Ask HN: Why does P2P encrypted messaging still suck?
I chat with my teammates (who are ready to agree on a particular messenger)
So, far we've tried
1. Telegram - The problem here is that E2E encrypted messaging (secret chat) is not available on the desktop.
2. Tox - Works everywhere but qtox crashes randomly on Mac. Antox also doesn't work well on Android either. Utox crashes randomly on Linux. Qtox has no way to disable notification on Linux.
3. Whatsapp - You always need your phone android
4. Signal - Message syncs is very slow if you switch between desktop/phone often.
I've reported these issues to all these projects but it's been a long time and nothing resolved so far.
The situation is still pathetic. What do you recommend?
200 comments
[ 2.7 ms ] story [ 234 ms ] threadMatrix.org + Riot.im are a pretty solid combination. Plus, you can bridge to IRC.
I tried this recently. I really wanted it to work. However, it was a complete mess, mainly frequent (and prolonged) disconnects on the bridge. For folks who primarily use Matrix but would like to occasionally pop into IRC channels, it's probably OK. For folks that need a reliable IRC connection, don't bother.
There is nothing inherently broken with Matrix <-> IRC bridges, it is just that one server. Other servers are bridging to IRC perfectly fine and you are welcome to host your own.
There's some work that can be done to proxy some of the load off into separate workers, but Synapse is pretty darn awkward to work with.
https://github.com/matrix-org/dendrite
HOWEVER, we have been working incredibly hard at optimisation over the last few months, and we have order-of-magnitude algorithmic performance improvements on the horizon over the coming weeks. https://twitter.com/matrixdotorg/status/979049079568240641 etc. There's also a port to python3 happening which should improve RAM by 2-3x given python3 stores strings in utf8 rather than python2's utf32.
But as many others have stated, its inability to work without exchanging phone numbers is a show stopper for many uses cases. Especially now that my country requires SIM registration with valid IDs.
Ah, and will try Keybase soon, although the downside of these switches are that I need to convince people around me to use them too..
Hosting the server (synapse) yourself takes about 15 minutes to setup.
I highly recommend it.
I've forgot to mention, we've also tried Riot Matrix.
UX was simply not there and app felt oriented towards the very technical audience. My teammates had a problem with this.
I take issue with having to provide a cell phone number for Signal. I just hope Tox clients get more polished and more usable as every client I've used except toxic has been terribly buggy.
Overall, I'm also not a big fan of Signal's hostility to federated protocols (https://signal.org/blog/the-ecosystem-is-moving/), so I'm more optimistic about Wire in the long run.
So, if you use Secret chat on mobile and go to desktop, you'll not see it!
Switching back and forth between secret and not secret is troublesome especially when the other side doesn't know if you are on desktop or mobile to check availability for secret chat.
Note that Telegram secret chats are end to end encrypted (default chats are not) but you're still dealing with the Telegram server (not peer to peer)
IMO IRC is still the best chat experience.
If you run and control your own ircd the risks of snooping by the ircd admin are about the same as if you unknowingly have a rootkit/advanced peristent threat installed on your end point client workstation.
For example, if the purpose of this requirement is to keep a business team's communications out of the hands of other businesses, then local IRC+SSL accomplishes that, even though the local administrator can still snoop on it. Being able to say that company secrets never left the company was a big hit with our investors, and it didn't matter that it was technically possible for our sysadmin to snoop on them because he had physical access to all our workstations anyway.
If you don't have a trusted administrator, all is not lost. Each user can run their own ircd on the same VPN. It's less convenient to set up but any IRC client can handle multiple servers. Again, it depends on your requirements. (Are there 5 users, or 5000?)
Like any other technology, IRC can be used as part of a secure system. It has the advantage that it's free and easy to run yourself. Without knowing more context, though, it may or may not be practical.
Disclaimer: I do NOT work for keybase, just a big fan of it.
https://keybase.io/blog/keybase-new-key-model
It's a shame; the app has a very good user experience otherwise.
Because no one wants to pay for it.
I've noticed over the past few years that a lot of things go un-made because there's an assumption that no one will pay for something if it's done really well.
The reality is a lot of people will pay for something if it's done really well.
I'd easily pay $10/month for Facebook, if Facebook really had some way to shut off 100% of its marketing-based data things that we're all so worried about.
Thing is that people became allergic to asking outright for money from consumers a while ago. I used to buy software, and I still will if someone actually makes great software!
(I pay for all sorts of services that actually ask; Dropbox, a password manager, Spotify, Netflix, extra space on Gmail, etc. Provide an actually great service, make it a reasonable price and I'll pay!)
Things that are free get about 10x more adoption than non-free equivalents, and chat clients are software that have network effects.
SpiderOak is a good company.
I've had a free storage account with them for years. I didn't log in for 3 years and when I logged in my data was still sitting there, safe and sound. Pretty nice for a free tier.
Actually, I'm dumfounded that that can happen at all. Lost messages are trivial to detect and to correct, how can that happen with that setup?
https://www.process-one.net/en/ejabberd/protocols/
When you compare actual XEPs needed [0] for good mobile and desktop multi device service then Community supports them too! (except one: roster versioning but that matters if you have hundreds of contacts).
[0]: https://github.com/siacs/Conversations#xmpp-features
Did you try conversations.im server that is known good for comparison?
As for the configuration yes, it would be nice if it came pre-configured with modern suite, but it doesn't. It still can be configured and as far as I can see from the tester the effort is not that high.
2. Tox - p2p
3. Whatsapp - Not p2p
4. Signal - Not p2p
Putting the above aside: If Tox doesn't work for you, your best mobile-friendly options are: 1) Signal and 2) as others have mentioned Matrix - if you want a self hosted and federated solution.
[edited: addendum] i now realize you probably mean p2p-encrypted messaging. Damn semantics of non-formal languages!
If there is a third party involved, you are not p2p.
About a decade ago, the phrase "hub-and-spokes network" was thrown around to describe an architecture with a central server that acted as the mediator. The term "p2p" became popular in this context. (
Napster, bittorrent, tox are all "p2p" because they don't connect to single server. Skype is not "p2p" because all packets go through the skype servers.
Really? I have iOS here, WhatsApp works fine here and the web app version (https://web.whatsapp.com/) also works fine.
All bets are off, now that it's FB's beast, but the two device solution was intended as a privacy feature, afaik.
I sat next to Pasha Sadri, the web client lead, for 4 months before the acquisition. He mentiond the problem a few times.
The fact it took another 2 years to get the client out seems to indicate that multiple problems were solved in other ways.
The private keys are only stored on the phone. With WhatsApp you have a session key via the At code you scan. All messages first go to the phone, which decrypts and reencrypts using the session key. Quite sophisticated, but sometimes slow and not working if the phone has no network connectivity or power.
I stopped development after Apple got sued for secure p2p video chat with the original version of FaceTime, seeing as Hum was also going to support secure multiparty p2p video chat. Unfortunately VirnetX (and by extension, the US military) owns a patent that would have made deployment of Hum difficult without an expensive legal team.
It's not too hard to imagine that the real reason you don't see many p2p encrypted communication platforms is US military-sponsored patent trolling. This aligns with their mass surveillance interests.
Can you link to said patents?
[1] https://arstechnica.com/tech-policy/2017/10/full-scale-of-ap...
Edit: Added the link.
can be read as either
Why is it possible for [situation] to affect open source efforts?
or
In what way(s) has [situation] affected open source efforts?
It seems like the sort of thing that would have been talked about on the internet a lot.
I am not aware of any lawsuits or patents on this, could you send links / share your story more?
[1] https://hackernoon.com/so-you-want-to-build-a-p2p-twitter-wi...
I otherwise can't imagine how to bootstrap a network.
Maybe users could pay to receive messages.
Pay to recieve a possibly unsolicited message?!
That's insane.
If a user's address is private tho, then asking them to pay to receive messages should be as sensible as the degree to which they protect the distribution of their address.
Facebook started with a narrow target: students of some uni. Look for another similar group of persons, that want privacy and don't mind spending a few dollars.
Edit: Whatsapp (everybody here in Spain has it) was a paid app at first. They gave one year away... eventually they made it free, around the time that Facebook bought it.
But you're still probably right overall. Marketing to businesses or teams within businesses is probably the best bet.
(Sucks as defined by OP)
Open source has proven that volunteers can deliver a barebones, fully functional program, but you need corporate sponsorship to grow that into a high quality software product. Again, it's the money.
It takes a few maintainers per platform and a few people willing to lead the effort, but I think we could get enough people on Hacker News to help out.
(I've actually been debating making an "Ask HN: Would you join this effort?" post but have been putting it off for one reason or another.)
https://blog.torproject.org/sunsetting-tor-messenger
"We, the people" is such a fragile concept when it comes to resource stability (time, money, dedication). Looking at a project like Linux, there are commercial interests that fund a large part of the pipeline.
Running the actual network and developing the various messenger clients add a layer of organizational complexity that, in my perspective, only private companies have been able to honor, and only to the extent described by the OP.
One could settle for less Service, but then we have XMPP with various encryption schemes. Too complex to set up.
The ideal would require no servers, because the chat would be fully peer to peer. People wanting to be anonymous could just connect through Tor. (Each user account is just a private key, etc, etc.)
Of course, in reality everything is behind a NAT and/or firewall. It wouldn't be too difficult to have "dumb" servers that just exist to pass messages hosted by the community though.
It turns out that the skills that the company has acquired by doing this pays back with consulting contracts.
Short of that, consider if you actually need "P2P encrypted messaging" - if you're doing business-type things then you should probably use a business-type messaging solution. Slack is pretty good. IRC is fine if you're slightly more paranoid, it just doesn't have UX on par with a commercial solution.
Find any HIPAA-compliant messaging product and you'll get most of what you actually need (vs think you want), but be prepared to pay much more for it than for a regular chat client.
Not to mention needing to buy ETH some how and than paying for every message?
https://github.com/ethereum/wiki/wiki/Whisper
It's also true that there is no confirmation that the message reached the recipient (in order to provide dark routing). This can be built on top of Whisper in a separate communication protocol.
Only problem is that it currently doesn't allow you to send yourself stuff, making it less useful than telegram was...