Ayo here, from Hipmob. We released this peer-to-peer chat on top of the same SDK that runs our live support chat product which powers thousands of monthly conversations. This makes it drop dead easy to let your users talk to each other, and enables image & audio sharing in chat. Happy to answer any questions directly and more features are coming soon - ping me at ayo (at) hipmob dot com.
Femi from Hipmob here: we think we're reasonably secure. All communication to our communication network uses TLS: text, audio files or images are all encrypted in transit to/from the handset, and all authentication requests are over HTTPS.
We don't read or use any UDIDs, IMEI values or other handset specific information for authentication: we generate our own identifiers (and allow the developer to specify one if they choose). There are some conveniences you give up if you don't use handset specific info, but we can work around those and it makes sleeping at night a lot easier.
It would be more difficult to set it up to protect users' messages. Government will also come after you for not being able to tap into communications with a warrant.
It's all besides the point. This is a chat product not billed as being extremely secure. Just easy to use.
Is it actually peer to peer? Based on your website's working, it looks like you send messages between two people, but use your servers to do so, which isn't exactly P2P in the traditional sense (ie. BitTorrent, etc).
You're correct - it's not network peer to peer. We route all messages through a server, which allows us do things like async messages (storing messages sent while users are away). To the user, it just looks like p2p though - exchanging messages with one another.
I came here because I had the same question regarding P2P. Definitely confusing. I might look into changing your branding around "peer to peer". More like "one to one".
If there's a third party doing store and forward or even just forwarding traffic, it is not "p2p". At least, not as I understand what p2p means. So any service that purports to be peer-to-peer ("p2p") should be able to show you exactly how the data moves from one peer to another to prove that the system is truly peer-to-peer. And they should do that without asking. If they won't show you this, I would be very skeptical. "p2p" looks to be a potential "big data" style buzzword to sell stuff. I hope I'm wrong.
If it is being used this way, that's a shame. Because peer-to-peer is really a goal worth working toward. It's the way the internet was supposed to work.
Understood - our meaning is peer-to-peer from the user perspective (rather than as a networking standard). Definitely didn't intend to use this as a buzzword. The service we're providing is real-time and async messaging and the best way we went about doing that (best in this case meaning conforming to end user expectations, who want to be able to send messages to their friends who might be offline at any particular moment in time) is with a server based approach. Will adjust our copy to reflect that this isn't p2p from a network perspective.
15 comments
[ 4.2 ms ] story [ 39.7 ms ] threadWe don't read or use any UDIDs, IMEI values or other handset specific information for authentication: we generate our own identifiers (and allow the developer to specify one if they choose). There are some conveniences you give up if you don't use handset specific info, but we can work around those and it makes sleeping at night a lot easier.
It's all besides the point. This is a chat product not billed as being extremely secure. Just easy to use.
You're doing the normal thing, and it's probably appropriate. I'm interested in hearing about products that do different things, so I asked.
Btw, government will not come after you for not being able to tap into communications. Where did you get that crazy idea?
Edit: sorry, I didn't realize you weren't speaking for Hipmob.
If it is being used this way, that's a shame. Because peer-to-peer is really a goal worth working toward. It's the way the internet was supposed to work.
Would love to learn more - you can shoot me a message at ayo [at] hipmob dot com.