I gather Telegram is bad. What’s better? Signal?
Note: Telegram and Signal are both affected by Amazon and Google pulling the plug on domain fronting. Azure cloud (Microsoft) maybe next.
Is the risk mostly in the info (that I knowingly type) not staying encrypted / confidential all the way through, or in the application leaking other data, e.g. about the system / content saved or used by other apps / IP / network etc?
I can live with the first risk by being very careful in the content so it won’t identify me, but the second is a major issue.
Whonix-Workstation is isolated from the host and Whonix-Gateway. Even if an application such as Telegram was misbehaving or malicious it could not access sensitive information such as:
- external IP Address (real IP)
- hardware serials
- host system time. Whonix uses sdwdate.
However, any user information on Whonix-Workstation would be accessible.
The risk is in end-to-end encryption.
You can be as careful as you want, but it only takes 1 mistake. There have been cases where people much more experienced than you or I are able to stay anonymous for 20 years… then they make 1 mistake then they are de-anonymized. And these are the people doing everything they are supposed to do.
My questions is, why use an encrypted messaging app if you’re not worried if your message stayes encrypted end-to-end?
At any given point in time I assume my chat counterpart may be compromised or even malicious to begin with. So even end-to-end encryption won’t help and I have to make sure I never disclose any identifiable information of any kind anyway. This doesn’t mean I like everyone on the way to just view everything at will, but it’s a lesser risk then data leaks. Think about it as SSL/TLS with clearnet sites. It’s not going to guarantee anything (forged/stolen certificates, ssl stripping, unreliable CAs, compromised site etc) but you still want to have it, right?
I also try to avoid having any identifying data in the workstation. But even non idenfying data may probably be valuable for an attacker to get a bigger picture about me and look for weak points and mistakes.
Perhaps use a separate VM just for that then.
The point I was trying to get across is use the most secure messaging app you can find and not use apps with known flaws. It just good practice/OPSec. As you mentioned using care with the information you share with other users is a good idea since in there is no way of knowing:
- Who they share that info with
- If there system is secure, compromised etc
- if they have the app configured correctly
Good idea/recommended. Very easy if you use Qubes OS
Both Telegram and Signal require your phone number. It’s a non-starter.
So, I figure my best bet is to use XMPP with OTR encryption.
Any recommended XMPP client then?
- Pidgin - I read in the above link it should be avoided, actually it’s listed under “deprecated”. But Tails include it by default?
- I had a look at bitmessage site, the first thing you see is a notice of remote code executions incidents that looks very similar in nature to the warnings here about Pidgin.
- Ricochet IM - only in Whonix 14?
- Gajim then? Micah Lee write about it in the link below (a bit old article though), security bugs are still mentioned:
Despite being written in Python (and thus generally invulnerable to buffer overflow attacks), Gajim has a history of a critical vulnerabilities. Up until late 2011, it was possible to forge a link such that when a receiving Gajim user clicks on it, arbitrary code would be executed on the Gajim user’s machine.
This was taken from the Whonix wiki before Pidgen was depreciated. FYI Tor messenger is now depreciated by upstream dev
Pidgin supports most protocols. However do not use it. It has a very bad security track record with many remotely exploitable bugs - a result of being written in C and containing many legacy protocols. There is no reason to use it when Tor Messenger is now available.
You can go with Gamjum for Whonix 13, then Ricochet for Whonix 14.
May also be of interest to you for Whonix 14…
Thanks. I installed Gajim and done the modifications as in the link above.
Don’t like it much at first sight. It allows unencrypted communication.
I added an OpenPGP key and assigned it to a contact. For some reason, I can’t toggle the End to End encryption, only the OpenPGP encryption. OK, maybe good enough. So I tried to communicate with someone (a test), and he didn’t set his own key. Gaijin still indicates “OpenGPG encryption is active and authenticated”. But when trying to converse, he couldn’t read my messages, and I got cleartext messages from him (Gaijim indicated “The following message was NOT encrypted”).
I guess that can be solved if both sides are more knowledgeable, but at first sight it looks too easy to make a mistake with this app. I think enforcing only encrypted messages by default (or not having the option of non-encryted messages at all) is what I look for.
Although Whonix 14 has not been blessed stable you can still use the images since all of the known serious bugs have been fixed. The only thing holding up this up is creating and testing New Qubes templates. (Have to upgrade all (VBox, KVM, Qubes) Whonix 13 -> 14 at same time)
Agreed. When I tested Gajim OpenPGP is noticed the same issues. Gajim OpenPGP is obviously unfit for prime time.
any reason to avoid coyim? seems like it’s the simplest pidgen and tor messenger replacement. it’s in the stretch repos.
None. It’s on our roadmap but lacks offline communication. Something like cwtch would both be metadata free and offline. However it needs to be packaged and tested because its extremely bleeding edge.
Have you tried it with OMEMO? How do you enable encryption then? Is it a menu option or a per contact thing?
Gajim is the only offline messaging solution currently and has compatible XMPP clients on mobile. Its in our interest to make it work and give it our absolute attention.
May be good. But… Reference?
coyIM phabticket. All that was required was to confirm it does stream isolation by default(?)
Yes. We don’t have a ticket. No ticket, likely it will be forgotten.
Offtopic: should I open tickets for preload?
Reading over there website it seems they have implemented end to end encryption. They also claim to have handed over 0 user data to 3rd parties. They also have moved locations to avoid regulations.
Why isn’t this mentioned as a viable option more often? Is there any critical security flaw I am not seeing here? It has also been audited, as compared to qtox which is provided by default in whonix 15, which is experimental software, ie could have critical vulnerabilities