session-android
oxen-core
session-android | oxen-core | |
---|---|---|
174 | 25 | |
1,693 | 300 | |
3.8% | -1.0% | |
9.5 | 0.0 | |
1 day ago | 7 days ago | |
Java | C++ | |
GNU General Public License v3.0 only | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
session-android
- Signal: Keep your phone number private with Signal usernames
-
What are you shocked people are still doing nowadays?
Other alternatives include Session (free) and Threema (paid - 5€).
-
Tyranny Censorship? No problem, Self-custody your content distribution
Test it by downloading session at getsession.org and DM the bot by starting a new message and sending it to “Simple” (without quotes)
- Launching Default End-to-End Encryption on Messenger
- Which communication App is most secure / anonymous?
-
Official/Unofficial Monero Session Community Hangout?
Figured there should be moves to set one up if not - https://getsession.org/
- Session: Send Messages, Not Metadata
-
Signal: The Pqxdh Key Agreement Protocol
* marketing "Perfect Forward Secrecy" AKA "Forward Secrecy"[0].
I favor Session Private Messenger[1] because it is decentralized and allows third party clients, but Signal enthusiasts warn me that the Session client may, hypothetically, at some future date, integrate a cryptocurrency, as the Signal client already does[2].
[0] https://en.wikipedia.org/wiki/Forward_secrecy
[1] https://getsession.org
[2] https://www.stephendiehl.com/blog/signal.html
-
U.K. Abandons, for Now, Legislation That Would Have Banned End-to-End Encryption
If you have a mobile phone number, the domestic intelligence agency knows exactly where you are at all times and any LEO (without a warrant) can also find you. In addition, there have been numerous CCC presentations showing how insecure the global (excluding US) and (separately) US carriers are guilty of promiscuous metadata trafficking ($$) and insecure SS7 setups. As a consequence, for low $, you can go to any one of several shady websites and find the last location of almost any phone number (person unique ID) globally. There are additional varying exploitable vulnerabilities depending on the exact combination of {handset x carrier x country} to impersonate them, tap their line, reveal their exact location, and redirect their phone number through a third-party handset or even a PBX. These are more expensive and some capabilities are forbidden for all but a few selective intelligence uses.
Session (Signal fork) doesn't use phone numbers. It's pretty well-designed overall and uses an onion routing approach. It's already a superset of Signal except it doesn't use phone numbers. https://getsession.org
Also look interesting:
* (unproven) https://www.olvid.io/technology
* (unproven) https://simplex.chat
PS: Using regular TOR on home broadband or cloud servers is relatively risky and inefficient. Sybil attacks on it are common. And to network operators and security agencies it gives an easy "flow tag" of your uplink and exit node data traffic as automatically suspicious.
- E2EE messenger for who want absolute privacy and freedom from any surveillance
oxen-core
-
[PSA] Official communities are having an outage right now
Every official Session community hosted on the getsession.org domain, as well as the official websites (https://getsession.org, https://oxen.io) are unreachable as of now. https://lokinet.org seems to have issues as well.
- Tor vs Oxen Lokinet . How does the performance compare?
-
Monero integration in BLACK protocol, a privacy focused fork of THORChain
Oxen is very much alive, as is Haven. Technologically Electroneum is very far away now, not being a privacy coin anymore, but it did start as a Monero fork and at least is still around.
-
My list of favorite secure messaging apps
Really great list. Thank you. Some of these I wasn't even aware of. I've been using Session for about a year. A year ago it definitely had some missed messages and I was about to ditch it but I held strong and haven't experienced that issue in a while. Been flawless for about half a year. The Oxen/Loki network overall https://oxen.io/ is a really interesting alternative to Monero and Tor. It's interesting how it can be both!
-
Signal Says It Will Exit India Rather Than Compromise Its Encryption
Widely used? No. I've found Session to be a decent alternative however it's still early development which entails some scuff and details as to how they intend for it to be financially supported long term aren't clear.
https://getsession.org/
TLDR on Session is that it's a fork of Signal (effectively same front end, key scheme, encryption scheme, etc) with a modified transport/delivery and notification system and without the phone-number-as-an-identifier caveat that signal has.
Note: Sorry for the wall of text below.
As for what that modified transport layer is, it's routing all the messaging and data hosting over Oxen (https://oxen.io/) which is a cryptocurrency that serves as a decentralised short term / small size addressable data store and an onion router for those messages/data. As much as cryptocurrency=bad in a lot of cases, here it kinda makes sense as it's just an automated digital marketplace for data hosting and bandwidth with tooling wrapped around it to support privacy and anonymity preserving tools without relying on some hopefully benevolent dictator to run it.
As for who's backing it, same group that develops the Oxen, an Australian non-profit focused on privacy tech and bearing the same name (Oxen Privacy Tech Foundation). While Oxen is pay for use (messaging and all that has an on chain cost), it looks like the foundation is covering the costs of running Session for the foreseeable future. Given the nature of the project, it should eventually be possible for users to pay their own infra costs however that doesn't seem to be implemented yet.
It's pretty easy to use.
1. Install via F-droid or download from the web.
2. Basic cryptocurrency wallet style setup where your account is based on a randomly generated "recovery seed" phrase (string of words with equal bits of randomness as the private key which can be used to rebuild the private key on a new device).
3. Then you can share your "Session ID" which is basically just your public key or you can pay for a custom username which is addressed to your public key (you can set names for contacts after adding them so the username is mostly for ease of discoverability).
4. After that it's basically just Signal but where you can make and throw away accounts at the drop of a hat.
My main complaints are
1. that it's a bit slow on delivery
2. The onion routing half of decentralised storage + routing is still being implemented for Session as the project is very much WIP at this stage.
----
My takeaway is that provided it can stick around, Session has potential to shore up where Signal falls short. Give it a year or two in the oven and I might recommend it as a daily driver for messaging.
Likewise for the OPTF and their goals in general. It looks like once Session is "fully implemented" they are looking at trying to expand the approach to a discord/slack/matrix competitor as well which could be interesting. As far as I can tell they are just a bunch of privacy nerds with a little bit of a cryptocurrency lean to them but they are doing good work.
-
Tornado Cash and WHY privacy chains are important!?!
Lets kickstart with Oxen, an open source privacy tech blockchain with 2 working products; Sessions Messenger - (a fully anonymous encrypted messaging service) and Lokinet - (a cutting edge low-latency onion router) - which both utilize the Oxen Service Node network to safeguard user privacy and anonymity.
- Weekly Ask Ledger Anything - leave your questions here! Week of June 6
-
Weekly Ask Ledger Anything thread - Leave Your Questions here! Week of May 9, 2022
The https://oxen.io/ community patiently waits for the integration of their Ledger app. Any idea on when that's going to happen?
-
Weekly Dev Update 12/04/2022
Wallet3 RPC calls for Get Balance, Get Address and Export Keys https://github.com/oxen-io/oxen-core/pull/1525
-
Weekly Dev Update 15/02/2022
Removes macro and goto code in wallet2::import_outputs function https://github.com/oxen-io/oxen-core/pull/1516
What are some alternatives?
simplex-chat - SimpleX - the first messaging network operating without user identifiers of any kind - 100% private by design! iOS, Android and desktop apps 📱!
session-desktop - Session Desktop - Onion routing based messenger
berty - Berty is a secure peer-to-peer messaging app that works with or without internet access, cellular data or trust in the network
lokinet-exit-provider - lokinet exit node webapp
session-open-group-server
lokinet-webrtc - lokinet webrtc demo with electron
loki-network - Lokinet is an anonymous, decentralized and IP based overlay network for the internet.
lokinet-gui - GUI Control panel for Lokinet built using electron
session-pysogs - Python implementation of the Session community server
µWebSockets - Simple, secure & standards compliant web server for the most demanding of applications
oxen-mq - Communications layer used for both the Oxen storage server and oxend