onionmx VS tfc

This readme is quite insightful.

For anyone curious, onion to onion (and even non-onion to onion) works today if the involved SMTP servers know how to handle it. For example, the OnionMX project. https://github.com/ehloonion/onionmx

Great question! onion vhosts ([email protected] addresses) don't need that, as long as your client can resolve onion addresses (Gajim/Conversations have good tor integration, otherwise Tor's AutomapHostsOnResolve will do the trick systemwide but in that case your client may complain that the domain doesn't support TLS or with a wrong certificate).

"Advanced" connection settings is required when the vhost you are connecting to doesn't match the hostname you need to reach on the network. For example, if you're reaching your server over a VPN/SSH/IPSEC tunnel.

Another example is if you wish to login as [email protected] by reaching foobar.onion. This is useful if you want to be part of the broader Jabber federation, in which not every host supports federation over onion addresses (i'd be curious to make stats about that) but it still gives you the security guarantees of Tor when reaching your server (though not for server-to-server connections).

Onion name discovery for automatically upgrading to onion routing when Tor is available client-side is not yet specified within the XMPP ecosystem. Onion discovery in the HTTP ecosystem is usually done via Onion-Location HTTP header (HTTPS only), in the email ecosystem they use _onion-mx DNS SRV records: see https://gitweb.torproject.org/tor-browser-spec.git/tree/prop... and https://github.com/ehloonion/onionmx/blob/master/SRV.md respectively

Implementing something similar XMPP side would be easy. Prosody already has a community mod_onions, but currently only supports a static map of hosts to their onion addresses. It could use some love: https://modules.prosody.im/mod_onions.html

Another problem we face from a UX perspective for onion services is that currently XMPP server implementations are very strict about which node/resource messages are intended for, and to my knowledge none support aliasing systems as we have in the email world. In this specific example application of aliases, there's currently no way (that i know of) to have the same account across .org/.onion domains and having servers to know it's the same account in a federated manner, eg. to prevent you from adding the same person twice to your contact list.

All in all there's interesting challenges and none of them is really hard so if you'd like to get involved or just let us know about your ideas and expectations, feel free to drop by xmpp:[email protected]?join

>No e2ee app has compromised device part of their threat model.

Oh really, here's one I made earlier https://github.com/maqp/tfc :-)

>The whole OS can.

So how are you backdooring a bash script that comments out lines of code from Linux source before compiling it?

You lying to policy makers with "it can be done" mindset sound like a stupid con that burns a lot of money and time in the process.

But as I said, it is way easier to install Pegasus on your phone or to grab / steal the unlocked phone from your hand, than break any of these. If you want absolute privacy, you should think about your physical security, and the trustworthiness of your devices before choosing the right chat app. Check the Tinfoil Chat for more information.

TFC

There is software that lives up to these claims, it's Tinfoil Chat. The article is correct about the necessary trade-offs: due to peer to peer transport (onion hidden service 2 onion hidden service) both ends of the conversation have to be online -- it at least spools the message waiting for the recipient to appear.

For hole punching and signaling that has to be done by third party, well, the third party is TOR

TFC then goes on to break out the encryption and decryption machines from the network and passes messaging over opto-couplers to prevent your keys from getting exfiltrated. Qubes qrexec could similarly isolate the components.

https://github.com/maqp/tfc

> If you want maximum security use an air gapped computer. But that won't let you send messages on the go.

You can, with some inconvenience, use optical diodes to transmit data from a trusted input device to an untrusted network device for transport over tor, and then push the received messages over a second diode to a display device that decrypts the messages, so that even if you receive an exploit/malware, there is no physical connection that allows unencrypted data to be exfiltrated.

https://github.com/maqp/tfc

Briar is one of the most important secure messaging projects currently. Not only does it remove the need to trust the vendor about content (like with all E2EE messaging apps), you also get to keep the metadata about communication to yourself as data transits from one Tor Onion Service to another.

The downside is of course, you need to keep the endpoint powered on when you want to be reachable so it will increase the battery drain on your phone.

Note: There's also a desktop client if that's easier to keep online https://briarproject.org/download-briar-desktop/

One extremely important thing Briar is doing, is it's using the P2P as means to host alternative social interaction formats, like forums and blogs. Similar to Signal/WhatsApp stories (which is somewhat similar to microblogs/FB wall), it's a way to indirectly share information. You could pretty much emulate any social media platform on top of E2EE protocol with ~zero infrastructure cost and without having to worry about data mining. I'd argue what Briar's innovating on here is one of the most important aspects in what's left for secure messaging.

Finally a small caveat: Briar will share your Bluetooth MAC address with all peers so it can automatically use that when you're in close proximity with your peer. Thus sharing your Briar ID publicly is not a good idea for two reasons:

1) major global adversaries may have access to that information (e.g. if Google aggregates it) which can deanonymize your account. This also allows slightly technical person to confirm identity of briar account if they suspect it's you (a bit wonky threat model but still).

2) it ties everything you do across your accounts on same device together, so there's strong linkability even if you rotate the identity key by reinstalling the app.

Briar is pretty clear about this in it's FAQ, but it's still not very well known although it definitely should be.

---

That being said, if you want similar Onion Service based communication with no such linkability, there's https://cwtch.im/ which is a fantastic project.

There's also https://www.ricochetrefresh.net/

Both are spiritual successors to John Brooks' `Ricochet` application.

You can also chat and share files (among other things) with https://onionshare.org/

(And finally, you can get remote exfiltration security for keys/plaintexts with TFC https://github.com/maqp/tfc (my personal work), at the cost of losing some features like message forwarding etc that the architecture prevents you from doing.)