Bitcoin Forum
November 19, 2024, 04:37:02 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: Secure messengers: are there any?  (Read 1956 times)
TeamButtcoin
Sr. Member
****
Offline Offline

Activity: 466
Merit: 500



View Profile
July 23, 2015, 02:26:16 PM
 #21

I use XMPP+OTR (with Pidgin on Desktop and Xabber on Android), Tox (qTox on Desktop), TextSecure, Bitmessage, and RetroShare on a daily basis. Each serve their (different) purpose. I'd like to see the all-in-one solution, but oh well...


that's a lie because in actuality 0 people use retroshare

     ███▄▄  ▄▄███
██▄▄   ▀▀████▀▀   ▄▄██
 ▀▀███▄▄      ▄▄███▀▀
█▄▄  ▀▀███▄▄███▀▀
█████▄▄  ▀▀▀▀  ▄▄
██  ▀▀███▄▄▄▄███▀
██      ▀▀██▀▀     ▄▄▄
██   ▄▄        ▄▄███▀▀
██   ▀███▄▄▄▄███▀▀
██▄     ▀▀██▀▀     ▄▄▄
▀▀███▄▄        ▄▄███▀▀
    ▀▀███▄▄▄▄███▀▀
        ▀▀██▀▀
graIn..
.
The Backbone of
Modern Work Agreements.
███████████████
████▀▀▀▀▀▀▀▀▀▀▀
████ ██████████████████
████ ██
████ ██
████ ██
████ ██
████
████
████
████


█████████████   █████

.Whitepaper.
█████   █████████████


████
████
████
████
██ ████
██ ████
██ ████
██ ████
██████████████████ ████
▄▄▄▄▄▄▄▄▄▄▄████
███████████████

Quote
herzmeister
Legendary
*
Offline Offline

Activity: 1764
Merit: 1007



View Profile WWW
July 23, 2015, 02:58:57 PM
 #22


that's a lie because in actuality 0 people use retroshare

that's the point, to make it look like that from outside Wink

https://localbitcoins.com/?ch=80k | BTC: 1LJvmd1iLi199eY7EVKtNQRW3LqZi8ZmmB
ThomasVeil
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250


View Profile
July 23, 2015, 07:04:29 PM
 #23

Nxtty: Anonymous, End-to-end Encryption, uses Blockchain, has permanent message destruction - but it's not Open Source as far as I see.
Here's nxxty on google play, the Apple version is planned.

Was just told that the anonymous user registration and encryption is handled via Nxt - and Nxt is open source. That could alleviate some concerns.
dsattler
Legendary
*
Offline Offline

Activity: 924
Merit: 1000


View Profile
July 24, 2015, 06:40:18 AM
 #24

Have you seen this secure messenger scorecard?

https://www.eff.org/secure-messaging-scorecard

Bitcointalk member since 2013! Smiley
hodlbananas (OP)
Member
**
Offline Offline

Activity: 72
Merit: 10


View Profile
July 24, 2015, 10:01:51 AM
 #25

Have you seen this secure messenger scorecard?

https://www.eff.org/secure-messaging-scorecard

I did; none of those messengers are P2P AFAIK, which brings us to the point of this problem.

What do you guys think prevents people from building a convenient, easy-to-use blockchain-based P2P mobile app?

Well, I do know what - the incredible strain any PoW protocol puts on a mobile device and the amount of storage needed for the whole blockchain. So far the only solutions to this were different sorts of "crutches": like making a remote PC be a PoW whore for your phone, which means that you either have to set up a node on your computer and have it running 24/7, or pay someone to do that for you, which isn't what many people would call an "optimal solution".

What do y'all think can be done with a PoW system to make it applicable for mobile devices?
g1974ak
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
July 24, 2015, 10:09:07 AM
 #26

I don't think that there are some messenger secure. The big brother hear everything he want. Even some of messengers or one of those seems secure I don't believe that this is true. Before Snouden no one knew that existed that "wonderful" system of surveillance which surveid even the presidents, prime ministers or chancellors of the most important countries of the world. So, who don't exist some secret surveillance for every kind of messenger?

Don't panic people. Don't do subversive things and you are alright !!!!  Grin
herzmeister
Legendary
*
Offline Offline

Activity: 1764
Merit: 1007



View Profile WWW
July 24, 2015, 01:18:10 PM
 #27

you don't need proof-of-work for a p2p messenger. maybe a little bit of hashcash to prevent spam. but even that would be just one of several possibilities.

tox is conceptually fine as it is, it just needs more developers, and on a more professional level at that.

the long-term solution would be all-purpose integrated p2p systems like storj or maidsafe.

https://localbitcoins.com/?ch=80k | BTC: 1LJvmd1iLi199eY7EVKtNQRW3LqZi8ZmmB
hodlbananas (OP)
Member
**
Offline Offline

Activity: 72
Merit: 10


View Profile
July 27, 2015, 02:34:29 PM
 #28

you don't need proof-of-work for a p2p messenger. maybe a little bit of hashcash to prevent spam. but even that would be just one of several possibilities.

tox is conceptually fine as it is, it just needs more developers, and on a more professional level at that.

the long-term solution would be all-purpose integrated p2p systems like storj or maidsafe.

I agree with the last point, that's what I was getting at for the most of the discussion. There are already p2p integrated solutions, but they're mostly in their infancy and thus don't enjoy much popularity, hence no network utility.

This has got me thinking: actually, I think using desktop PCs as PoW slaves for mobile devices wouldn't be such a bad solution as I initially believed, it just has to be done in a convenient way. And the messaging system will probably have to include a financial transaction feature in addition to messages themselves, to ease the process of payment to such remote nods.
herzmeister
Legendary
*
Offline Offline

Activity: 1764
Merit: 1007



View Profile WWW
July 27, 2015, 02:53:11 PM
 #29

the only thing that tox is missing conceptually in the current protocol is a storage facility, so that true offline messages can be implemented (right now both parties have to be online at the same time eventually for "offline" messages to be delivered). but that's the only missing thing that would be expected from a proper messenger, really.

and as soon we're talking storage layer we're in storj/maidsafe land. maidsafe claims to work without pow/blockchain. their security is based on a "proof-of-resource" and a node ranking system (there's still debate going how/if it can be secure enough). you can run a farmer though on your 24/7 online desktop box to provide storage space for others, to earn some of the integrated safecoins. but your devices will run under your same account, so apps could provide very much convenience in such a system, much more so than in today's internet/web where you need to maintain hundreds of logins/passwords.

https://localbitcoins.com/?ch=80k | BTC: 1LJvmd1iLi199eY7EVKtNQRW3LqZi8ZmmB
hodlbananas (OP)
Member
**
Offline Offline

Activity: 72
Merit: 10


View Profile
July 27, 2015, 10:40:25 PM
 #30

the only thing that tox is missing conceptually in the current protocol is a storage facility, so that true offline messages can be implemented (right now both parties have to be online at the same time eventually for "offline" messages to be delivered). but that's the only missing thing that would be expected from a proper messenger, really.

and as soon we're talking storage layer we're in storj/maidsafe land. maidsafe claims to work without pow/blockchain. their security is based on a "proof-of-resource" and a node ranking system (there's still debate going how/if it can be secure enough). you can run a farmer though on your 24/7 online desktop box to provide storage space for others, to earn some of the integrated safecoins. but your devices will run under your same account, so apps could provide very much convenience in such a system, much more so than in today's internet/web where you need to maintain hundreds of logins/passwords.


RE tox: that's actually quite a glaring issue. Do they have plans for introducing the feature?

Yeah, I imagine the team that would develop a similar system for messaging could also set up their own semi-official farmer nod and allow anyone to use it for free/some token fee to allow newcomers to join in for an acceptable price, in exchange for the lessened security such a centralized option implies.
hodlbananas (OP)
Member
**
Offline Offline

Activity: 72
Merit: 10


View Profile
July 29, 2015, 02:18:44 PM
 #31

Hey guys, I have a question: do you think a truly secure p2p messenger should rely on the use of blockchain or some other technology to ensure the complete privacy?

Personally, I can see several quite obvious problems with blockchain-based apps, which are the size of the blockchain itself and the excessive amount of computational resources needed to run a PoW algorithm. But even with all those disadvantages, I don't think there is really a different option for a truly secure app.

What do you guys think?
RodeoX
Legendary
*
Offline Offline

Activity: 3066
Merit: 1147


The revolution will be monetized!


View Profile
July 30, 2015, 06:42:35 PM
 #32

a related WARNING about messaging.

At next months black hat conference in Vegas a new exploit will be detailed that allows an attacker to attack most any android phone just by sending a video by SMS. The video contains a payload that could lead to a complete takeover of your phone. Any android after 2.2 is susceptible and, unlike other attacks, you do not have to even view the message. Just sending it is enough and all the attacker needs is your number.
All you can do now is (on some phones) disallow auto download of messages and NEVER DL A VIDEO ON AN ANDROID PHONE!!!!!!! After the conference it will only take weeks for this exploit to move into the wild.


The gospel according to Satoshi - https://bitcoin.org/bitcoin.pdf
Free bitcoin in ? - Stay tuned for this years Bitcoin hunt!
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!