved here for purely historical reasons."
And continues with: "the results in the scorecard below should not be read as endorsements of individual tools or guarantees of their security"
> Signal has been analyzed, with favorable results, by academic researchers at least twice:
Yes, I am aware of those. And that is not what validation and verification is which, as I said, in the absence of publicly available design documents, is impossible to do independently. The guy is trying to make it look like he's selling a "secure" communication platform, but if you presented that to a defence contractor (which I have some experience with) you would be laughed out of the building. Proper security is not done like this at all. For a start, you actually define your goals, i.e., what you intend to secure, against what threats, etc., etc. If you can show me a paper with that information I would be grateful.
Notably, you may have noticed that those papers, like Green's, are a protocol analysis, not an analysis of the entire solution. In that respect, you're back to the previous situation: the protocol might be ultra-secure, but if you're still leaking your plaintext on a different channel...
> Moxie Marlinspike and [...] probably wouldn't call themselves "cryptographers,"
At the risk of sounding elitist, what is his academic background? (I elided the other person because I do not know who he is).
> but almost anybody in the field would agree that they are experts on applied cryptography.
Just wondering, but why not just use XMPP? You can choose any server that you like or trust, or run your own (on your own or third party infrastructure, up to you), and use OTR for end-to-end encryption if you feel you need to¹.
I have been using XMPP since 2000/2001. My current address is nine years old (and I control the server). I have a choice of clients on every platform that I use. All my contacts have the same set of choices regarding provider, accounts, and clients. As a bonus, not just my human contacts but also my infrastructure uses it for messaging and monitoring, so I can literally control some of my servers from my XMPP clients.
There must have been at least thirty major IM "solutions" going in and out of fashion during these 16 years. Individually, each might have been somehow "more convenient", but if start counting the cumulative migration effort, I'm not sure the convenience argument holds much water.
¹ I used it in anger once myself, initiated by one of my contacts. It was an interesting experience.
The fact that the guy behind it is hyping it via the New York Times, a generalist publication, instead of validating the thing through professional cryptographers (which he isn't) and recognised privacy champions such as the EFF is very telling.
The thing has not been properly validated or verified (for a start, because there is no design document to validate against, and no published goals to verify against), it uses an ad-hoc encryption scheme from a non-cryptographer, it is not open source (see F-Droid discussion why it's not there), it uses hardwired servers controlled by a party or parties which are not known to be trustworthy, and apparently it requires Google Play services, which nobody who is truly concerned about their privacy is going to use in the first place (and definitely one should not).
From the way this is going, it is becoming clearer by the day that this is just another start-up, their target market are unsophisticated but paranoid users and hipsters with no real need for privacy but who think they should make some kind of statement. Their plan is to hype it up (e.g., via the NYT), get enough users, then get bought by one of the so-called "social media" players. It is more attractive to them than Telegram because the latter is run by a Russian, which to the American public sounds sinister (Mr Brin and countless other great scientists and innovators notwithstanding), and their servers are probably based in Germany, which is a bit more of a problem since there are (still) some proper privacy laws over there, and which would cause some headaches to the acquiring party. Besides which, there is a good chance that their current investors come from those "social media", or are the usual Silicon Valley VC crowd, so things stay between friends, as it were.
So, in brief:
* If you want a new Skype, go for it.
* If you care about the privacy of your communications, you should avoid it.
* If you need to keep your comms private, you must avoid it.
Anyone disagrees? Feel free to reply and tell me why!
> It's 2016 and our best crypto messenger options are worse than what we had 10 years ago when Skype was peer to peer, or Jabber with federation.
Actually, Jabber with OTR is pretty solid. If need be, you can use throwaway addresses too.
> I can understand the reasons for not supporting federation, but I disagree.
I disagree and can't understand the reasons, which however I suspect to be rather shortsighted. Just imagine if email had not been what came to be called a federated system.
> Different people will have different testing strategies based on this philosophy, but that seems reasonable to me given the immature state of understanding of how tests can best fit into the inner loop of coding. Ten or twenty years from now we’ll likely have a more universal theory of which tests to write, which tests not to write, and how to tell the difference. In the meantime, experimentation seems in order.
Indeed, we still "don't know" how to test—more generally, and given the abundance of methodologies and their tendency to go through a hype and dump cycle, I would say we still "don't know" how to write code in the first place.
We'll get there eventually, but for now I would take whichever approach, methodology, tools, and language that I use as having a "best before" date, and invest in it accordingly.
Any specific examples?