SamSuka
The Hated One
The Hated One

patreon


What do you think of this? Consent-based decentralized anonymous chats.

This is a platform that attempts to make metadata resistant encrypted communications easy and feasible. No centralized platform (e.g. Signal, WhatsApp) is able to provide this level of anonymity and security by design. I mentioned Cwtch in my recent episodes and talked a lot about in my talks with Closed Ntwrk. This is a good explainer of the problem with centralized messaging platforms and the solution Cwtch provides. What do you think? 

Link: https://cwtch.im/

Comments

I like that it is built on TOR. I already run my own Matrix server for my family and am content with the E2EE and self-hosting aspect of that solution for my needs. This does remind me that I want to set up a TOR snowflake proxy to help that network out. I use TOR with my Umbrel Lightning and Bitcoin node. Though I don't use TOR for very much, I really like the project and the idea of helping that network. This is mostly why I run a bitcoin node. To learn, explore, and support the network. Cwtch is interesting. But the name is terrible. Cute, and appropriate given its definition. But terrible for general pronunciation. I see that as a stumbling block for such a nascent project hoping to find greater adoption. I guess I didn't see anything compelling enough for me to think it may be better than what I have. And running a Synapse server for family is not too hard. But it does take some energy on my part, of which I only have so much to go around.

Tim Le Pés

I am really hoping for their metadata protocol to kick off so that servers can mediate messaging in a trustless manner.

The Hated One

It's resilient to metadata surveillance. Matrix/XMPP and even Signal don't protect metadata of recipients.

The Hated One

I agree. Cwtch is trying to make communications resistant to metadata surveillance from server providers. They treat all servers as hostile. I think this is the way to go. So as a concept alone, I find it pretty solid. Now hopefully it will get implemented into something that's convenient for the masses.

The Hated One

It's similar in the anonymity tech, but Cwtch can manage multiple identities at once whereas with Briar you only have one per installation.

The Hated One

Yes, I thought about this too. I am considering doing podcast only.

The Hated One

Alfabet boys, especially global ones (NSA, GCHQ) can do timing and correlation attacks - comparing timestamps of entry and exit because they have the capability to observe both. So malicious exit nodes are not even the main attack vector.

The Hated One

I totally agree. But I am drawn in by the concept. I like the idea. Adoption is in the unknown future...

The Hated One

I really like the Idea and intention behind this project. From a Privacy and Anonymity perspective, this is certainly next Level. But I don't think it's gonna fly. The Peer-to-peer onion routed nature of the protocol makes it private by design, but also bad-user-experience by design. It is not possible for alice to send bob a message while he is offline. Sending of messages can only happen while both the sender and the receiver are online. And I think this is a deal breaker for 95% of smartphone users - me included. I don't want to be online all the time to be able to communicate with friends. I want to have the choice to go online whenever I want and receive all the messages that were sent in the mean time. Until they find a way to at least store the messages for 24 hours on some decentralized network, cwtch can never become mainstream, if only a few privacy enthusiasts use it, I don't see the point. Messengers get their value from their userbase, and with this approach I don't think it will grow substantially.

CopyCat

I think it’s an awesome project but far from adoption on a level where people will use it. The tools are awesome but how do we get people to give a shit in the first place?

Urban Armed

I think it's an interesting research idea, but it won't be a mainstream product in its current form. Many of its metadata protection claims also apply to Signal: the server doesn't know which messages belong to which groups, or who is in which groups, and the servers are not trusted. The requirement that 1:1 chats have both parties online is a deal breaker for most use-cases. The use of Tor onion services will make latency a problem. The inability to have multiple group admins limits flexibility. The re-use of a shared key for a group means you can't really kick people out of a group. And the lack of contact discovery will limit growth. Like Briar and Session, I see this as a niche product that small groups might use, but it will never pose a serious challengs to Messenger, WhatsApp, Line, or Viber.

Derek Morr

Think you only need the exit node to be compromised

spacedragon

wouldnt all the nodes your going through have to be compromised for the alfabet boys to see anything?

Robert Greensill

How is this different from Briar? Or is it similar?

No Name

This is really a key question category.

Peter

This comment does not relate to this video but a past item. Have been thinking about how much time you spend on video production. Having images is nice but not necessary for me. A lot of people I am watching now are presenting the reports themselves with minimal images. For me this is good enough. For you it would make this far more efficient and profitable.

GBNZ

How will compromise tor nodes (run by the alfabet boys) affect tracking. Is something like P2P (keet.io) not better?

spacedragon

I like it but it’s just text and it’s hard to convert friends because there no iOS app

iay

Why use this over Matrix or XMPP (With encryption)? Is there some killer feature I’m missing?

v0odoo


More Creators