initial commit

1 files changed, 127 insertions, 0 deletions

diff --git a/blog/2020-03-25-session-messenger.org b/blog/2020-03-25-session-messenger.org
new file mode 100644
index 0000000..5e79ab9
--- /dev/null
+++ b/blog/2020-03-25-session-messenger.org
@@ -0,0 +1,127 @@
+#+date: 2020-03-25
+#+title: Session Private Messenger
+
+* Privacy Warning
+
+The company behind Session (Loki Foundation) is from Australia. If you didn't
+know, Australia has introduced [[https://parlinfo.aph.gov.au/parlInfo/download/legislation/bills/r6195_aspassed/toc_pdf/18204b01.pdf][legislation]] mandating companies comply with
+government requests to build backdoor access into applications. For more
+information, read my article on [[./2020-01-25-aes-encryption.html][AES Encryption]].
+
+* About Session
+
+[[https://getsession.org][Session]] is a private, cross-platform messaging app from the [[https://loki.foundation][Loki Foundation]]. As
+someone who has spent years looking for quality alternatives to major messaging
+apps, I was excited when I first heard about Session. Reading through [[https://arxiv.org/pdf/2002.04609.pdf][Session's
+white paper]], you can learn the technologies behind the Session app. Part of the
+security of Session comes from the Signal protocol, which was forked as the
+origin of Session.
+
+#+BEGIN_QUOTE
+Session is an end-to-end encrypted messenger that removes sensitive metadata
+collection, and is designed for people who want privacy and freedom from any
+forms of surveillance.
+#+END_QUOTE
+
+In general, this app promises security through end-to-end encryption,
+decentralized onion routing, and private identities. The biggest change that the
+Loki Foundation has made to the Signal protocol is removing the need for a phone
+number. Instead, a random identification string is generated for any session you
+create. This means you can create a new session for each device if you want to,
+or link new devices with your ID.
+
+Since Session's website and white paper describe the details of Session's
+security, I'm going to focus on using the app in this post.
+
+* Features
+
+Since most people are looking for an alternative to a popular chat app, I am
+going to list out the features that Session has so that you are able to
+determine if the app would suit your needs:
+
+- Multiple device linking (via QR code or ID)
+- App locking via device screen lock, password, or fingerprint
+- Screenshot blocking
+- Incognito keyboard
+- Read receipts and typing indicators
+- Mobile notification customization
+- Old message deletion and conversation limit
+- Backups
+- Recovery phrase
+- Account deletion, including ID, messages, sessions, and contacts
+
+* Downloads
+
+I have tested this app on Ubuntu 19.10, Android 10, macOS Monterey, and iOS 15.
+All apps have worked well without many issues.
+
+Below is a brief overview of the Session app on Linux. To get this app, you'll
+need to go to the [[https://getsession.org/download/][Downloads]] page and click to link to the operating system
+you're using.
+
+For Linux, it will download an AppImage that you'll need to enable with the
+following command:
+
+#+BEGIN_SRC sh
+sudo chmod u+x session-messenger-desktop-linux-x86_64-1.0.5.AppImage
+#+END_SRC
+
+#+CAPTION: Session Download Options
+[[https://img.0x4b1d.org/blog/20200325-session-private-messenger/session_downloads.png]]
+
+* Creating an Account
+
+Once you've installed the app, simply run the app and create your unique Session
+ID. It will look something like this:
+=05af1835afdd63c947b47705867501d6373f486aa1ae05b1f2f3fcd24570eba608=.
+
+You'll need to set a display name and, optionally, a password. If you set a
+password, you will need to enter it every time you open the app.
+
+#+CAPTION: Session Login (Linux)
+[[https://img.0x4b1d.org/blog/20200325-session-private-messenger/session_linux_login.png]]
+
+#+CAPTION: Session Login (macOS)
+[[https://img.0x4b1d.org/blog/20200325-session-private-messenger/session_macos_login.png]]
+
+#+CAPTION: Password Authentication
+[[https://img.0x4b1d.org/blog/20200325-session-private-messenger/session_password_authentication.png]]
+
+* Start Messaging
+
+Once you've created your account and set up your profile details, the next step
+is to start messaging other people. To do so, you'll need to share your Session
+ID with other people. From this point, it's fairly straightforward and acts like
+any other messaging app, so I won't dive into much detail here.
+
+** macOS
+
+#+CAPTION: macOS Conversations
+[[https://img.0x4b1d.org/blog/20200325-session-private-messenger/session_macos_conversations.png]]
+
+One key feature to note is that the desktop application now provides a helpful
+pop-up box explaining the process that Session uses to hide your IP address:
+
+#+CAPTION: IP Address Help Box
+[[https://img.0x4b1d.org/blog/20200325-session-private-messenger/session_ip.png]]
+
+** iOS
+
+The mobile app is quite simple and effective, giving you all the standard mobile
+messaging options you'd expect.
+
+#+CAPTION: iOS App
+[[https://img.0x4b1d.org/blog/20200325-session-private-messenger/session_ios.png]]
+
+* Potential Issues
+
+I've discovered one annoying issue that would prevent from using this app
+regularly. On a mobile device, there have been issues with receiving messages on
+time. Even with battery optimization disabled and no network restrictions,
+Session notifications sometimes do not display until I open the app or the
+conversation itself and wait a few moments. This is actually one of the reasons
+I stopped using Signal (this seems fixed as of my updates in 2021/2022,
+so I wouldn't worry about this issue anymore).
+
+Looking for another messenger instead of Session? I recommend Signal, Matrix,
+and IRC.