There are times when the Tech Geek perspective has you running off to “roll your own” only to find out dozens of others have already “gone there”. I was focused on P2P Peer To Peer data sharing and how to layer services on top of that. Where others had gone on to F2F Friend To Friend systems.
Lately I’ve been looking at the next layer up from “provably secure computer” to “secure and private communications”. My (tech guy) POV was to start with a VPN and then add layers on top of it for things like voice and email. Turns out there are applications that already have the bundle up and running.
Now it will not be secure against a determined TLA (Three Letter Agency) as they can penetrate the vendors and download sites (and even create false apps that you think are safe but are compromised.) But few of us are of interest to the TLAs. For most folks, the desire is to just not get spam about Depends because you sent an email to an incontinent friend in the hospital, or have that “Buy this boat!” ad following around everyone in the house because you Googled boats… it is more than enough.
The key phrase to search is “Friend To Friend” or F2F networking.
Interesting sidebar:
This also turns up non-computer “friend to friend” shares that can also be interesting. My first search found a network of farmers looking to bypass the big Agra-Business control of seeds.
https://www.farmersbusinessnetwork.com/
Then there’s another one for financial transactions without banks:
This article describes it:
https://www.masternewmedia.org/news/2005/06/27/p2p_can_cut_banks_out.htm
Conceived by Ryan Fugger and quite formally defined by Sylvain Poirier, Ripple is a P2P monetary system based on trust that already exists between people in real-world social networks.
By cutting out the institutional middlemen, Ripple is both more community-oriented and more efficient as a means of exchange.
The Site: https://ripple.com/
So looks like this whole bypass Central Authority and Central Services thing is catching on ;-)
F2F For Data / Communications
First off, a Wiki List:
https://en.wikipedia.org/wiki/Friend-to-friend
A friend-to-friend (or F2F) computer network is a type of peer-to-peer network in which users only make direct connections with people they know. Passwords or digital signatures can be used for authentication.
Unlike other kinds of private P2P, users in a friend-to-friend network cannot find out who else is participating beyond their own circle of friends, so F2F networks can grow in size without compromising their users’ anonymity. Retroshare, WASTE, GNUnet, Freenet and OneSwarm are examples of software that can be used to build F2F networks, though RetroShare is the only one of these configured for friend-to-friend operation by default.
Many F2F networks support indirect anonymous or pseudonymous communication between users who do not know or trust one another. For example, a node in a friend-to-friend overlay can automatically forward a file (or a request for a file) anonymously between two friends, without telling either of them the other’s name or IP address. These friends can in turn automatically forward the same file (or request) to their own friends, and so on.
I’d mentioned Retroshare (and the version on the Raspberry Pi called PiShare) in a series of off topic comments here:
https://chiefio.wordpress.com/2018/08/14/feynman-physical-law-locality-of-conservation/#comment-99007
And the larger context posting is here:
https://chiefio.wordpress.com/2018/08/13/computer-security-privacy-functions-an-overview-questions/
But the others in that Wiki quote also ought to be investigated / evaluated.
There is also a Friends Collective of sort pushing F2F and distributed “altruistic” non-Central Services. This, too, is something that needs a look-see:
http://www.altruists.org/projects/ge/ff/
Along the way I ran into this interesting application:
https://twin.me/en/
Own your life online
User
“You” define how you are represented (name & image) to each of your contacts individually. You control your image and can change it at any time.
List
“White list” of personal contacts = only those “you” allow to get in touch with you. “You” decide who can reach you, how and when.
People
You are free to be open and interact with unknown people, including complete strangers. “You” can revoke a contact you do not want to hear from anymore at any time.
Spam
No unsolicited messages or calls, no harassment, no spam! “You” are in control!
and it’s free!
PEER-TO-PEER
No server in between to store exchanged content = messages always remain in the communicating devices.
OWN YOUR LIFE ONLINE
Mobile messaging & High Definition (HD) audio/video calls with freedom & privacy.
TWINME DOES NOT ACCESS NOR STORE
twinme does not access nor store any user private data. It does not peek into your device address book(s).
No Personal information
No personal information is required to use the service = no sign up with a phone number, email address or social network ID.
So literally “There’s an App for that!”
Now this does require that you TRUST the app builder and TRUST the download site; so since we don’t know the app builder and we do know that Google is in the bag with TLAs and Apple is slowly going there, I’d not use this for things TLAs might be interested in. Still, as a “quick get me running” with at least the corporate data vampires out of your neck; it looks pretty good.
Just for fun, I’m going to install it on my Android Tablet (if it isn’t too old and not supported…)
At that point I’ll need someone to test against, but I’ll cross that bridge when I get there.
As the Apple product is fairly secure, I could see using this for things like sharing gossip with friends and / or arranging meets. Were something TLAs or local police might be upset about being discussed, I’d not trust it beyond indirect or hinted text. While it in theory ought to be secure against that, you really do not know the two major trust points: the creator and the download site. (Why open source matters. You can check the code as can everyone else and you can compile it yourself so don’t need to trust the download binary).
This site also looks interesting as a place where folks are already doing the evaluation work:
https://www.deepdotweb.com/2017/12/19/messaging-apps-comparison/
Messaging Apps Comparison
Posted by: Puppie December 19, 2017 in Articles, Featured 4 Comments
With the attack on privacy in todays world, having a means of secure messaging is more imperative than ever and within the world of the dark net and drugs this couldn’t be more true. Everyday it feels like big brothers shadowy talons are clawing us in and taking away more of our civil liberties and freedoms but with this has come the need to fight back. Because of this many feel that email is becoming an outdated means of communication with its centralized nature, lack of default encryption, requirement of trust and its bleeding metadata.
In this article I’ll be exploring some popular email alternatives and how they stack up against each other with the intent of showing you the options you have available as you face this brave new world. It’s important to remember that for a service to be truly useful it must be accessible by everyone and work universally across devices and different OS. Before we continue a few key points.
One “takeaway” in all this is just that the “problem” may be an embarrassment of riches. Choice in a complicated field of many players. That article limits to “accessible by everyone and work universally across devices and different OS” so will tend to ignore a great solution that only runs on a known secure environment system. Still, those widely used are most likely to be well debugged and reliable.
His key points:
PGP encryption is still viable option an can be used with all these services, it should always be used when sending any sensitive content for extra protection.
Always use Tor or another anonymity service.
Installing these services on your system for darknet use can open you up to potential compromise, always verify your sources and preferably keep them separate, I would recommend using a dedicated VM.
Some notes about those points:
1) PGP. So say you were using “twin.me” to communicate. You mostly trust it, but would like a bit more. Well, you call your friend on the phone or meet at a public place and say “My encryption key is ‘One by one they ran into the valley of death’ so use that to open files I send you”. Now you can use the probably secure system to send an encrypted text file with the actual message in it. Even if the communications system is backdoored, they get nothing of interest.
2) Using TOR. To be truly anonymous, you must in some way hide your IP address of origin. That’s what the TOR engine does. Not everything needs this. Say I’m sending a “dirty picture” of me at the beach to my partner; I don’t really care if anyone knows that me and my wife communicate with each other. Were I sending directions on making hash oil to someone who sells me cocaine, well, I’d want the fact that “we’ve met” to be more hidden. (This example is used because you can find how to make hash oil on the open internet… and I don’t do coke, so the example can’t be used against me.)
3) Darknet. It is a shady place full of folks doing bad things, and The Feds (and national police from many nations) running stings and trying to catch the folks doing bad things. If you “go there”, it really is a good idea to do it via a “sock puppet” on a virtual machine somewhere else (and preferably that can not be traced back to you.) That’s way beyond what most of us need or care about. But, if that fits your use case: Learn to make and use VMs on providers in a few different nations and then have them do your TOR routing to final destination. Use an encrypted P2P / IPSEC tunnel to get to your VM and “rotate your shields” often… Make sure your VM does NO logging…
They only found three products to review based on those limits. One of them was Retroshare, but they also found i2pbote and Bitmessage. I’ll need to learn about those two and figure out which I like most, but for now I’m keen on Retroshare just because there is an open source Pi port of it and it does more than I need.
Here’s their write-up on Retroshare:
Retroshare
Official Site
Open Source– Yes
Decentralized– Yes
Hidden Metadata– Yes
External Security Audit– Yes, fixed promptly.
Message Speed Test– Instant with online nodes
Forward Secrecy– Yes
Compatibility– Windows, Mac, Linux, Tails (not official but possible), Whonix (incomplete), Qubes (incomplete)
Retroshare is a decentralized F2F where you make connections directly to the users of your choice which makes spying on communications near impossible. Because of this you’ll need to establish a line of communication with the intended recipient first to ensure you are connecting to each other. Retroshare sends messages directly which means both nodes will need to be online to connect and chat, indirect messaging can be done by both nodes having a common connection in between them to relay the message. It can be run over i2p or Tor; Tor use requires setting up a hidden service which some may find difficult but can be a great learning experience. I personally had no success setting it up in Whonix or Qubes with Tor but had success using it over i2p, you must use an anonymity with Retroshare or else everyone you connect to could see your IP address. Learn how to install Retroshare here.
Retroshare offers wide range of services; IM, email, file sharing, VoIP , video calling, forums and channels making it by far the most feature rich anonymous messaging platform available. This wide range of features including the need for direct connections can make Retroshare less desirable for security conscious users as it increases your attack surface and still requires an external means of communication to start off. The lack of complete support for Whonix and Qubes also means many users will be using it with Tails, Windows or Linux on the same machine they do their darknet business on. Even though it offers some of the best protection I wouldn’t recommend Retroshare for our needs as it requires trust between users and faces difficulty in widespread adoption.
So he doesn’t recommend it but for exactly the reason I like it: You must know the person your working with. Remember I’m in that P2P mindset. I know my peers; or they are not my peers. I’m not running a darknet business advertising openly and selling hand-grenades to folks I don’t know, some of whom are FBI. Not my use case.
So, say I wanted to share some political private discussions with Larry L., I’d set up a direct trusted connection between us as I have a pretty good feeling about him and know his attitudes. I’m fine with that. This isn’t a drug deal with someone I don’t know who might be a nark, so I don’t need the “anonymity” feature. Further, if I did for God Only Knows what reason, I could run this from a “sock puppet” machine at a public WiFi hotspot and / or route through TOR (despite the slowdown of things…)
So that’s the direction I’m going. A test of twin.me and a trial install of PiShare / Retroshare.
If folks have some other option they would like explored or prefer, holler at me in comments. This isn’t set in stone, it is just where my “first look” is sending me.
Here’s the links to the other two that were evaluated if anyone wants to look them over;
https://i2pbote.xyz/
i2pBote is an asynchronous email client operating over the i2p network meaning communications are delayed which can add to your anonymity but can make communications slow and inefficient. These messages are kept in a distributed hash table for 100 days before they are deleted. Since i2pbote operates over the i2p network you will need to install that first, this makes installation on Tails unrecommended and with Whonix and Qubes, more difficult. The installation of i2p can seem daunting but is not out of a noobs grasp with proper research, learn how to install i2p here and i2pbote here.
Not keen on “slow and inefficient” nor a 100 day residency time. The i2p network is a good product, but I’m not so sure this is the best way to communicate for simple privacy.
https://bitmessage.org/wiki/Main_Page
Bitmessage is a trustless, decentralized P2P encrypted messaging platform that works similar to Bitcoin with each message requiring a proof of work. Message and metadata is encrypted and distributed throughout all nodes on the network but only the address the message was intended for can decrypt the received messages. Messages that are sent to an offline node are rebroadcasted every 2 days indefinitely with a decreasing difficulty of work, . There may be some older or low power machines that may have difficulty running Bitmessage due to the CPU work required.
OK, nicely trustless, but I’m not keen on the workload aspect nor on my encrypted message being circulated forever…
In Conclusion
F2F looks like the whole solution and not roll your own on top of P2P. I’m going to try two examples (one an app and one an open source install). If there are more of interest, I’ll eventually find them or folks can point me at them.
Subscribe to feed
