Tor Messenger beta debuts, promises unlogged Jabber for all The Tor Project has launched what some say is the easiest-to-use encrypted chat tool for the truely paranoid. The beta version of Tor Messenger, which routes conversations through the global Tor network, is the culmination of about two years work and follows the launch of an Alpha version last February. Tor Messenger is …
Indeed so. I thought no-one would be as utterly dire and against the freedom of the individual as Jackboots Smith, but Mrs May seems to be up there with the best, which is odd, because one of Call me Dave's pledges in the 2010 election was that he would be getting rid of a lot of state snooping, and I'm sure he wouldn't have lied to us...
I find this a little misleading.
Okay, OTR encryption. Tor network. Good so far.
And then it talks XMPP? That's not so good. That requires a server, with DNS and a TLS certificate. To use that server, it has to be up, you have to know where you're talking to (e.g. fred@mydomain.com) and a Tor endpoint has to have that conversation with you. There's some authentication, yes, but a lot of that reliance is on the domain name and TLS corresponding (which certificate roots, are we just going allow the user to trust any certificate they first see from a server? Are people really going to go and double-check that they are talking to the correct IP for that DNS and that the hashes on the certificates match their expected server? Or are we going to need a full certificate chain back to a known root? Neither option solves both parts of a "simple yet secure" goal). That server could easily be logging the conversation, too, but let's assume that you know your intended party, check their IP or certificate hash, trust their server and otherwise check that they are who they say they are.
Well, that still leaves a lot open. They kind of skip over the server-metadata thing: Though the conversation may be encrypted, the existence of the connection/conversation can be inferred - the metadata itself may be hidden, but the knowledge that someone spoke to fred@mydomain.com isn't - because some Tor endpoint is doing that part for you.
And they could presumably log that conversation. Encrypted conversation, yes, but it can still be logged by that endpoint and potentially decrypted (or you forced to decrypt) at a later date. Are we using PFS for this? And OTR tends to be something we add AFTER the connection is established. The OTR over XMPP I've seen (a while back, I admit) is nothing more than a plugin to the server/client that encrypted the messages sent over the (insecure) underlying protocol. I'm not even sure most OTR uses PFS itself. And if we're tying this into the underlying protocol of XMPP - also the basis for Google Talk at one point, I believe - then we still have a problem with correlation attacks and metadata. You're going to talk to your friend on Twitter / Google and trust that it's Twitter / Google services? Have we not exposed that as a problem already? You have to check that it *is* Google, trust Google to pass on messages verbatim and not be a MITM on the OTR and check that the user on the other end of the OTR *was* your friend. That's not making things simple.
So, is this any easier than just using OTR in your XMPP client over Tor? A couple of options turned on for you that you may have missed, etc. but why do we need a fancy client at all, can't it just be a wrapper / configuration guide around existing programs rather than another binary that nobody will bother to check the hash of when they download it? And one of the bug tickets is full of them trying to switch logging options off on one of the components and failing miserably to do this completely several times over - the ticket was still open right next to the one about Windows 10 but only rated "Medium". After 2 years of testing?
I'm not at all convinced that this is, or can be made, safe *AND* click-here-simpleton-level software.
"I'm not at all convinced that this is, or can be made, safe *AND* click-here-simpleton-level software."
But given the intelligence level of the average Intenet user, turnkey simplicity MUST be the goal or they'll take the rest of us with them as the Internet becomes Big Brother. We can't even reliably stay off the Internet anymore as its reach grows even without our consent.
> but the knowledge that someone spoke to fred@mydomain.com isn't - because some Tor endpoint is doing that part for you.
There's a very good chance (I haven't looked) that the recommendation will be to talk to a jabber server via an .onion, which means you won't be using an exit.
That also addresses (in part) your certificate concerns - if you hold the private key for the hidden service, there's a good chance I'm talking to the right server.
If I'm trying to use an XMPP server on the clearnet, then yeah something is inavoidably going to have to connect for me. Which, if someone else is able to defeat the TLS, is going to reveal some metadata. But it's arguably better than if OTR wasnt in use at all.
> Are we using PFS for this?
Every OTR plugin I've seen lately supports it, so it'd be unforgiveable if the answer wasn't yes.
> The OTR over XMPP I've seen (a while back, I admit) is nothing more than a plugin to the server/client that encrypted the messages sent over the (insecure) underlying protocol.
Correct. But the whole security/usability tradeoff comes into play here. XMPP is used all over the place, so you have the ability to use a wide array of servers.
Better alternatives exist but require specific client/servers. I've got a client installed that I've only used to talk to one person because noone else uses anything that supports the protocol.
> not be a MITM on the OTR and check that the user on the other end of the OTR *was* your friend
IOW you need to do key exchange and verification properly rather than blindly trusting. Most OTR plugins make this easier, though its still reliant on both ends taking it seriously
> I'm not at all convinced that this is, or can be made, safe *AND* click-here-simpleton-level software.
I think you're right. Whilst we want the masses to have encryption, the reality is most of them don't care, and the second you mention verifying a key fingerprint they lose what little interest they might have had.
and those who want to use it can. My dad used to say, "You can lead a horse to drink but you can't make him water." Or something like that. So the greater majority that doesn't care can keep their heads in the, um, sand, while those that always wanted to do something about it and were too intimidated by a technical interface now have an option. Tor Messenger. Bravo!
> At the least gets meta-data like IP addresses.
You mean the Tor Exit node IP's? Not necessarily much use, certainly not compared to if the user had gone directly to the server.
OTR's being used, so they can't (for a given level of can't) see the message contents, so what they get is the time the messages were sent, and which user id sent and received. It's still better than nowt from their PoV, but it's also better than the alternative from the user's PoV.
There's also the option (though that already existed anyway) of running your XMPP server as a Hidden Service, so then LE have to work harder to locate the server and then get about the same level of bugger all about it's users.
There's quite a lot of security there, it's not bulletproof for sure, but it's a marked improvement over the status quo (and the aim of the software is more about service providers than LE)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
