Announcement

Collapse
No announcement yet.

GNU's Ring Continues Trying To Be Like Skype/WhatsApp For FLOSS/Privacy-Minded Fans

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • GNU's Ring Continues Trying To Be Like Skype/WhatsApp For FLOSS/Privacy-Minded Fans

    Phoronix: GNU's Ring Continues Trying To Be Like Skype/WhatsApp For FLOSS/Privacy-Minded Fans

    Ring that joined the GNU project in late 2016 to focus on decentralized, multi-device communication has high hopes for 2018...

    http://www.phoronix.com/scan.php?pag...=GNU-Ring-2018

  • #2
    Hoes does it differ from Tox?

    Comment


    • #3
      Originally posted by shmerl View Post
      Hoes does it differ from Tox?
      Tox does not use TLS for encryption. It uses NaCL library. So I would expect Tox to be more secure. TLS had a lot of problems over the years.
      Last edited by stikonas; 02-05-2018, 04:31 PM.

      Comment


      • #4
        I was really excited about Ring a few years ago. It hat much much much better (lower) battery & data consumption then Tox on Android. But sometimes messages weren't delivered and I never knew if they arrived at the other end and where the problem was.

        There are a bunch of things unclear to me or bad designed in my opinion:
        - Asks for a password on account creation. The password is used when you want to add another device to your account. Ask for a password when it is first used!
        - No file transfer. Without in-chat Picture/video transfer, this will never get widespread adoption
        - Global name registration. Every remotely popular name will be instantly taken, Its not 1995 anymore where this works. Either go [email protected], so ideally you have the same alias as your Mail address. Add some prove of work and/or backup to a blockchain if you want to prevent the mail provider from impersonating people. Or use a Pet-Name system.
        - Is the Ethereum Naming Contract even truly decentralized? Who pays the gas for the contract and can anyone add names to it without going through their API?
        - Give me more details about the connection! There is a Turn Server pre configured. (Turn routes all the voice/video data over a centralized server.) Tell me when it (isn't) used.
        - "Identity managed by X.509 certificates" is that supposed to be a good thing? I guess it may have something to do with the sip compatibility...
        - "OpenDHT collects and saves metadata. This makes it possible for eavesdroppers to observe the traffic on some DHT node and see who is talking to whom."

        ... I'll stop here, I probably forgot a lot of stuff. Maybe I'll give it another try when they implemented inline file transfer. It doesn't really look well engineered, but if it works...

        *edit* Still nice to see they gave a talk with new information instead of their usual general "Ring is awesome" talk.
        Last edited by Mathias; 02-05-2018, 05:13 PM.

        Comment


        • #5
          I'm not sure that "distributed" is better than "decentralized". Clearly, all proprietary/centralized communication tools are evil, and sooner or later are turned against their users. But making every single device an "equal peer" to me does not provide sufficient benefit while at the same time demanding scarce resources from mobile devices.

          But I applaud if Ring some day delivers audio/video live as reliable as "Conversations" (or XMPP/OMEMO in general) deliver non-live messages today.

          Comment


          • #6
            If i understood the pdf correctly, mobile devices will connect to proxy nodes instead of being full nodes. On Iphones, that will be the only option anyways, because background apps are very restricted. On android the current system works surprisingly well...

            Comment


            • #7
              Originally posted by shmerl View Post
              Hoes does it differ from Tox?
              its not dead

              Comment


              • #8
                It seems pretty interesting ! What about Kontalk (kontalk.org) ?

                Comment


                • #9
                  Hi I'm a Ring developper

                  Originally posted by Mathias View Post
                  - Asks for a password on account creation. The password is used when you want to add another device to your account. Ask for a password when it is first used!
                  The password is actually used to protect access to the account private key that allows to sign new device public keys or to revoke a device public key.
                  It's now possible to create an account without a password (for when you trust the platform to protect access to the private key, or if the account is simply not so important). But asking the password only on first use would be like if your OS asked to create a root password at the first sudo command !

                  Originally posted by Mathias View Post
                  - No file transfer. Without in-chat Picture/video transfer, this will never get widespread adoption
                  File transfer is one of the new features we presented at FOSDEM ! :-) Should be rolling out to every platforms during the next few weeks.

                  Originally posted by Mathias View Post
                  - Global name registration. Every remotely popular name will be instantly taken, Its not 1995 anymore where this works. Either go [email protected], so ideally you have the same alias as your Mail address. Add some prove of work and/or backup to a blockchain if you want to prevent the mail provider from impersonating people. Or use a Pet-Name system.
                  It's actually possible to use a hostname when entering a username (like [email protected]). Without any hostname, the global blockchain is used.
                  And people still register on Twitter or Gmail even if they have 1 billion+ registered users.

                  Originally posted by Mathias View Post
                  - Is the Ethereum Naming Contract even truly decentralized? Who pays the gas for the contract and can anyone add names to it without going through their API?
                  It's a work in progress but the idea is that we start a blockchain (mining the first N blocks), giving us enough ether to offer free names to everyone, and progressively invite members of the community to participate to the blockchain so people can mine their own token with their hardware if they wish to.

                  Originally posted by Mathias View Post
                  - Give me more details about the connection! There is a Turn Server pre configured. (Turn routes all the voice/video data over a centralized server.) Tell me when it (isn't) used.
                  A turn server is used to relay the connection for the worst case scenario where no peer-to-peer connection is possible (both peers in different private networks). In all cases peers establish an end-to-end DTLS connection, ether on the p2p link or over the TURN server, so the turn server is only used in last ressort and would never have access to unencrypted media.

                  Originally posted by Mathias View Post
                  - "Identity managed by X.509 certificates" is that supposed to be a good thing? I guess it may have something to do with the sip compatibility...
                  X.509 certificates allow to use TLS libraries to authenticate users/devices in a robust, standard, and powerful way.

                  A new Ring account generates a self-signed certificate by default, and adding contacts means doing key pinning (managing a whitelist of accepted user certificates).
                  An organisation could also use its CA to sign members certificates. The CA can be configured in Ring to authenticate users as being part of the organisation using the certificate chain.
                  The same mechanism is used for devices (attached to an account), which are authenticated using the certificate chain.

                  Originally posted by Mathias View Post
                  - "OpenDHT collects and saves metadata. This makes it possible for eavesdroppers to observe the traffic on some DHT node and see who is talking to whom."
                  OpenDHT doesn't collects nor save any metadata. Unlike Bittorrent, data stored on the DHT is encrypted. However, unlike Tor, there is no active mechanism to hide the IP address of members of the distributed network.

                  Would be happy to answer any question..
                  Last edited by wagaf; 02-06-2018, 08:58 AM.

                  Comment


                  • #10
                    “Tox does not use TLS for encryption. It uses NaCL library. So I would expect Tox to be more secure. TLS had a lot of problems over the years.”


                    I seriously doubt doubt that follows - you are comparing the protocol in every web browser with random crypto in a project that no one has heard about. Maybe no one has looked?!?

                    Comment

                    Working...
                    X