The Living Thing / Notebooks : Text-based chat systems; Contraindications and tips

most communication systems spraypaint your friends' houses with dick picks. Metaphorically. Usually metaphorically.

For an amazing visualisation of how the popularity of chat clients increases roughly in proportion to how much of your information is given to unaccountable third parties, see the EFF chat scorecard.


tl;dr There are too many secure chat programs and not enough secure anything else, and we can’t persuade people to use even the secure chat programs, let alone the same programs.

Everyone use Signal, or just meet up face-to-face.

Instant-ish messaging via text and telephony.

The ephemeral nature of chats turns out to be potentially much more practically secure than email, at least if you do it right.

Skype, however, does not do it right; rather, it is an NSA honeypot.

There are attempts to do it right below, but refer also of course to the problem of jurisdiction.

Trumping end to end encryption

Currently, the NSA can tap into a broad range of communications, but have no means to compel communications to be in a form they can monitor. This is likely to change; after all, they will need to be able to hunt down those involved in, or providing support to, terrorist groups like Black Lives Matter and Friends Of The Earth, not to mention the President’s extensive list of enemies. As such, it is quite likely that, at some point during Trump’s first year, end-to-end encrypted messaging systems will be required to provide real-time plaintext to the security services. (Things have already been moving slowly in this direction, and will only accelerate under a president who has expressed admiration for autocrats and a brutishly Hobbesian view of how power works.)

Similar laws are already in force in more established autocracies such as Russia and Turkey. The difference is that American companies, subject to American law, provide many of the communications systems used worldwide, such as Apple iMessage, WhatsApp and Signal. These are likely to be compelled to provide the US homeland-security authorities with the plaintext of all messages coming through them, in real time, and to make whatever changes are necessary to their architecture to achieve this.

With iMessage, this would be theoretically easy to do. iMessage messages are encrypted from end to end, so Apple have no means of reading them, but each message is encrypted several times with the public keys of each of the recipients’ devices (i.e., if you’re sending one to someone with an iPhone and an iPad, your iMessage client will encrypt it with the public keys of both of their devices). Once they are legally compelled to do so, Apple could just quietly add an extra key, whose private key is held by the NSA iMessage ingestion gateway. Given that the entire iMessage system is closed-source and completely under Apple’s control, Apple could push this to all users, without worrying about rogue clients that feed the NSA junk.

Centralised chat

Decentralised chat

matrix is more of a messaging layer for the internet, at lower level than a chat solution per se. Specifically, it aims to

[provide] an open universal communication layer perfect for VR calling, messaging and collaboration, powering immersive experiences for conferencing, tourism, entertainment, telepresence, e-learning, etc. […]Matrix is that missing signalling layer for WebRTC. If you are building VoIP into your app, or want to expose your existing VoIP app to a wider audience, building on Matrix’s SDKs and bridges should be a no-brainer.

Retroshare does this too, as does scuttlebutt and other decentralised social networks.