Git-Mirrors/anarsec.guide
1
0
Fork 0
mirror of https://0xacab.org/anarsec/anarsec.guide.git synced 2025-06-23 05:54:17 -04:00
Code Issues Projects Releases Packages Wiki Activity

standarize em dashes

Browse source
This commit is contained in:
anarsec 2024-04-15 03:17:44 +00:00
parent d6f4ad9d2e
commit 5d9796b043
No known key found for this signature in database
12 changed files with 98 additions and 98 deletions
Download patch file Download diff file Expand all files Collapse all files

28
content/posts/e2ee/index.md
View file

@ -67,7 +67,7 @@ Once the server exists, contacts can be invited to use it. For asynchronous dire
Any Cwtch user can turn the app on their phone or computer into an untrusted server to host a group chat, though this is best for temporary needs like an event or short-term coordination, as the device must remain powered on for it to work. Fortunately, [Anarchy Planet](https://anarchyplanet.org/chat.html#cwtch) runs a public server that is suitable for long-term groups.
Asynchronous conversations on Cwtch need to be started from a synchronous conversation - you need to be online at the same time as your contact to invite them to a group, and then you no longer need to be online at the same time. In the future, Cwtch plans to improve this with [hybrid groups](https://docs.cwtch.im/blog/path-to-hybrid-groups/). Until this is implemented, you will need to establish your asynchronous Cwtch conversations by using a second channel to set a time for when you both need be on Cwtch.
Asynchronous conversations on Cwtch need to be started from a synchronous conversation you need to be online at the same time as your contact to invite them to a group, and then you no longer need to be online at the same time. In the future, Cwtch plans to improve this with [hybrid groups](https://docs.cwtch.im/blog/path-to-hybrid-groups/). Until this is implemented, you will need to establish your asynchronous Cwtch conversations by using a second channel to set a time for when you both need be on Cwtch.
You can learn more about how to use Cwtch with the [Cwtch Handbook](https://docs.cwtch.im/).
@ -87,7 +87,7 @@ Real-time messaging applications are particularly susceptible to end-to-end corr
**Need #3: Resiliency to exploits**
A vulnerability in any application can be targeted with exploits - a severe vulnerability can allow an adversary to hack your system, such as by permitting [Remote Code Execution](https://en.wikipedia.org/wiki/Arbitrary_code_execution). Cwtch libraries are written in memory-safe languages (Go and Rust) and Cwtch does [fuzz testing](https://openprivacy.ca/discreet-log/07-fuzzbot/) to find bugs. See the [Security Handbook](https://docs.cwtch.im/security/intro) to learn more. For public-facing project accounts, we recommend against enabling the "file sharing experiment" or the "image previews and profile pictures experiment" in the settings.
A vulnerability in any application can be targeted with exploits a severe vulnerability can allow an adversary to hack your system, such as by permitting [Remote Code Execution](https://en.wikipedia.org/wiki/Arbitrary_code_execution). Cwtch libraries are written in memory-safe languages (Go and Rust) and Cwtch does [fuzz testing](https://openprivacy.ca/discreet-log/07-fuzzbot/) to find bugs. See the [Security Handbook](https://docs.cwtch.im/security/intro) to learn more. For public-facing project accounts, we recommend against enabling the "file sharing experiment" or the "image previews and profile pictures experiment" in the settings.
**Need #4: For multiple project members to be able to access the same messages**
@ -97,7 +97,7 @@ If a project has multiple members, all of them should be able to access the same
>
>[**Briar**](https://briarproject.org) is another application that works in a similar way (with peer-to-peer and Tor), using the [Bramble Transport Protocol](https://code.briarproject.org/briar/briar/-/wikis/A-Quick-Overview-of-the-Protocol-Stack) (BTP). Briar's main distinguishing feature is that it continues to work [even when the underlying network infrastructure is down](https://briarproject.org/how-it-works/). It was [audited in 2017](https://code.briarproject.org/briar/briar/-/wikis/FAQ#has-briar-been-independently-audited). Unfortunately, Briar Desktop does not yet work with Tails or Qubes-Whonix because it cannot [use the system Tor](https://code.briarproject.org/briar/briar/-/issues/2095). Unlike Cwtch, to connect to a contact on Briar, you both have to add each other first. You can either exchange `briar://` links or scan a contacts QR code if they are nearby. [Briar Mailbox](https://briarproject.org/download-briar-mailbox/) allows asynchronous communication.
>
>[**OnionShare**](https://docs.onionshare.org/2.6/en/features.html#chat-anonymously) has a chat feature that creates an ephemeral peer-to-peer chat room that is routed over the Tor network. The metadata protection works in the same way as Cwtch; it uses the Tor network as a shield and stores everything (ephemerally) locally on the device running OnionShare. OnionShare doesnt implement any chat encryption on its own - it relies on the Tor onion services encryption. Cwtch and Briar both have more features (including the additional Tapir and BTP encryption protocols). The only advantage of OnionShare is that it is installed on Tails by default.
>[**OnionShare**](https://docs.onionshare.org/2.6/en/features.html#chat-anonymously) has a chat feature that creates an ephemeral peer-to-peer chat room that is routed over the Tor network. The metadata protection works in the same way as Cwtch; it uses the Tor network as a shield and stores everything (ephemerally) locally on the device running OnionShare. OnionShare doesnt implement any chat encryption on its own it relies on the Tor onion services encryption. Cwtch and Briar both have more features (including the additional Tapir and BTP encryption protocols). The only advantage of OnionShare is that it is installed on Tails by default.
<details>
<summary>
@ -161,11 +161,11 @@ Cwtch on Whonix does not guarantee Tor [Stream Isolation](/posts/qubes/#whonix-a
SimpleX Chat functions without persistent user IDs, which creates strong metadata protection. This means that an adversary can't easily observe how users are connected to each other in a network. This is possible because connection requests work by sharing an invitation link that is communicated through a separate channel, or in person. When connecting to another user you have the choice to use "Incognito mode", which creates a new random profile for each contact. This avoids sharing any data between contacts.
As a design choice to facilitate asynchronous communication, SimpleX Chat is not peer-to-peer - it uses decentralized servers that [anyone can host](https://simplex.chat/docs/server.html) and does not rely on any centralized component. Servers do not store any user information (no user profiles or contacts, or messages once they are delivered), and primarily use in-memory persistence. To understand what a server can and cannot see, read the [threat model](https://github.com/simplex-chat/simplexmq/blob/stable/protocol/overview-tjr.md#simplex-messaging-protocol-server).
As a design choice to facilitate asynchronous communication, SimpleX Chat is not peer-to-peer it uses decentralized servers that [anyone can host](https://simplex.chat/docs/server.html) and does not rely on any centralized component. Servers do not store any user information (no user profiles or contacts, or messages once they are delivered), and primarily use in-memory persistence. To understand what a server can and cannot see, read the [threat model](https://github.com/simplex-chat/simplexmq/blob/stable/protocol/overview-tjr.md#simplex-messaging-protocol-server).
Since SimpleX requires that users [place some trust in the SimpleX servers](https://github.com/simplex-chat/simplexmq/blob/stable/protocol/overview-tjr.md#trust-in-servers), **we recommend prioritizing Cwtch over SimpleX Chat for text communication with other anarchists, and using SimpleX Chat or Signal for voice and video calls**. Unlike Signal, SimpleX Chat doesn't require a phone number or smartphone.
If SimpleX is served with a warrant, their [privacy policy](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md) is quite specific. Servers have the [records of the message queues](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md#connections-with-other-users) and any [undelivered encrypted messages](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md#messages-and-files) - no data is stored that links the queues or messages to particular users, and the data which is stored is not very useful without access to the user's device.
If SimpleX is served with a warrant, their [privacy policy](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md) is quite specific. Servers have the [records of the message queues](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md#connections-with-other-users) and any [undelivered encrypted messages](https://github.com/simplex-chat/simplex-chat/blob/stable/PRIVACY.md#messages-and-files) no data is stored that links the queues or messages to particular users, and the data which is stored is not very useful without access to the user's device.
SimpleX Chat will work with Tor if used on an operating system that forces it to, such as Whonix or Tails. However, voice and video calls generally don't work very well over Tor regardless of which application you use.
@ -185,7 +185,7 @@ Real-time messaging applications are particularly susceptible to end-to-end corr
**Need #3: Resiliency to exploits**
A vulnerability in any application can be targeted with exploits - a severe vulnerability can allow an adversary to hack your system, such as by permitting [Remote Code Execution](https://en.wikipedia.org/wiki/Arbitrary_code_execution). For public-facing project accounts, we recommend that you set SimpleX Chat preferences to only allow text (prohibiting voice messages and attachments).
A vulnerability in any application can be targeted with exploits a severe vulnerability can allow an adversary to hack your system, such as by permitting [Remote Code Execution](https://en.wikipedia.org/wiki/Arbitrary_code_execution). For public-facing project accounts, we recommend that you set SimpleX Chat preferences to only allow text (prohibiting voice messages and attachments).
**Need #4: For multiple project members to be able to access the same messages**
@ -261,7 +261,7 @@ The Signal Protocol has a moderate amount of metadata protection; [sealed sender
Signal is not peer-to-peer; it uses centralized servers that we must trust. Signal will work with Tor if used on an operating system that forces it to, such as Whonix or Tails.
Signing up for a Signal account is difficult to do anonymously. The account is tied to a phone number that the user must retain control of - due to [changes in "registration lock"](https://blog.privacyguides.org/2022/11/10/signal-number-registration-update/), it is no longer sufficient to register with a disposable phone number. An anonymous phone number can be obtained [on a burner phone or online](https://anonymousplanet.org/guide.html#getting-an-anonymous-phone-number) and must be maintained as long as youre using it, which takes some technical know-how and likely some money, limiting the amount of people who will do this.
Signing up for a Signal account is difficult to do anonymously. The account is tied to a phone number that the user must retain control of due to [changes in "registration lock"](https://blog.privacyguides.org/2022/11/10/signal-number-registration-update/), it is no longer sufficient to register with a disposable phone number. An anonymous phone number can be obtained [on a burner phone or online](https://anonymousplanet.org/guide.html#getting-an-anonymous-phone-number) and must be maintained as long as youre using it, which takes some technical know-how and likely some money, limiting the amount of people who will do this.
Another barrier to anonymous registration is that Signal Desktop will only work if Signal is first registered from a smartphone. For users familiar with the [command line](/glossary/#command-line-interface-cli), it is possible to register an account from a computer using [Signal-cli](https://0xacab.org/about.privacy/messengers-on-tails-os/-/wikis/HowTo#signal). The [VoIP](/glossary#voip-voice-over-internet-protocol) account used for registration would have to be obtained anonymously.
@ -269,13 +269,13 @@ These barriers to anonymous registration mean that Signal is rarely used anonymo
In a recent [repressive operation in France against a riotous demonstration](https://www.notrace.how/resources/read/lafarge-case-the-investigation-methods-used.html#header-access-to-phone-contents-during-and-after-police-custody), the police did exactly that. Police seized suspects' phones during arrests and house raids, as well as targeting them through spyware, and then identified Signal contacts and group members. These identities were added to the list of suspects who were subsequently investigated.
The risk of a compromised device aiding the police in network mapping is partly mitigated by the [username feature](https://signal.org/blog/phone-number-privacy-usernames/) - use it to prevent a Signal contact from being able to learn your phone number. In **Settings → Privacy → Phone Number**, set both **Who can see my number** and **Who can find me by number** to **Nobody**. We recommend that you select a username and profile photo that won't be useful for establishing your identity. For voice and video calls, Signal reveals the IP address of both parties by default, which could also be used to identify Signal contacts. If you aren't using Signal from behind a VPN or Tor, then in **Settings → Privacy → Advanced**, enable **Always relay calls** to prevent this.
The risk of a compromised device aiding the police in network mapping is partly mitigated by the [username feature](https://signal.org/blog/phone-number-privacy-usernames/) use it to prevent a Signal contact from being able to learn your phone number. In **Settings → Privacy → Phone Number**, set both **Who can see my number** and **Who can find me by number** to **Nobody**. We recommend that you select a username and profile photo that won't be useful for establishing your identity. For voice and video calls, Signal reveals the IP address of both parties by default, which could also be used to identify Signal contacts. If you aren't using Signal from behind a VPN or Tor, then in **Settings → Privacy → Advanced**, enable **Always relay calls** to prevent this.
A private company that sells spyware to governments has a product called JASMINE that is [marketed to deanonymize Signal users](https://securitylab.amnesty.org/latest/2023/10/technical-deep-dive-into-intellexa-alliance-surveillance-products), based on the analysis of metadata.
>In its targeted interception mode which starts from a single target JASMINE has claimed it is able to identify communicating parties in encrypted but peer-to-peer applications [...] the JASMINE documentation explicitly claims support for identifying the IP addresses of participants in encrypted apps such as WhatsApp and Signal during voice and video calls where peer-to-peer connections are also used for calling by default.
>In its targeted interception mode — which starts from a single target — JASMINE has claimed it is able to identify communicating parties in encrypted but peer-to-peer applications [...] the JASMINE documentation explicitly claims support for identifying the IP addresses of participants in encrypted apps such as WhatsApp and Signal during voice and video calls where peer-to-peer connections are also used for calling by default.
>
>The JASMINE documentation also explains that by analysing encrypted traffic “events” for a whole country in mass interception mode JASMINE has the ability to correlate and identify the participants in encrypted group chats on messaging apps.
>The JASMINE documentation also explains that by analysing encrypted traffic “events” for a whole country — in mass interception mode — JASMINE has the ability to correlate and identify the participants in encrypted group chats on messaging apps.
A similar surveillance product would not work against Cwtch because it uses Tor by default. Without a Tor or VPN proxy, an adversary can see that you are connecting to Signal servers which is what enables this type of timing correlation attack. Although it is possible to configure Signal to use a VPN or Tor, it is opt-in so most people will not use it like this.
@ -292,7 +292,7 @@ Signal was designed to bring encrypted communication to the masses, not for an a
We recommend the [Signal Configuration and Hardening Guide](https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening/). As noted above, unless you are familiar with the [Command Line Interface](/glossary/#command-line-interface-cli), Signal needs to be registered on a smartphone before it can be connected to a computer. Install Signal the same way you would install any [app that doesn't require Google Services](/posts/grapheneos/#how-to-install-software) (we don't recommend F-Droid). If you are using Signal from behind a VPN (as [we recommend](/posts/grapheneos/#how-to-install-software)) then a relay for calls is redundant and should be turned off: **Settings → Privacy → Advanced**, disable **Always relay calls**
[Molly-FOSS](https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening/#molly-android) is a fork of Signal with hardening and anti-forensic features available on Android - we recommend it over Signal, and trusting the Molly team is made easier by its [reproducible builds](https://github.com/mollyim/mollyim-android/tree/main/reproducible-builds). Follow the instructions for [installing software that isn't available in the Play Store](/posts/grapheneos/#software-that-isn-t-on-the-play-store). You can [migrate from an existing Signal account](https://github.com/mollyim/mollyim-android#compatibility-with-signal). Turn on database encryption.
[Molly-FOSS](https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening/#molly-android) is a fork of Signal with hardening and anti-forensic features available on Android we recommend it over Signal, and trusting the Molly team is made easier by its [reproducible builds](https://github.com/mollyim/mollyim-android/tree/main/reproducible-builds). Follow the instructions for [installing software that isn't available in the Play Store](/posts/grapheneos/#software-that-isn-t-on-the-play-store). You can [migrate from an existing Signal account](https://github.com/mollyim/mollyim-android#compatibility-with-signal). Turn on database encryption.
<br>
</details>
@ -377,13 +377,13 @@ Anyone can send a message to a public email account regardless of whether the re
**Need #2: Resiliency to correlation attacks**
Email is not a real-time messaging application - this means that it is not particularly susceptible to end-to-end correlation attacks via time.
Email is not a real-time messaging application this means that it is not particularly susceptible to end-to-end correlation attacks via time.
No content padding exists to frustrate correlation attacks via message size in email protocols, but if you access the mail servers through Tor then the traffic is padded.
**Need #3: Resiliency to exploits**
A vulnerability in any application can be targeted with exploits - a severe vulnerability can allow an adversary to hack your system, such as by permitting [Remote Code Execution](https://en.wikipedia.org/wiki/Arbitrary_code_execution). Email can be accessed through webmail (via Tor Browser) or through a client like Thunderbird - these have different attack surfaces. For example, a Cwtch developer found an exploit to [turn Thunderbird into a decryption oracle](https://pseudorandom.resistant.tech/disclosing-security-and-privacy-issues-in-thunderbird.html) when it displays messages with HTML.
A vulnerability in any application can be targeted with exploits a severe vulnerability can allow an adversary to hack your system, such as by permitting [Remote Code Execution](https://en.wikipedia.org/wiki/Arbitrary_code_execution). Email can be accessed through webmail (via Tor Browser) or through a client like Thunderbird these have different attack surfaces. For example, a Cwtch developer found an exploit to [turn Thunderbird into a decryption oracle](https://pseudorandom.resistant.tech/disclosing-security-and-privacy-issues-in-thunderbird.html) when it displays messages with HTML.
We recommend using Thunderbird (which is available in Tails and Qubes-Whonix by default) with the setting to display email as "Plain Text" rather than as HTML: View → Message Body As → Plain Text. Most webmail will not function with Tor Browser in "Safest" mode.
@ -401,5 +401,5 @@ If a project has multiple members, all of them should be able to access the same
We do *not* recommend:
* **Telegram**: Telegram has no end-to-end encryption for group chats, and it is opt-in for one-on-one chats. The encryption doesn't use established protocols, and has had cryptographers describe it as ["the most backdoor-looking bug Ive ever seen"](https://words.filippo.io/dispatches/telegram-ecdh/).
* **Matrix/Element**: Matrix has a problem that is inherent in federated networks - terrible [metadata leakage](https://anarc.at/blog/2022-06-17-matrix-notes/#metadata-handling) and [data ownership](https://anarc.at/blog/2022-06-17-matrix-notes/#data-retention-defaults). It has no forward secrecy, the Element client has a large attack surface, and there is a [long list of other issues](https://telegra.ph/why-not-matrix-08-07). What's more, the developers are very friendly with various [national police agencies](https://element.io/blog/bundesmessenger-is-a-milestone-in-germanys-ground-breaking-vision/).
* **Matrix/Element**: Matrix has a problem that is inherent in federated networks terrible [metadata leakage](https://anarc.at/blog/2022-06-17-matrix-notes/#metadata-handling) and [data ownership](https://anarc.at/blog/2022-06-17-matrix-notes/#data-retention-defaults). It has no forward secrecy, the Element client has a large attack surface, and there is a [long list of other issues](https://telegra.ph/why-not-matrix-08-07). What's more, the developers are very friendly with various [national police agencies](https://element.io/blog/bundesmessenger-is-a-milestone-in-germanys-ground-breaking-vision/).
* **XMPP Clients**: Regardless of the client, an XMPP server will [always be able to see your contact list](https://coy.im/documentation/security-threat-model/). Additionally, server-side parties (e.g., administrators, attackers, law enforcement) can [inject arbitrary messages, modify address books, log passwords in cleartext](https://web.archive.org/web/20211215132539/https://infosec-handbook.eu/articles/xmpp-aitm/) and [act as a man-in-the-middle](https://notes.valdikss.org.ru/jabber.ru-mitm/).