Originally posted by OneTimeShot
View Post
Announcement
Collapse
No announcement yet.
GNU's Ring Continues Trying To Be Like Skype/WhatsApp For FLOSS/Privacy-Minded Fans
Collapse
X
-
Last edited by wagaf; 06 February 2018, 08:34 AM.
- Likes 1
-
Originally posted by wagaf View PostHi I'm a Ring developper
The password is actually used to protect access to the account private key that allows to sign new device public keys or to revoke a device public key.
It's now possible to create an account without a password (for when you trust the platform to protect access to the private key, or if the account is simply not so important). But asking the password only on first use would be like if your OS asked to create a root password at the first sudo command !
File transfer is one of the new features we presented at FOSDEM ! :-) Should be rolling out to every platforms during the next few weeks.
It's actually possible to use a hostname when entering a username (like name@domain). Without any hostname, the global blockchain is used.
And people still register on Twitter or Gmail even if they have 1 billion+ registered users.
It's a work in progress but the idea is that we start a blockchain (mining the first N blocks), giving us enough ether to offer free names to everyone, and progressively invite members of the community to participate to the blockchain so people can mine their own token with their hardware if they wish to.
A turn server is used to relay the connection for the worst case scenario where no peer-to-peer connection is possible (both peers in different private networks). In all cases peers establish an end-to-end DTLS connection, ether on the p2p link or over the TURN server, so the turn server is only used in last ressort and would never have access to unencrypted media.
X.509 certificates allow to use TLS libraries to authenticate users/devices in a robust, standard, and powerful way.
A new Ring account generates a self-signed certificate by default, and adding contacts means doing key pinning (managing a whitelist of accepted user certificates).
An organisation could also use its CA to sign members certificates. The CA can be configured in Ring to authenticate users as being part of the organisation using the certificate chain.
The same mechanism is used for devices (attached to an account), which are authenticated using the certificate chain.
OpenDHT doesn't collects nor save any metadata. Unlike Bittorrent, data stored on the DHT is encrypted. However, unlike Tor, there is no active mechanism to hide the IP address of members of the distributed network.
Would be happy to answer any question..
On to the questions: will you ever be able to develop a sort of off-line messaging/off-line sync for text and media? I think one of the outmost important features of Wazzap is exactly that: companies making group chat and leaving vocal messages in the group (with read receipts!).
Apart from that, with a little-bit of cleanups and rough-outs i think Ring is production ready!
- Likes 1
Comment
-
Originally posted by wagaf View PostHi I'm a Ring developper
Originally posted by wagaf View Post... But asking the password only on first use would be like if your OS asked to create a root password at the first sudo command !
Originally posted by wagaf View PostFile transfer is one of the new features we presented at FOSDEM ! :-) Should be rolling out to every platforms during the next few weeks.
Originally posted by wagaf View PostIt's actually possible to use a hostname when entering a username (like name@domain).
Originally posted by wagaf View PostAnd people still register on Twitter or Gmail even if they have 1 billion+ registered users.
Originally posted by wagaf View PostA turn server...
Originally posted by wagaf View PostX.509 certificates ...
Originally posted by wagaf View PostOpenDHT doesn't collects nor save any metadata.
I know content is encrypted. But can I passively monitor the DHT and see who (of course only the pubkey) is communicating with who?
TLS vs NaCL
TLS like X.509 had a lot of problems in the past. I'd trust something like the Noise protocol (used by WhatsApp and Wireguard) a lot more then an old behemoth. You are right that NaCL and TLS are not really comparable. Tox (Crypto) has a lot less attack surface then complete TLS implementations. But chances are high, they did something wrong as well (because crypto is hard). I understand why you used TLS, because of the legacy of ring, Sip compatibility and AFAIK Noise wasn't around when you started...
Thanks for your time! And thanks for working on the App. Since you are the only contender still in the ring, all my hopes are on you that I can Video-Chat with my son this summer when I'm on a bussiness trip without asking someone else for their WhatsApp ;-)
*edit*
I want to point out again how important naming is. WhatsApp became big, because everyone was forced to use an identifier that is globally unique and everyone has in his phone book anyways. Easily finding your friends is one of *the* most important things a modern messenger has to do. So I think it has to be simpler then mail address let alone globally unique identifier. Maybe publish your pubkey under a hashed phone number. Easily fakeable, I know. Then ask your already known friends for what they know about your phonebook. Maybe with those fancy new zero-knowledge-proof wizardry that is possible in a privacy friendly way.Last edited by Mathias; 06 February 2018, 05:42 PM.
- Likes 1
Comment
-
Originally posted by Fernando Negro View PostIs Ring more secure than Linphone? In what ways are these two programs different?
Ring on the other hand is a distributed system. So theoretically there is no central server collecting your Metadata. Also all Ring content is always encrypted without any unencrypted fallback. So Ring should be more secure then Linphone. But I'm not sure (I asked above) if its possible for everyone to passively collect some metadata about you and your calls. Note that Ring also includes a complete SIP client. If you use that, everything that applies to Linphone also applies to Ring.
Originally posted by Fernando Negro View PostIs Ring the most secure of this type of Skype alternatives?
Originally posted by Fernando Negro View PostAnd, does it offer a decent speed (i.e. video frame rate and sound quality)?
- Likes 1
Comment
Comment