forked from privacyguides/privacyguides.org
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Overhaul and revamp IM page (privacyguides#192)
- Loading branch information
Showing
30 changed files
with
526 additions
and
376 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
27 changes: 27 additions & 0 deletions
27
_data/software/messengers-videoconferencing/1_linphone.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| title: Linphone | ||
| type: Recommendation | ||
| logo: /assets/img/messengers/linphone.svg | ||
| labels: 'color==info::icon==fas fa-fw fa-wifi::text==Centralized::tooltip==All communications pass through a single host.|color==info::icon==fas fa-fw fa-phone::text==Encrypted group VoIP::tooltip==Multiparty voice and video calls can be end-to-end encrypted.' | ||
| description: | | ||
| <strong>Linphone</strong> is an open-source SIP Phone and a free voice over IP service, available on mobile and desktop environments and on web browsers. It supports ZRTP for end-to-end encrypted voice and video communication. | ||
| <h4>Technical documentation</h4> | ||
| The communication protocol is described in a <a href="https://www.linphone.org/sites/default/files/solutions-securedcommunications-2019-26.06.19.pdf">whitepaper</a>. | ||
| website: 'https://www.linphone.org/' | ||
| privacy_policy: 'https://www.linphone.org/privacy-policy' | ||
| downloads: | ||
| - icon: fab fa-windows | ||
| url: 'https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner' | ||
| - icon: fab fa-apple | ||
| url: 'https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner' | ||
| - icon: fab fa-linux | ||
| url: 'https://www.linphone.org/technical-corner/linphone?qt-technical_corner=2#qt-technical_corner' | ||
| - icon: fab fa-android | ||
| url: 'https://f-droid.org/packages/org.linphone' | ||
| - icon: fab fa-google-play | ||
| url: 'https://play.google.com/store/apps/details?id=org.linphone' | ||
| - icon: fab fa-app-store-ios | ||
| url: 'https://apps.apple.com/us/app/linphone/id360065638' | ||
| - icon: fab fa-github | ||
| url: 'https://github.com/BelledonneCommunications' |
27 changes: 27 additions & 0 deletions
27
_data/software/messengers-videoconferencing/2_jitsi-meet.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| title: Jitsi Meet | ||
| type: Recommendation | ||
| logo: /assets/img/messengers/jitsi.svg | ||
| labels: 'color==info::icon==fas fa-fw fa-wifi::text==Centralized::tooltip==All communications pass through a single host.|color==info::icon==fas fa-fw fa-phone::text==Encrypted group VoIP::tooltip==Multiparty voice and video calls can be end-to-end encrypted.' | ||
| description: | | ||
| <strong>Jitsi Meet</strong> is a free and open-source multiplatform voice (VoIP), video conferencing, and instant messaging application with optional E2EE. It can be used from the browser, in <a href="https://github.com/jitsi/jitsi-meet-electron/releases">desktop applications</a> or on smartphones. Additional features include screen sharing for presentations and an always-on-top floating call window when minimized. See the <a href="https://github.com/jitsi/jitsi-meet/wiki/Jitsi-Meet-Instances">list of public Jitsi Meet instances</a>. | ||
| <h4>Notes</h4> | ||
| E2EE in Jitsi Meet is an <a href="https://github.com/jitsi/lib-jitsi-meet/blob/master/doc/e2ee.md">alpha feature</a> and is dependent on <a href="https://github.com/jitsi/jitsi-meet/issues/409">Insertable Streams</a>, which is currently supported in Chrome but not Firefox. The mobile apps do not support E2EE at all for the moment. Prefer to use the <a href="https://github.com/jitsi/jitsi-meet-electron/releases">desktop apps</a> instead. By default, communications are decrypted by the server if the E2EE option is not enabled. | ||
| website: 'https://jitsi.org/jitsi-meet/' | ||
| privacy_policy: 'https://jitsi.org/security/' | ||
| downloads: | ||
| - icon: fab fa-windows | ||
| url: 'https://github.com/jitsi/jitsi-meet-electron/releases' | ||
| - icon: fab fa-apple | ||
| url: 'https://github.com/jitsi/jitsi-meet-electron/releases' | ||
| - icon: fab fa-linux | ||
| url: 'https://github.com/jitsi/jitsi-meet-electron/releases' | ||
| - icon: fab fa-android | ||
| url: 'https://f-droid.org/en/packages/org.jitsi.meet/' | ||
| - icon: fab fa-google-play | ||
| url: 'https://play.google.com/store/apps/details?id=org.jitsi.meet' | ||
| - icon: fab fa-app-store-ios | ||
| url: 'https://apps.apple.com/us/app/jitsi-meet/id1165103905' | ||
| - icon: fab fa-github | ||
| url: 'https://github.com/jitsi/jitsi-meet' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| title: Signal | ||
| type: Recommendation | ||
| logo: /assets/img/messengers/signal.svg | ||
| labels: 'color==info::icon==fas fa-fw fa-wifi::text==Centralized::tooltip==All communications pass through a single host.|color==info::icon==fas fa-fw fa-phone::text==VoIP::tooltip==Voice or video calls are supported.' | ||
| description: | | ||
| <strong>Signal</strong> is a mobile app developed by Signal Messenger LLC. The app provides instant messaging, as well as voice and video calling. All communications are E2EE unless you choose to send as SMS. Signal is a widely <a href="http://securitywatch.pcmag.com/security/321511-snowden-to-sxsw-here-s-how-to-keep-the-nsa-out-of-your-stuff">praised</a> and used messenger. | ||
| <h4>Notes</h4> | ||
| <p>Signal requires your phone number as a personal identifier, hence anyone you communicate with will see it.</p> | ||
| <p>Hardened forks such as <a href="https://molly.im/">Molly</a> implement additional security features.</p> | ||
| <p>The <a href="https://signal.org/blog/sealed-sender/">Sealed Sender</a> option allows to hide who is the sender of messages, as only the receiver address will be visible to the server. It is by default enabled only for the user's contacts list, but can be enabled for all recipients, with the risk of receiving more spams. The company also claims the Signal centralized server does not store any metadata, although this is unverifiable. If you consider metadata leaking a sensitive issue for your usecase, consider anonymous routing messengers, which theoretically provide verifiable guarantees against metadata leaking.</p> | ||
| <h4>Audit</h4> | ||
| The protocol was independently <a href="https://eprint.iacr.org/2016/1013.pdf">audited</a>. | ||
| website: 'https://signal.org/' | ||
| privacy_policy: 'https://signal.org/legal/' | ||
| downloads: | ||
| - icon: fab fa-windows | ||
| url: 'https://signal.org/download/' | ||
| - icon: fab fa-apple | ||
| url: 'https://signal.org/download/' | ||
| - icon: fab fa-linux | ||
| url: 'https://signal.org/download/' | ||
| - icon: fab fa-android | ||
| url: 'https://signal.org/android/apk/#apk-danger' | ||
| - icon: fab fa-google-play | ||
| url: 'https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms' | ||
| - icon: fab fa-app-store-ios | ||
| url: 'https://apps.apple.com/app/signal-private-messenger/id874139669' | ||
| - icon: fab fa-github | ||
| url: 'https://github.com/signalapp' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| title: Element | ||
| type: Recommendation | ||
| logo: /assets/img/messengers/element.svg | ||
| labels: 'color==info::icon==fas fa-fw fa-wifi::text==Federated::tooltip==Your communications pass through one of a network of hosts that intercommunicate.|color==info::icon==fas fa-fw fa-wifi::text==P2P::tooltip==One-on-one voice and video calls are peer-to-peer (option can be disabled).|color==info::icon==fas fa-fw fa-wifi::text==Centralized::tooltip==Some optional services such as e-mail login, external links preview integrations and TURN reverse connection are provided by a centralized server.|color==info::icon==fas fa-fw fa-phone::text==VoIP::tooltip==Voice or video calls are supported.|color==info::icon==fas fa-fw fa-users::text==TeamChat::tooltip==Group channels are supported, and self-hosted servers can run non-federated to isolate from other servers.' | ||
| description: | | ||
| <strong>Element</strong> (formerly <a href="https://element.io/blog/welcome-to-element/">Riot</a>) is the reference client for the <a href="https://matrix.org/docs/guides/introduction">Matrix</a> protocol, which is an <a href="https://matrix.org/docs/spec">open standard</a> for secure decentralized real-time communication. | ||
| <h4>Notes</h4> | ||
| <p>There are a few gotchas and missing features at the moment that need to be kept in mind to avoid unforeseen privacy breaches:</p> | ||
| <ul> | ||
| <li>Only <a href="https://github.com/vector-im/element-web/issues/12878">1-on-1 voice and video calls are end-to-end encrypted and are signalled by a green shield during the call, but not group calls</a>, although there are plans E2EE group calls to be supported too <a href="https://github.com/vector-im/element-web/issues/13953">in the future</a>.</li> | ||
| <li>Although E2EE should be enabled by default for new rooms, older rooms or administrators may choose to remain unencrypted. A green shield should appear on the left of the input box when E2EE is enabled.</li> | ||
| <li><a href="https://en.wikipedia.org/wiki/Forward_secrecy">Forward secrecy</a> can be enabled by the room's creator (option: new users cannot access past room history). This can also be enabled for 1-on-1 rooms.</li> | ||
| <li>Deleting <a href="https://github.com/matrix-org/synapse/issues/1263">media attachments</a> does not actually delete them from servers but just hide them along with the user stated reason, so that direct links still work. However, if room encryption was enabled, the media files cannot be decrypted by anyone but the intended users. Self-hosting does not resolve this <a href="https://github.com/privacyguides/privacyguides.org/issues/50">issue</a>, since the media files, like messages, are propagated to other federated servers and sometimes to bridged networks (IRC, Discord, ...), which may or may not choose to keep deleted messages. Messages are also not deleted instantly, but with the default settings they are deleted after 7 days, unless the server's administrator chooses to keep them for longer.</li> | ||
| <li>Reactions are <a href="https://github.com/matrix-org/matrix-doc/issues/2678">not encrypted</a>.</li> | ||
| <li>Nicknames and avatars may leak to users of other servers <a href="https://github.com/matrix-org/synapse/issues/5677">even in private rooms</a>.</li> | ||
| </ul> | ||
| <h4>Audit</h4> | ||
| The protocol was independently <a href="https://matrix.org/blog/2016/11/21/matrixs-olm-end-to-end-encryption-security-assessment-released-and-implemented-cross-platform-on-riot-at-last">audited</a>. | ||
| website: 'https://element.io' | ||
| privacy_policy: 'https://element.io/privacy' | ||
| downloads: | ||
| - icon: fab fa-windows | ||
| url: 'https://element.io/get-started' | ||
| - icon: fab fa-apple | ||
| url: 'https://element.io/get-started' | ||
| - icon: fab fa-linux | ||
| url: 'https://element.io/get-started' | ||
| - icon: fab fa-android | ||
| url: 'https://f-droid.org/packages/im.vector.app/' | ||
| - icon: fab fa-google-play | ||
| url: 'https://play.google.com/store/apps/details?id=im.vector.app' | ||
| - icon: fab fa-app-store-ios | ||
| url: 'https://apps.apple.com/app/vector/id1083446067' | ||
| - icon: fas fa-globe-americas | ||
| url: 'https://app.element.io' | ||
| - icon: fab fa-github | ||
| url: 'https://github.com/vector-im/element-web' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| title: Briar | ||
| type: Recommendation | ||
| logo: /assets/img/messengers/briar.svg | ||
| labels: 'color==info::icon==fas fa-fw fa-wifi::text==P2P::tooltip==Senders and recipients connect directly with no middlemen (can be disabled).|color==info::icon==fas fa-fw fa-wifi::text==Anonymous Routing::tooltip==Senders and recipients are hidden in the network, no one can know they communicate together (can be disabled).' | ||
| description: | | ||
| <strong>Briar</strong> is an encrypted instant messenger that connects to contacts via Wi-Fi or Bluetooth in short distances, or Tor over the internet in long distances. Technology such as this has proven to be useful when Internet availability is an issue, such as in times of crisis. | ||
| <h4>Notes</h4> | ||
| Briar supports perfect forward secrecy by using the Bramble <a href="https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BHP.md">Handshake</a> and <a href="https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md">Transport</a> protocol. | ||
| <h4>Audit & Technical Documentation</h4> | ||
| The client software was independently <a href="https://briarproject.org/news/2017-beta-released-security-audit/">audited</a>, the anonymous routing protocol uses the Tor network which is also audited. An overview of how the software works was <a href="https://briarproject.org/how-it-works/">published</a> along with the complete <a href="https://code.briarproject.org/briar/briar-spec">specifications</a>. | ||
| website: 'https://briarproject.org' | ||
| privacy_policy: 'https://briarproject.org/privacy-policy/' | ||
| downloads: | ||
| - icon: fab fa-android | ||
| url: 'https://f-droid.org/packages/org.briarproject.briar.android/' | ||
| - icon: fab fa-google-play | ||
| url: 'https://play.google.com/store/apps/details?id=org.briarproject.briar.android' | ||
| - icon: fab fa-git | ||
| url: 'https://code.briarproject.org/briar/briar' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| title: Session | ||
| type: Recommendation | ||
| logo: /assets/img/messengers/session.svg | ||
| labels: 'color==info::icon==fas fa-fw fa-wifi::text==Anonymous Routing::tooltip==Senders and recipients are hidden in the network, no one can know they communicate together.|color==info::icon==fas fa-fw fa-users::text==TeamChat::tooltip==Group channels are supported.' | ||
| description: | | ||
| <strong>Session</strong> is an encrypted instant messenger using <a href="https://getsession.org/blog/onion-requests-session-new-message-routing-solution">3-hops onion routing</a> to transmit communications via <a href="https://oxen.io/">Oxen blockchain</a>\'s nodes that are <a href="https://oxendashboard.com/#5">distributed worldwide</a>. All communications are E2EE encrypted by default, supporting 1-on-1, private group and public group textual chatrooms. | ||
| <h4>Notes</h4> | ||
| Session does not support forward secrecy, so that anyone who joins a past discussion can read the whole history. | ||
| <h4>Audit & Technical Documentation</h4> | ||
| The client softwares on all platforms were independently <a href="https://getsession.org/session-code-audit/">audited</a>. The protocol is described in a <a href="https://arxiv.org/abs/2002.04609">whitepaper</a>. | ||
| website: 'https://getsession.org/' | ||
| privacy_policy: 'https://getsession.org/privacy-policy/' | ||
| downloads: | ||
| - icon: fab fa-windows | ||
| url: 'https://getsession.org/windows' | ||
| - icon: fab fa-apple | ||
| url: 'https://getsession.org/mac' | ||
| - icon: fab fa-linux | ||
| url: 'https://www.getsession.org/linux' | ||
| - icon: fab fa-android | ||
| url: 'https://fdroid.getsession.org/' | ||
| - icon: fab fa-google-play | ||
| url: 'https://play.google.com/store/apps/details?id=network.loki.messenger' | ||
| - icon: fab fa-app-store-ios | ||
| url: 'https://apps.apple.com/app/session-private-messenger/id1470168868' | ||
| - icon: fab fa-github | ||
| url: 'https://github.com/oxen-io/session-desktop' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| title: Status | ||
| type: Recommendation | ||
| logo: /assets/img/messengers/status.svg | ||
| labels: 'color==info::icon==fas fa-fw fa-wifi::text==P2P::tooltip==Senders and recipients connect directly with no middlemen.|color==info::icon==fas fa-fw fa-wifi::text==Centralized::tooltip==Offline messages relaying is provided by a centralized server.|color==info::icon==fas fa-fw fa-users::text==TeamChat::tooltip==Group channels are supported.' | ||
| description: | | ||
| <strong>Status</strong> is an encrypted instant messenger with an integrated <a href="https://en.wikipedia.org/wiki/Ethereum">Ethereum</a> wallet (cryptocurrency) that also includes support for <a href="https://our.status.im/tag/dapps">DApps (decentralized apps)</a> (web apps in a curated store). It uses the <a href="https://our.status.im/status-launches-private-peer-to-peer-messaging-protocol/">Waku protocol (a fork of Whisper)</a> for P2P communication. When offline, messages are relayed by <a href="https://status.im/security/">centralized Waku mailservers</a>. | ||
| <h4>Audit & Technical Documentation</h4> | ||
| The mobile client softwares and protocol were <a href="https://status.im/audits/">independently audited</a> with <a href="https://github.com/status-im/status-security#audits">publicly released reports</a>. The protocol is described in a <a href="https://status.im/files/whitepaper.pdf">whitepaper</a>. | ||
| website: 'https://status.im/' | ||
| privacy_policy: 'https://status.im/privacy-policy/' | ||
| downloads: | ||
| - icon: fab fa-windows | ||
| url: 'https://status.im/get/' | ||
| - icon: fab fa-apple | ||
| url: 'https://status.im/get/' | ||
| - icon: fab fa-linux | ||
| url: 'https://status.im/get/' | ||
| - icon: fab fa-android | ||
| url: 'https://f-droid.org/packages/im.status.ethereum/' | ||
| - icon: fab fa-google-play | ||
| url: 'https://play.google.com/store/apps/details?id=im.status.ethereum' | ||
| - icon: fab fa-app-store-ios | ||
| url: 'https://apps.apple.com/us/app/status-private-communication/id1178893006' | ||
| - icon: fab fa-github | ||
| url: 'https://github.com/status-im/' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.