Robert's blog
Robert Važan

Secure IM: Problem solved?

Quick review of existing secure chat alternatives, including TextSecure, Silent Circle, Telegram, Cryptocat, OTR and Pidgin.

I usually use whatever messenger my peers are using. That's mostly Skype and very rarely Google Talk. There are however situations where security takes precedence over size of the network. Skype was once secure, but these days everything goes through Microsoft's and NSA's servers. Google Talk doesn't even pretend to be secure.

Secure from what? Most chat clients use at least some pretentious security, which is enough to hide your conversations from roommates sharing the same WiFi. Some chat clients (usually from the big companies, not the cheesy startups) use TLS in a way that actually protects you from ISP-level interception, which is done mostly by local authorities.

Assuming that these big companies (Google Hangouts, AIM, Facebook) aren't themselves mischievous and they are able to control their own employees and suppliers (which isn't always done thoroughly as they have been proven guilty of neglect before), the only remaining issue is that their respective government (mostly US, Russian, or Chinese, the wannabe superpowers) can easily use lead pipe cryptanalysis against them, then delegate this power through laws and courts to ordinary police officers and whatever organization wants to protect its IP by performing deep anal inspection on you.

Since no one wants to walk around with microphone stuck up their ass, we will look for some sane end-to-end encrypted chat clients. Handily, EFF put together a nice overview of secure (and not so secure) messengers.

The bad news is that all the new and cool stuff is designed for phones. TextSecure/RedPhone seems solid and it's free contrary to the business-oriented Silent Circle. But is there something for us old-fashioned desktop guys? EFF lists three such apps/platforms: Telegram, Cryptocat, and OTR over Pidgin.

Telegram is the funny one. Its really weird crypto algorithms were the source of much fun and much criticism. Telegram responded with ad hominem, phony crypto competition, and ridiculously enough, saying that their users don't really care about security, so why provide one? Then their weird crypto turned out to be broken as expected by everyone. These guys are high-profile Russian entrepreneurs who say they want to build an app that resists Russian FSB spying. I think they achieved the opposite by luring people away from real security.

Cryptocat is simple and secure and it works on desktop. Cool, except... It's not an instant messenger the way you know it. It's an encrypted chat room. You enter chat room name and nick and you can start chatting. No buddy list. Chat room name must be non-trivial to prevent guessing as otherwise there is no security. This long and secure chat room name must be typed each time. That's not what I want. I want the messy crypto done once, not every time I want to send single message.

So that gets us to OTR and Pidgin. And 3rd party network since Pidgin has no native network. Three components to get up and running to see any results. That's what discouraged me initially. After trying lots of weird networks with little success, I settled for AIM. After installing OTR into Pidgin, I've made a test and finally it works! I confirmed by opening the same chat on AIM website. AIM showed encrypted messages while my two test clients decrypted everything nicely.

There are some caveats though. Fully encrypted chat networks tend to be vulnerable to spam. Anti-spam is core security these days, because nobody is going to use chat clients full of spam. Spying-obsessed government won't hesitate to flood any secure network with spam just to divert its users to less secure networks that are easier to spy on.

Another caveat is that all software is downloaded off the Internet just like websites. Chat clients (Pidgin or OTR) don't provide any easy way to verify authenticity of the download and they will likely need to be updated time to time. Desktop clients like Pidgin are thus no more secure that JavaScript clients running inside browser. JS is actually more secure since it is sandboxed. Or perhaps I should finally stop using Windows. Linux distros sign their binaries while Andoid will sandbox the apps.

Finally, there's the bright future: WebRTC. There are tons of apps for video chat and file transfer, but I see no emerging app for simple text chat. It could be done, I think, but nobody bothered for some reason. Ignoring the issue with trust in site's JS for the moment, WebRTC still has one extra problem with authentication. All the file sharing and video sites require link to be shared via out-of-band channel. Some directory, buddy list, and per-buddy (not per-session) authentication would be handy.