What do you think of this? Consent-based decentralized anonymous chats.
Added 2022-11-26 18:29:03 +0000 UTCThis is a platform that attempts to make metadata resistant encrypted communications easy and feasible. No centralized platform (e.g. Signal, WhatsApp) is able to provide this level of anonymity and security by design. I mentioned Cwtch in my recent episodes and talked a lot about in my talks with Closed Ntwrk. This is a good explainer of the problem with centralized messaging platforms and the solution Cwtch provides. What do you think?
Link: https://cwtch.im/
Comments
I like that it is built on TOR. I already run my own Matrix server for my family and am content with the E2EE and self-hosting aspect of that solution for my needs. This does remind me that I want to set up a TOR snowflake proxy to help that network out. I use TOR with my Umbrel Lightning and Bitcoin node. Though I don't use TOR for very much, I really like the project and the idea of helping that network. This is mostly why I run a bitcoin node. To learn, explore, and support the network. Cwtch is interesting. But the name is terrible. Cute, and appropriate given its definition. But terrible for general pronunciation. I see that as a stumbling block for such a nascent project hoping to find greater adoption. I guess I didn't see anything compelling enough for me to think it may be better than what I have. And running a Synapse server for family is not too hard. But it does take some energy on my part, of which I only have so much to go around.
Tim Le Pés
2022-12-05 03:32:38 +0000 UTCI am really hoping for their metadata protocol to kick off so that servers can mediate messaging in a trustless manner.
The Hated One
2022-12-02 18:21:19 +0000 UTCIt's resilient to metadata surveillance. Matrix/XMPP and even Signal don't protect metadata of recipients.
The Hated One
2022-12-02 18:20:27 +0000 UTCI agree. Cwtch is trying to make communications resistant to metadata surveillance from server providers. They treat all servers as hostile. I think this is the way to go. So as a concept alone, I find it pretty solid. Now hopefully it will get implemented into something that's convenient for the masses.
The Hated One
2022-12-02 18:19:47 +0000 UTCIt's similar in the anonymity tech, but Cwtch can manage multiple identities at once whereas with Briar you only have one per installation.
The Hated One
2022-12-02 18:18:20 +0000 UTCYes, I thought about this too. I am considering doing podcast only.
The Hated One
2022-12-02 18:17:46 +0000 UTCAlfabet boys, especially global ones (NSA, GCHQ) can do timing and correlation attacks - comparing timestamps of entry and exit because they have the capability to observe both. So malicious exit nodes are not even the main attack vector.
The Hated One
2022-12-02 18:16:58 +0000 UTCI totally agree. But I am drawn in by the concept. I like the idea. Adoption is in the unknown future...
The Hated One
2022-12-02 17:47:55 +0000 UTCI really like the Idea and intention behind this project. From a Privacy and Anonymity perspective, this is certainly next Level. But I don't think it's gonna fly. The Peer-to-peer onion routed nature of the protocol makes it private by design, but also bad-user-experience by design. It is not possible for alice to send bob a message while he is offline. Sending of messages can only happen while both the sender and the receiver are online. And I think this is a deal breaker for 95% of smartphone users - me included. I don't want to be online all the time to be able to communicate with friends. I want to have the choice to go online whenever I want and receive all the messages that were sent in the mean time. Until they find a way to at least store the messages for 24 hours on some decentralized network, cwtch can never become mainstream, if only a few privacy enthusiasts use it, I don't see the point. Messengers get their value from their userbase, and with this approach I don't think it will grow substantially.
CopyCat
2022-11-29 11:30:37 +0000 UTCI think it’s an awesome project but far from adoption on a level where people will use it. The tools are awesome but how do we get people to give a shit in the first place?
Urban Armed
2022-11-27 19:18:09 +0000 UTCI think it's an interesting research idea, but it won't be a mainstream product in its current form. Many of its metadata protection claims also apply to Signal: the server doesn't know which messages belong to which groups, or who is in which groups, and the servers are not trusted. The requirement that 1:1 chats have both parties online is a deal breaker for most use-cases. The use of Tor onion services will make latency a problem. The inability to have multiple group admins limits flexibility. The re-use of a shared key for a group means you can't really kick people out of a group. And the lack of contact discovery will limit growth. Like Briar and Session, I see this as a niche product that small groups might use, but it will never pose a serious challengs to Messenger, WhatsApp, Line, or Viber.
Derek Morr
2022-11-27 15:00:12 +0000 UTCThink you only need the exit node to be compromised
spacedragon
2022-11-27 02:44:32 +0000 UTCwouldnt all the nodes your going through have to be compromised for the alfabet boys to see anything?
Robert Greensill
2022-11-27 01:55:10 +0000 UTCHow is this different from Briar? Or is it similar?
No Name
2022-11-27 01:10:51 +0000 UTCThis is really a key question category.
Peter
2022-11-26 23:26:16 +0000 UTCThis comment does not relate to this video but a past item. Have been thinking about how much time you spend on video production. Having images is nice but not necessary for me. A lot of people I am watching now are presenting the reports themselves with minimal images. For me this is good enough. For you it would make this far more efficient and profitable.
GBNZ
2022-11-26 22:44:18 +0000 UTCHow will compromise tor nodes (run by the alfabet boys) affect tracking. Is something like P2P (keet.io) not better?
spacedragon
2022-11-26 20:00:31 +0000 UTCI like it but it’s just text and it’s hard to convert friends because there no iOS app
iay
2022-11-26 19:01:23 +0000 UTCWhy use this over Matrix or XMPP (With encryption)? Is there some killer feature I’m missing?
v0odoo
2022-11-26 18:36:24 +0000 UTC