My wife and I use Briar for household communication because of subsidiarity rather than any direct privacy concerns. Out of all the messenger projects that we've tried, Briar actually works for local communication. It's actually instant messaging without any client hiccups or latency (looking at you, Signal). We've tried a ton of other options, but we keep ending up back at Briar.
There are points of UX friction in the name of good opsec that are inconvenient but totally understandable given the project goals. The big ones being that you have to manually login after any reboots and notifications are intentionally sparse, so good luck using a smartwatch for reading or replying. Otherwise, the forums and blogs are great for managing household projects, IM is a dream, and as a bonus, anyone willing to install and use it probably has a large enough values overlap that we can use it as a social pre-filter for close friends.
The only other option that has come even remotely close to being as functional as Briar is DeltaChat. The only issue that stops us from using DeltaChat (or email in general) is that we both have email hosting in Europe while we live in the US, so neither of us, being frugal in principal, wants to send information to Europe and back in order to tell the person 100 ft away to come help bring in the groceries.
If an adversary is within bluetooth range of a Briar user what if any data or meta data they are able to gain?
For example, say there is a protest and law enforcement is running devices to capture the Briar data and meta data, what would they be able to record and would it be possible to playback (decrypt) the data at a later point if they were able to capture keys; my understanding is Signal counters playback attacks, but lacks P2P Bluetooth support.
Worth noting that Briar’s Bluetooth support appears to forward data, but not in real-time, so it’s technically not a mesh network; though not sure what you would call what it supports, maybe an asynchronous network?
I'd like to hear more how you use forums/blogs for managing household projects.
> we both have email hosting in Europe while we live in the US, so neither of us, being frugal in principal, wants to send information to Europe and back in order to tell the person 100 ft away to come help bring in the groceries.
I like the frugality in principle. However, AFAICT, Briar uses Tor onion services, Bluetooth or WiFi to communicate. Does using Tor onion services for out-the-home IM violate the principle?
> The only issue that stops us from using DeltaChat (or email in general) is that we both have email hosting in Europe while we live in the US, so neither of us, being frugal in principal, wants to send information to Europe and back in order to tell the person 100 ft away to come help bring in the groceries.
The Briar page seems to suggest messages are routed through Tor:
> Briar uses the Tor network to prevent eavesdroppers from learning which users are talking to each other.
If this is for privacy reasons, I have to point it out that the GDPR protects the data of people that are physically in the EU. I'm not a lawyer, but I'm not sure this applies to non-EU citizens that just happen to deposit some of their data in the EU without being physically here. Maybe you should delve in this corner case deeper, or if you did, I'm curious to know the answer.
What is your motivation for the "without a sim card" part? If the phone is connected to Wifi then they're either at home or at school--isn't the point being able to reach them no matter where they are?
I'm not too keen on my kids being on the internet all day. In my case the opposite solution seems better, a dumbphone so I can reach them, but TikTok can't.
Shared custody? I like being able to communicate, send/receive pictures/videos, do videocalls with my daughters when they are in their mother's place without having to ask her to share her phone for that.
I am actually travelling 10 thousands kilometers away from them for a month, having an instant messaging app is a saver for both me and my daughters.
We are currently using deltachat for this with email accounts I set up for them. They don't even have access to these accounts outside of deltachat yet and they can't be reached by others like they would with whatsapp.
They're mainly not online, and not signed up to online services, but it'd still be nice to be able to message the rest of the family, listen to music, share photos, etc.
> It's actually instant messaging without any client hiccups or latency (looking at you, Signal).
This is almost certainly poor wifi / cell coverage, not Signal having "hiccups" or "latency." I routinely have real-time texting conversations with friends and I can see the messages are "seen" almost instantaneously, half-way across the US.
I've also never had an issue with voice chat. It's been flawless, and very high quality audio. As good or better than Facetime.
Also, unlike Briar, Signal is available for iOS, which is superior if you care about digital privacy, allowing users to disable a slew of data reporting (particularly location data) back to Apple that Android forces you to give Google.
False dichotomy. GrapheneOS, LineageOS, you have options on (some) Android handsets. You have no options on iOS. Further, much of Apple's walled-garden ecosystem is closed source.
Apple is HORRIBLE for user privacy, only marginally less horrible than Google. The difference is that Google isn't a tyrant who insists on making devices that MUST run their own OS. Ironically, Pixel devices have some of the best support for flashing other OS's, modded ROMs, rooting, etc.
Privacy is not a one dimensional thing. Just like security, it exists in context, relative to a threat model.
Think about the threat model for an "everyday" person. It is different than an American journalist contacting sources in the United States, which is different than a journalist in Russia or China.
>GrapheneOS, LineageOS, you have options on (some) Android handsets
These are not normal approaches used by the common person. Apple is not horrible for privacy, they simply help prevent certain types of surveillance capitalism.
Apple absolutely is horrible for privacy. To insist otherwise suggests you might either be uninformed, willfully ignorant, falling victim to Apple's sham marketing around privacy, experiencing stockholm syndrome, or an apple employee.
And these are just privacy concerns. This doesn't even begin to delve into the realms of DRM, downgrade prevention, planned obsolescence, dark patterns, censorship, or open collaboration with inhumane, authoritarian regimes.
>To insist otherwise suggests you might either be uninformed, willfully ignorant, falling victim to Apple's sham marketing around privacy, experiencing stockholm syndrome, or an apple employee.
No, it means I'm optimizing for the average user who will not go out of their way to LARP a paranoid opsec level.
The average user's probably got their SSN, DoB, address, full name, employment history, credit card track 2's, passport details, and more spread across multiple breaches, being sold across multiple darkweb markets, precisely because they have zero regard for privacy.
Suggesting that usage of GrapheneOS is "LARP"ing a "paranoid" opsec level is dismissive of the very-real threats facing domestic abuse victims, whistleblowers, journalists & political activists/dissidents in repressive, authoritarian regimes, and countless others.
Just because you live in a safe, privacy-respecting, liberal democracy doesn't mean everyone else does, and it absolutely isn't reasonable justification to demean those who don't by painting them as irrationally paranoid. That's gaslighting real victims who actually have to be concerned about these companies handing out their data to countries that will put them through, in extreme cases, excruciating torture, before killing them or imprisoning them for life.
Not everyone is lucky enough to live your life, so stop assuming your threat model is automatically the "right" one for everyone else, and that any more intensive threat models than yours are inherently "irrational", "unrealistic", or "paranoid".
Ah yes, the two operating systems: Android + iOS. You can't have an account without registering a primary device on one of those OSs. No KaiOS, no Linux phones, no desktop machines, no web-only options. I'm mad about these mobile-duopoly-app-first services because you can't participate in alternative lifestyles when it Cowes to phone usage.
Well, while not officially endorsed, there is `signald`. With mautrix-signal, I'm able to bridge my Signal and Matrix accounts. I can also make signald my primary device.
Amen to this. I bank with Starling and having decided to minimise my phone usage am having to move away from them. Likewise a variety of other services.
Honestly my banking situation + Signal is the biggest barriers to me switching. I pushed pretty hard to get friends and family to successfully switch off Messenger, LINE, and SMS for Signal (and now they're confused why the need a separate messaging app for SMS--thanks Moxie). I suppose I could write my own front-end wrapper around the bank, but they ain't paying me for that and would likely shut it down as insecure if they found out (even though there's no responsive design, they don't allow you to copy-paste or right-click, or use commas and other punctuation because the web system is built with TIS encoding I think, and they log you out with a meta refresh after 15 or 20 minutes of activity with no pop-up to save your work (in case you were trying to reformat another complaint message without puncuation in their messaging system), and I saw code checking for IE4 and Netscape Navigator 4).
"This is almost certainly poor wifi / cell coverage, not Signal having "hiccups" or "latency." I routinely have real-time texting conversations with friends and I can see the messages are "seen" almost instantaneously, half-way across the US."
Here in europe not so much. Most of the time it works somewhat instantly, but it too often happend, that a single message arrived a unknown time later.
It seems signal is optimizing for real time chat, so people do not notice, but sending a single message can be delayed. The thing is, it happened too many times already, that it arrived hours or days later, up to the point that I would not use Signal anymore for any important, time critical message.
> This is almost certainly poor wifi / cell coverage, not Signal having "hiccups" or "latency."
Signal is very finicky about that, though. I have friends who prefer Whatsapp simply because they don’t have to worry about connection stability. With Signal, you sometimes don’t even know if messages actually arrived or not.
I have never had the message delivery status icon be different than reality. Sometimes, rarely, things don't show as delivered for some time. But I have never had anyone tell me the message was delivered when the checkmark said otherwise.
Here in Australia I can send a message from one phone in onee hand to the other phone in the other hand. Most of the time I can unlock the second phone and open signal before the message arrives.
Fast enough for me but not instant.
Just wanna say this app saved my family and I when we went on a cruise. Normally, we would had had to pay to use the chat service via the ship's paid-only Wi-Fi (since we get no phone reception on the seas). Without needing to pay for the Wi-Fi, we were all able to use Briar to communicate whilst connected to the network, which made coordinating and finding each other on the ship way easier. It was great and worked really well. So thanks, Briar!
I was pleased to discover that if I was within hotspot range of the person I was trying to talk to (approximately WiFi range), I could connect directly to their device and send messages over that WiFi connection.
It's great for things like concerts where service is spotty and you lose somebody, but know they probably aren't too awfully far away.
I'm a bit torn about this. On one hand, it definitely makes coordinating things last minute easier on a cruise ship. On the other hand, to me being nearly forced to untether is most of the reason for going on a cruise, so still carrying my phone around with me even if only to message family is partially missing the point!
Maybe I'll feel different with kids on a cruise ship, but honestly I enjoyed the freedom of spending my day with nothing but a wristband for everything I wanted.
Definitely depends on the size of your party. We were a group of five, split between three cabins on different floors of the ship. With how tremendously huge modern cruise liners are and how crowded cruises can be, I found it was invaluable. For example, being able to quickly message "I went back to the cabin" or "I'm on deck 6 at the table at the far back" or "meet you at the dining hall at 5pm" was very helpful.
How does this work? Do the two devices still need to be on some sort of net work accessible to each other? Two cell phones not on the same Wi-Fi are going to have a hard time talking to each other buy anything other than Bluetooth, no?
I think it supports both. There’s options for off grid that includes Bluetooth and multipeer connectivity, and options for multicast dns and relay servers. As for the why: it supports Android and iOS so if you don’t have an Android device, Briar is basically out.
That's cool and and me too, but I don't see how that relates to my use-case. None of us were lost or in fear or un-findable without Briar, it just made the trip more convenient for coordinating time and place between multiple parties.
I am in my late 50's and many women still call me a child (in a positive way), so I do not think that is my problem.
It is not about my phone use, but the expectation that I should always be findable since I have a cellphone. But I do admit to working at challenging my fear of living without a cellphone, but I am homeless so it is more difficult than when I had housing.
Fear is the hook I guess. It is ok to not know where your kids are or for them to miss dinner on a cruise ship.
We were connected to the local area network, but we had no Internet access (which was behind a paywall). However, only being connected to the local network was sufficient for Briar -- no Internet needed!
To be fair, it would absolutely be possible to set up a hotspot where all the clients were jailed and invisible to each other, had IPs in different subnets, whatever.
Conventionally, I guess that sort of isolation doesn't typically happen as it's more work to set up and only really benefits users (privacy from each other), but maybe if more apps figure out how to take advantage of this things could change.
> With Client Isolation enabled, clients will only be able to communicate with the default gateway and will not be able to communicate with any other devices on the same VLAN (or broadcast domain). In order for the wireless client to communicate with another device, the upstream gateway must be used to enable this communication (e.g. inter-VLAN routing and ACLs). Any traffic bound for an address on the same VLAN as a device in client isolation will be denied. Traffic bound for other VLANs will be forwarded and routed normally.
Realistically though, it's probably a multi-ship contract involving some small IT firm who installs everything, and then gives the onboard electrician/maintenance-guy a quick primer on how to do basic diagnosis of problems.
I'd bet that most of the configuration decisions are made based on how to minimize the likelihood of such problems ever occurring.
Isn't that their point? The only reason it worked on a cruise ship connected to the WiFi was because local devices could talk to eachother and were not isolated.
I am too, but the Matrix implementation feels quite complex with many moving parts, when apps like Briar, Berty, or keet.io [0] show up and look more straightforward to use. I don't know if that will be its downfall or ultimately actually make it more robust, but I'm rooting for it.
As convenient as it'd be for one implementation to crush everything else and become better because of it, I think different choices are good in terms of having alternatives and competing for features and niches.
Building a completely p2p (no servers) e2ee messaging app is not hard except one big problem: contacts discovery. I looked through briar website and it seems the solution is to constantly ping all contacts and hope that everyone is online plus at least one of IPs stays the same between pings. Did I miss something more interesting?
Tor hosts a directory service, a (de)centralized repository of rendezvous nodes from which the Onion Service (server) can be reached, thus the IP address is not lost, but since the circuit is rebuilt every 10 minutes or so, the connection will probably get cut every now and then.
I'm not sure if this really works, but if it's a short message and you periodically check the server if there's a reply and the service responds with short reply, the Tor cell padding (to 500 bytes IIRC) would make it harder to observe metadata about when communication takes place. This all of course goes out the window if it's a large packet that requires multiple cells, or if it's the client that just POSTs the outgoing messages to the server over an established connection.
Thanks, this is basically combination of somewhat central servers plus nearly always online model. I need to think about it - on the first glance I am not 100% sure the role Tor plays in this model.
Is this described somewhere in more details? As I said, I clicked around but didn’t see any docs about this.
The role of Tor is it facilitates anonymous, end-to-end encrypted connection between client and server, each messaging app is both a client (or a set of clients) and a server (a Tor Onion Service) that talk to each other through the Tor network. This way the traffic never exists the Tor network*.
The laptop/phone is the client, and Secure Drop is the server. With Briar the client-side Tor socket connects to the messaging app instead of browser, and on server side the socket again connects to the messaging app instead of web server. Whether messages flow from client to server (via POST request) or server to client (GET request) is doesn't really matter. The architecture where each user runs both server and client makes it effectively peer-to-peer.
Because messaging apps are these days expected to be always online, you pretty much need to have the server and client (and thus the app) always running.
---
*This is in contrast to Tor Messenger that, while it defaulted to Tor, used exit nodes unless the XMPP server was also a Tor Onion Service. While with Tor Messenger you were anonymous, XMPP server was usually not self-hosted thus a third party might have aggregated some metadata about when conversations between two accounts took place etc.
Things used to be even worse before Tor Messenger. With Pidgin it was possible to forget to configure Tor (unless you used XMPP Onion Service), and even worse, forget to enable OTR end-to-end encryption for every session, and if that happened the content could easily deanonymize you.
With Onion Service messaging, provided you verified the authenticity of the V3 onion address (or E2EE protocol's key fingerprint), you can be rest assured
1) connection is always E2EE
2) always inside Tor with no possibility to F up by connecting over 'clearnet'
3) no third party has access to communications metadata
Separate topic so replying in a separate sub thread
The clients are not always on, iOS and Android don’t like background processes, connections go down, battery runs out, etc. I understand how to build always on clients but it’s not a practical solution.
The directory service only receives an anonymous notification behind Tor proxyt chain that "hey, if someone asks for this .onion URL, point them to this node as it can provide further directions". It doesn't know "everything". The point of Tor has been from the beginning to compartmentalize what each node knows the the bare minimum.
It's not hard for IRC-style chats, but it gets harder if you want to handle:
* Asynchronous messaging: what if the two devices are not online at the same time, or on disjointed networks? Store the message on a server somewhere? Secure Scuttlebutt[1] relies on devices pulling encrypted data that does not belong to them.
* NAT or firewall hole-punching, though it can be remediated by leveraging other nodes. Some implementations use a DHT[2], but you're often relying on other servers of some sort.
* What you call contact discovery is also typically handled through a DHT of some kind. Yggdrasil-like (or hyperboria, cjdns, .onion) overlay networks are usually able to route to a public key, regardless of how it moves around on the network.
* Push notifications. Either you accept the use of an external server (like the Tox client TRIfA, which has an add-on[3] that also supports UnifiedPush), or you have to rely on a separate persistent connection that will drain your battery faster, especially if there's some computation involved.
The last point is why I uninstalled Briar: I had almost no contacts, and didn't want an extra battery-draining service.
If contacts discovery is somehow solved, then I can see potential options of using short range comms (eg bluetooth) for connectivity. Basically all ideas I have are:
1) somewhat central server(s)
2) always on plus constant updates (what briar seems to be doing)
3) every node knows large part of topology (not very scalable)
I am wondering if I am missing something in briar’s architecture
The battery is a bigger problem. You can work around OS issues but if yourun out of battery at the same time you are cut off from normal communications you now have two major problems, and your expedited/unexpected disappearance from the conversation creates unnecessary anxiety for others. I hope they make fixing this a priority, it's a serious shortcoming.
you'll actually need to host it yourself. It's going to be a one-to-one relationship between mailboxes and briar users on purpose to avoid centralization of any kind (think techies hosting mailboxes for many friends etc.). To make hosting rather easy, the mailbox can be run on a spare (old) Android device, ideally plugged into a power outlet and connected to Wifi. Setup will include installing the app onto the Android and going through a pairing procedure by scanning a QR-code from the mailbox app from the briar settings screen.
Briar is one of the most important secure messaging projects currently. Not only does it remove the need to trust the vendor about content (like with all E2EE messaging apps), you also get to keep the metadata about communication to yourself as data transits from one Tor Onion Service to another.
The downside is of course, you need to keep the endpoint powered on when you want to be reachable so it will increase the battery drain on your phone.
One extremely important thing Briar is doing, is it's using the P2P as means to host alternative social interaction formats, like forums and blogs. Similar to Signal/WhatsApp stories (which is somewhat similar to microblogs/FB wall), it's a way to indirectly share information. You could pretty much emulate any social media platform on top of E2EE protocol with ~zero infrastructure cost and without having to worry about data mining. I'd argue what Briar's innovating on here is one of the most important aspects in what's left for secure messaging.
Finally a small caveat: Briar will share your Bluetooth MAC address with all peers so it can automatically use that when you're in close proximity with your peer. Thus sharing your Briar ID publicly is not a good idea for two reasons:
1) major global adversaries may have access to the leaking Bluetooth MAC (e.g. if Google aggregates it) which can deanonymize your account. This also allows slightly technical person to confirm identity of briar account if they suspect it's you (a bit wonky threat model but still).
2) it ties everything you do across your accounts on same device together, so there's strong linkability even if you rotate the identity key by reinstalling the app.
Briar is pretty clear about this in it's FAQ, but it's still not very well known although it definitely should be.
---
That being said, if you want similar Onion Service based communication with no such linkability, there's https://cwtch.im/ which is a fantastic project.
(And finally, you can get remote exfiltration security for keys/plaintexts with TFC https://github.com/maqp/tfc (my personal work), at the cost of losing some features like message forwarding etc that the architecture prevents you from doing.)
that's probably some "intelligent" thing by the App Store showing you similar applications to what you are looking for... unless Signal has "briar" as a keyword but I'd doubt
Since the protocol appears to use adhoc synchronization, the authors might be interested in https://github.com/sipa/minisketch/ which is a library that implements a data structure (pinsketch) that allows two parties to synchronize their sets of m b-bit elements which differ by c entries using only b*c bits. A naive protocol would use m*b bits instead, which is potentially much larger.
I'd guess that under normal usage the message densities probably don't justify such efficient means-- we developed this library for use in bitcoin targeting rates on the order of a dozen new messages per second and where every participant has many peers with potentially differing sets--, but it's still probably worth being aware of. The pinsketch is always equal or more efficient than a naive approach, but may not be worth the complexity.
The somewhat better known IBLT data structure has constant overheads that make it less efficient than even naive synchronization until the set differences are fairly large (particular when the element hashes are small); so some applications that evaluated and eschewed IBLT might find pinsketch applicable.
Pretty much any bittorrent library implements peer discovery through DHT (global database of who is interested in what hash), PEX (Peer exchange, ie if you and a peer are interested in the same content you can both exchanges other peers each side is connected to)
> The adversary has a limited ability to monitor short-range communication channels (Bluetooth, WiFi, etc).
That seems like a pretty big assumption. From what i understand there already exists deployment of wifi hot spots to track people (both for advertising purposes and for spying purposes) to the extent that phone providers started radomizing MAC addresses.
Cisco’s meraki has that built into their devices. I run meraki in my home and have it enabled and it’s pretty powerful. If you see a wifi network, it most certainly can track you and if it’s not a residential network, I assume it is.
This is why I don’t like the automatically re-enabling wifi setting on iOS.
Yes you can still turn it “really off” in settings (until the phone reboots again) and yes I put a shortcut on my home screen to turn wifi/bluetooth all the way off in one click, but probably barely anyone is doing those things because it’s inconvenient/they don’t know/they forget.
You can verify identities in person by scanning a QR code. That's completely solid. Otherwise you can send someone a link. It should be made clearer in the documentation that that link might end up with someone other than who you expect and the potential downside of that.
What I find interesting is that such p2p comms applications return with a certain recurrence. I think one of the first was Nokia Sensor (2005?), and there was one that was famous during the Arab Spring/Hong Kong protests.
I was able to create an account just fine, though I don't have any contacts to message. I don't have any reason to believe it wouldn't work fine, though.
In short, both these methods of adding contacts require both parties to actively add each other in the same time period. So even if you post your briar contact code publicly, only the contacts you are adding as well will be able to connect with you.
Thanks. I meant more with respect to users spamming forums - to send a message to a particular forum do I just have to know of its existence? Or is it that each user only sees messages from its contacts on each forum?
A Briar user can either create a new forum, or get invited via a Briar contact that is already in an existing forum. There's some more info on this topic in Briar's user manual if you're interested: https://briarproject.org/manual/
Briar also has the ability to introduce contacts to each other, so while it doesn't support totally public forums, you can spread information between contacts fairly effectively.
Tox doesn't anonymize by default. You're leaking your IP address to every peer, and you're leaking metadata about to whom you communicate to every entity in the backbone.
Also, feel free to participate in the social experiment of '4chan writes a secure messaging app with the CVE programming language', I know I never will.
There are points of UX friction in the name of good opsec that are inconvenient but totally understandable given the project goals. The big ones being that you have to manually login after any reboots and notifications are intentionally sparse, so good luck using a smartwatch for reading or replying. Otherwise, the forums and blogs are great for managing household projects, IM is a dream, and as a bonus, anyone willing to install and use it probably has a large enough values overlap that we can use it as a social pre-filter for close friends.
The only other option that has come even remotely close to being as functional as Briar is DeltaChat. The only issue that stops us from using DeltaChat (or email in general) is that we both have email hosting in Europe while we live in the US, so neither of us, being frugal in principal, wants to send information to Europe and back in order to tell the person 100 ft away to come help bring in the groceries.