Can you guys suggest some reliable and secure selfhosted IM service? I’m kinda in a very bad spot right now, so any centralized messaging wouldn’t really work. And yeah, state sponsored mass surveillance is a question of concern. Sorry for odd phrasing, just really at a loss.
I heard of matrix, XMPP (heard good things about snikket.org), SimpleX and even some IRC wizardry over TOR. And I actually tried matrix (synapse server), but found it not reliable enough - sometimes skips a notification, periodic troubles with logging in, weird lack of voice calls on mobile client, and some other irritating, tiny hiccups. I’m open to any suggestion, really, even open to trying matrix once again. Just, please, describe why you think one option is better than the other.
And just FYI, use case is simply texting with friends and family, while avoiding state monitoring. Nothing nefarious
This too would likely require compromising at least one of the devices or at the very least compromising both users’ ISPs or some other fairly detailed and highly targeted attack, but none of that would require compromising Signal’s servers and would make any system’s key exchanges vulnerable, even self hosted systems.
Simply compromising Signal’s servers might allow disrupting key exchanges from succeeding and thus making it impossible for those users to communicate at all, but not MITM really, at least if we assume there aren’t defects in the client apps.
The key exchange is much more complex than something like TLS and designed specifically so that the server can’t interfere. With true e2ee the key never passes through the server. This isn’t like many other apps that say e2ee, but really mean end to server gets one key and server to end gets another and decryption and re-encryption happens at the server to allow users to access older messages on new devices and stuff like that. Signal just connects the users to each other. The apps do the rest.
They could probably do something if they totally took over the entire Signal network infrastructure, but it’s definitely not something they could do undetected. But if a government took over the entire infrastructure, security conscious people would stop using it immediately thus not really worth the monetary and political cost. Otherwise China and others would have already done that to all secure communications. And again, not Signal specific.
Huh - you’re right. I went back to Signal’s X3DH spec because I was sure I was right, but it seems I misremembered how the “prekey bundles” work: Users publish these to the server, allowing (in my original assumption) for the server to just swap them out for a server/attacker-controlled key bundle for each Alice and Bob.
However, when Alice wants to send Bob an initial message and she gets a forged prekey bundle, Bob will simply not be able to derive the same key and communication will fail, because Bob knows what his SPK private key is, while the server only knows the public key.