-
-
Notifications
You must be signed in to change notification settings - Fork 385
🆕 Software Suggestion | Session (ex-Loki Messenger) #1678
Comments
Mmmm Maybe this ticket should be put on hold until the final release comes out, here is the introductory message when installing the software:
At least, it looks like they take security very seriously. Up to you guys to see whether you want to add the entry with a warning, or wait for the final release to fix these issues. |
Hey, I'm the CTO on the Loki/Session project, just to confirm, yes we will be launching Session in a few days on Desktop, iOS and Android, so probably best to hold off until then for research/review. |
@KeeJef that's great news to hear! Can't wait to test the stable release with all the anonymity features implemented :-) |
My God, what an amazing application. |
New website: https://getsession.org/ |
When exactly are you launching? Great project! |
The app is already available, I have used it before posting this issue, but
some important features were missing such as group chat, but on the new
website it's written this is now possible, so i guess that's what was
meant, the deployment of the new release with these important group
features and security updates?
Le lun. 10 févr. 2020 à 16:10, 5a384507-18ce-417c-bb55-d4dfcc8883fe <
[email protected]> a écrit :
… Hey, I'm the CTO on the Loki/Session project, just to confirm, yes we will
be launching Session in a few days on Desktop, iOS and Android, so probably
best to hold off until then for research/review.
When exactly are you launching? Great project!
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<https://github.com/privacytoolsIO/privacytools.io/issues/1678?email_source=notifications&email_token=AAIRFXTMMKI6EJ6MOAU6ZSTRCFU77A5CNFSM4KOP2STKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOELI3M7Y#issuecomment-584169087>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAIRFXQYIG4FVLNCNXFIIMDRCFU77ANCNFSM4KOP2STA>
.
|
Yes, I meant the new features and security updates. I gave it a look on the desktop client but couldn't find a way of installing it on mobile without using Google Play store, do you know if the .apk is available somewhere? |
As mentioned above Session is now launched on all platforms at https://getsession.org , today we also published a whitepaper https://getsession.org/whitepaper which goes through the design in detail. We are still working through a number of issues discovered when we launched with Multi-device setups so that might not be working as expected if you encounter and edge case. |
APKs are here, https://github.com/loki-project/session-android/releases , We will be trying to get into F-Droid repo shortly, we're just focusing on bugfixes for now since we just released. |
@KeeJef Thanks a lot for the updates, I have updated this issue accordingly. Good luck with the post-release bugfixing, you've got an awesome project here! |
Congrats, I hope you get a stable release ASAP and your project is great! |
Does this depend on the Google Services Framework? Aurora store shows a GSF dependency. |
As they say during the beta, it has a traffic analyzer, then they will remove it in the stable version. |
@wuniversales all analytics have already been removed from all platforms, that was done a few weeks ago when Session was released Regarding Aurora store flagging Session as GSF dependent, not sure why that is happening, we have APK's that you can download directly here and those work fine without Google play, i will have a look into it on Monday though. |
1.0.2 released and I'm impressed! I would like to see this being added. |
Yeah, it works pretty sweet and it doesn't have shitty Google dependencies like Signal. |
Signal hasn't had the need to run on google for notifications for years now, and even with the google version, google only sees that you have a notification, not what the notification is about. About Session now, what is the intended threatmodel? And also, what does it intend to solve over signal ( as of now, it seems to be a Signal fork with some blockchain stuff bolted on). |
The threat model is defined in the whitepaper here https://arxiv.org/pdf/2002.04609.pdf Since Session deploys proxy routing (1 hop, soon to be Onion routing 3 hops) inside it can deal with network level adversaries, as opposed to Signal in which the server can collect the sender and recipient IP addresses. Additionally it removes the need for phone numbers or email addresses as identifiers and instead uses public keys, which enhance anonymity as they are not linked to any real work identifier. Session also doesn't rely on central servers, messages are not stored on servers run solely by the developers or Loki foundation and instead are stored on Service Nodes run by community members, this makes the network resilient to being shutdown or compelled to run privacy compromising software distributions. There is more information contained in the whitepaper about how this is achieved and the properties it provides. |
So it aims to solve signals ability to correlate conversation members via your own onion routing network ( as currently, signal can still correlate via IP, but not via account's because of their sealed sender feature) and you deal with the phone number issue with a blockchain? |
Yes it aims to resolve the IP address correlation, by using an Onion routing network. But no, it doesn't use a blockchain to solve the phone number issue, the public keys don't have any relationship to the blockchain, they are just public keys. The blockchain is used to incentivze the nodes in the network who store user messages and allow for asynchronous communications. You dont need to pay to send messages or use the messenger or anything, its abstracted away from the user. |
Interesting. What happens if the user loses his private key? Also, are there any easy backup methods in place so the user can prevent losing said private key? |
The user is given access to and encouraged to write down their 12 word mnemonic seed when they create an account or at any time in the settings menu, with this phrase they can restore their private key (identity) and re-initiate previous sessions. In the future we will allow the user to password encrypt their seed and store it other locations, but that's not yet implemented |
Sounds very promising. Im not sure if the software is mature enough to be a major recommendation just yet, and we also would have to see how the loki network will develop itself further (is it going to die down like most startup anonymity networks, or will it maybe thrive.) About that, if the worsed case scenario happens and loki doesn't make it, will it be possible to alter session to move to another platform like Tor? |
Seems ok, the only thing I don't trust is that it's based in Australia. |
A political view research regarding the loki network, that i believe it's important to be mentioned and taken into account: |
I did look at the ABC article. It looks to be a similar situation to where the Tor Project find itself. Bad people can use good technology? As we really don't know what was said, we can never determine to what extent "they helped". The word "inadvertent", might reflect they did not know who they were before helping them.
I did watch that video, and the only reference was this frame: How do we actually know it was written by @majestrate and not copy pasted from somewhere else? |
I am not convinced by the point raised either. First because I don't see any proof, only claims in the linked twitter thread, but also because that's basically the timeless security vs liberty philosophical and political problem. For example, medicine has always been used to conduct unethical experiments including torture or worse. This unfortunately shows that even the most honorable tools can be misused. Should we blame the tool, or the user who misuse? IMO, the technical side also matters in this question. I think that as long as the tool is not operated by the developer and is opensource, who the developer is is ultimately irrelevant. PS: thank you for making me discover nitter, didn't know this open front-end to Twitter, I guess we should re-examine oxen-io/session-android#1402 now that Invidious is being added as a Worth Mentioning in #1974? |
Guys, some of you have gone OT for very far, any issues that relate more to LokiNet than Session should be discussed at #1940 (Lokinet) but not oxen-io/session-android#1678 (here). |
just to die up a loose end (further mud flinging can go into #1940 )
the aforementioned post was on a former contributor's imageboard, and since imageboards love to steal each other's style sheets it makes sense that it was confused with 8chan. original post from the screenshot is from https://endchan.net/tech/res/12870.html |
@majestrate thanks for clarifying that. I got this feeling from that CCC speaker that it felt like he just wanted to show a bunch of alt-right propaganda/meme/shock material to viewers, I think it could have done with a lot less of that and still gotten his point across. We should get this back on-topic. |
I might have missing some function, but I didn't see anything like Signal's "safety number". Why is that? Can session or the lower LokiNet platform prove that I am talking to the person with no insider interference (Like MITM), or is the platform naturally immune to this kind of attack? |
@subsys-R9boq8 We do have the ability to view a users safety number on desktop, it should be on all platforms, not sure why it got removed. However the security model is quite different than Signal, since Signal users can change their underlying key pairs without breaking a session (Phone number is ultimate truth) whereas your identity (SessionID) in Session is actually your public key meaning you cant change it. This means that if you talk to someone with X session ID, you know you are speaking to them and there is no TOFU or MITM attack possible (as long as the out of band Session ID sharing is done properly). However it still makes sense to have safety numbers because someone out of band might claim to be X person when they are Y person, if you speak to X person in real life or through some secure means then you can either compare Session ID's or safety numbers, however safety numbers are a little easier to compare (Have a QR code and nice formatted representation) |
Why are you using legacy GPG version 1.4? https://github.com/loki-project/session-android/releases |
@ZarusMods No particular reason, is there a compelling reason to update? CVE or something? |
i use it |
Session's code audit is done: |
All of this is finished now, took us a lot longer than expected 😂 Session is now much less buggy than it was a year ago, i don't know exactly how this process works but i think moving forward on further research or putting a recommendation into https://privacytools.io now would be great |
Thank you for the update @KeeJef. Very exciting news! I'm very happy to see this much progress and work! Adding on privacytools is on a volunteer basis, so it just depends on whether someone decides to make the adequate file modifications and then if peers accept the changes after review. I have a few questions before I see if I can make the changes:
|
Also BTW I have tested the app both on desktop and Android, and I must say the stability and reliability has indeed vastly improved, same for the registration process which creates a private key very easily and transparently, so I can confirm the app is ready for non-technical end user use as a text messenger (voice calls not available until Session migrates to the Lokinet network using UDP instead of TCP). It also now supports both public and private groups. The app on Android also asks on registration or first launch whether to use Google notification servers or not, in the latter case the notifications aren't immediate as the app needs to fetch updates itself, but it fully protects all metadata then. Very nice to have implemented this suggestion :D @KeeJef I have one suggestion about the registration process on desktop, it doesn't require the user to copy/save the private key as it does on mobile, so non technical users may unknowingly lose their account if they create one on desktop and aren't aware of how blockchains work. |
Yes, its actually something that we have an intern assigned to now, this issue should track progress oxen-io/session-desktop#1492
Theres no button in the app to do this, since we tend to prefer to continue to use good random routes rather than rotate users into potentially unstable routes, and depending on a users preferences for route selection allowing then to change their route could offer potential for some more subtle attacks.
Routers are Service Nodes in the Oxen blockchain network, the number of nodes and distribution can be found here https://oxendashboard.com/#5
Its going to take some time, we have just finished the core of liblokinet which should allow the mobile applications to more easily integrate with Lokinet, but its still going to take work, so its hard to give an estimation. For now we are OK continuing to use Onion requests, but we will need Lokinet integration for features like voice calling. |
Hmm this might be something we look into, if you wanted to file an issue for that we could look at it in an upcoming release |
Ok thank you for your clarifications. I think it's time to make a PR, we'll
see what the peer reviews says.
To mabe my job easier, could you please clarify the following:
About forcing a new route, i meant to do something like Tor Browser is
doing, such as simply relaunching the whole client to force generate a new
random route. I understand the security issuks otherwise. The issue you
linked to already asked for this feature for performance reason (ie,
unreliable network) instead of security but implementing it will fit both.
About the nodes, i can see thad they are well distributed over the world,
nice charts. Can you precise who are currently running these nodes? Users
of the Oxen blockchain who are incentivized by the proof of stake algo or
are most nodes yours at the moment?
Finally, could you please clarify how the whole ecosystem is connected and
what each piece is doing in the big picture? Before i think lokinet was
supposed to be the blockchain and llarp combined, but now it seems that
Oxen is the blockchain which provides TCP onion routing and encryption ,
Lokinet which will be the llarp fast udp onion network that will work in
tandem with Oxen. Session uses Oxen only for now and in the future will use
both Oxen and Lokined, switching transparently when fast data transfer is
needed. Is that an accurate overview?
Le mar. 11 mai 2021 à 05:49, Kee Jefferys ***@***.***> a
écrit :
… @KeeJef <https://github.com/KeeJef> I have one suggestion about the
registration process on desktop, it doesn't require the user to copy/save
the private key as it does on mobile, so non technical users may
unknowingly lose their account if they create one on desktop and aren't
aware of how blockchains work.
Hmm this might be something we look into, if you wanted to file an issue
for that we could look at it in an upcoming release
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#1678 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAIRFXUONJAQBF4IWYSVPPLTNCSLDANCNFSM4KOP2STA>
.
|
The vast majority of nodes in the network are run by community members, the largest single operator of Service Nodes in the network is the OPTF who runs about ~9% of the networks Service Nodes. Anyone can start a Service Node and begin earning rewards if they have the required stake to do so.
Session currently uses a system called onion requests for onion routing, which is TCP based, this system still uses the ~1750 Service Nodes to onion route all messages, but it doesn't use Lokinet. Onion requests are single shot, which means you send a request and get a response, they don't allow a user to hold a onion routed connection open with a Service Node or other Session client. Lokinet is a different onion router which can route any IP based protocol, it also uses the Service Node network to create routes through the network, however because Lokinet can route any IP based protocol it is much more versatile, and it can keep connections open with the Service Node network to be able to stream data. Lokinet is slated for future implementation, since it will help us provide voice calling and other functionality. |
@KeeJef FYI as Oxen/Lokinet fits the criteria (crypto + onion routing) to be a future target of such attack vector: https://www.techradar.com/news/cryptocurrency-users-targeted-by-tor-network-exit-nodes |
This is only really relevant for Lokinet, Session traffic doesn't exit the network in any way where it could be hijacked, Lokinet does have exits but doesn't have a publicly incentivised infrastructure yet, but yes we are aware of these issues in Tor. |
i agree it could be a problem but it is probably far less of an issue as lokinet exits are not picking from a giant pool of randos, you manually choose your exit so if some bad actor is running an exit no one will use it (free market regulating itself etc), additionally as @KeeJef pointed out, session wont be using exits anyways so it is probably not an attack that is in scope for it. |
Lokinet/Session aren't suitable for PTIO:
|
Please read the discussion pointed by @Victor239 but I don't think that this legislation impacts Lokinet/Session any differently than other communication softwares, so I'm not sure why this would make Session unsuitable for PTIO compared to competitors, if anything Session appears to be more resilient given its onion routing architecture that others lack. |
Basic Information
Name: Session (ex-Loki Messenger)
Category: Encrypted Instant Messengers - Decentralized
URL: https://getsession.org/
Platforms: Desktop (Mac, Linux, Windows), Android, iOS
Description
Session (new name of the Loki Messenger) is an anonymous text messenger initially forked from the Signal messenger but completely reworked 3-hops onion routing protocol on top of asymmetrically encrypted messages to anonymize all interactions. E2EE is always enabled and only lokinet users can be contacted through the app. Supports 1-on-1, private groups and public rooms text chats. No phone number nor any private information is required to register. App is cross-platform, available on Windows, Linux, Android, iOS. All open-source, including clients.
In the future, Session will migrate to the Lokinet network (ex LOKI blockchain), a blockchain initially forked from Monero which works over a LLARP (Low Latency Anonymous Routing Protocol) onion routing layer using faster UDP packets, that will allow voice calls. Indeed, Session currently only supports text messages for now due to using a TCP onion routing, but voice calls and maybe video are planned for later after migration to Lokinet (but no exact date planned)). It seems the blockchain is already online since years, but it's still in beta due to the LLARP protocol being tested out, whereas the blockchain technology used is relatively well established, the LLARP protocol is new and needs to be ironed out.
Why I am making the suggestion
Seems like a concurrent to BCM #1662, but it is entirely opensource (here for the messenger). The LLARP onion routing protocol is explained here and compared succinctly to TOR and I2P here (TL;DR: the goal is to retain the strong anonymity and security guarantees of both networks but with faster speed and easier network management - I can't describe more precisely as I am no expert). The messenger (Session) is discussed here. Blokt and SecureChatGuide reviewed it last year under beta (it still is but seems to be soon reaching the first stable release).
I think the messenger is the most directly useful part of the project right now, and hence the focus of this ticket, but the LOKI/LLARP network could also be added as an entry in Self-contained Networks (as suggested before #924) if someone with more expertise than me can understand the provided docs.
/EDIT: a technical preprint is available since 11/02/2020: https://arxiv.org/abs/2002.04609
/EDIT: Session's code was independently audited in April 2021: https://getsession.org/session-code-audit/
My connection with the software
No link, I am just interested in privacy protecting networks.
The text was updated successfully, but these errors were encountered: