diff options
Diffstat (limited to 'blog/session-manager')
| -rw-r--r-- | blog/session-manager/index.org | 128 |
1 files changed, 128 insertions, 0 deletions
diff --git a/blog/session-manager/index.org b/blog/session-manager/index.org new file mode 100644 index 0000000..803d048 --- /dev/null +++ b/blog/session-manager/index.org @@ -0,0 +1,128 @@ +#+title: Session Private Messenger +#+date: 2020-03-25 +#+description: Exploring the Session Private Messenger application. +#+filetags: :privacy: + +* Privacy Warning +The company behind Session (Loki Foundation) is from Australia. If you +didn't know, Australia has introduced +[[https://parlinfo.aph.gov.au/parlInfo/download/legislation/bills/r6195_aspassed/toc_pdf/18204b01.pdf][legislation]] +mandating companies comply with government requests to build backdoor +access into applications. For more information, read my article on +[[./2020-01-25-aes-encryption.html][AES Encryption]]. + +* About Session +[[https://getsession.org][Session]] is a private, cross-platform +messaging app from the [[https://loki.foundation][Loki Foundation]]. As +someone who has spent years looking for quality alternatives to major +messaging apps, I was excited when I first heard about Session. Reading +through [[https://arxiv.org/pdf/2002.04609.pdf][Session's white paper]], +you can learn the technologies behind the Session app. Part of the +security of Session comes from the Signal protocol, which was forked as +the origin of Session. + +#+begin_quote +Session is an end-to-end encrypted messenger that removes sensitive +metadata collection, and is designed for people who want privacy and +freedom from any forms of surveillance. +#+end_quote + +In general, this app promises security through end-to-end encryption, +decentralized onion routing, and private identities. The biggest change +that the Loki Foundation has made to the Signal protocol is removing the +need for a phone number. Instead, a random identification string is +generated for any session you create. This means you can create a new +session for each device if you want to, or link new devices with your +ID. + +Since Session's website and white paper describe the details of +Session's security, I'm going to focus on using the app in this post. + +* Features +Since most people are looking for an alternative to a popular chat app, +I am going to list out the features that Session has so that you are +able to determine if the app would suit your needs: + +- Multiple device linking (via QR code or ID) +- App locking via device screen lock, password, or fingerprint +- Screenshot blocking +- Incognito keyboard +- Read receipts and typing indicators +- Mobile notification customization +- Old message deletion and conversation limit +- Backups +- Recovery phrase +- Account deletion, including ID, messages, sessions, and contacts + +* Downloads +I have tested this app on Ubuntu 19.10, Android 10, macOS Monterey, and +iOS 15. All apps have worked well without many issues. + +Below is a brief overview of the Session app on Linux. To get this app, +you'll need to go to the [[https://getsession.org/download/][Downloads]] +page and click to link to the operating system you're using. + +For Linux, it will download an AppImage that you'll need to enable with +the following command: + +#+begin_src sh +sudo chmod u+x session-messenger-desktop-linux-x86_64-1.0.5.AppImage +#+end_src + +#+caption: Session Download Options +[[https://img.cleberg.net/blog/20200325-session-private-messenger/session_downloads.png]] + +* Creating an Account +Once you've installed the app, simply run the app and create your unique +Session ID. It will look something like this: +=05af1835afdd63c947b47705867501d6373f486aa1ae05b1f2f3fcd24570eba608=. + +You'll need to set a display name and, optionally, a password. If you +set a password, you will need to enter it every time you open the app. + +#+caption: Session Login (Linux) +[[https://img.cleberg.net/blog/20200325-session-private-messenger/session_linux_login.png]] + +#+caption: Session Login (macOS) +[[https://img.cleberg.net/blog/20200325-session-private-messenger/session_macos_login.png]] + +#+caption: Password Authentication +[[https://img.cleberg.net/blog/20200325-session-private-messenger/session_password_authentication.png]] + +* Start Messaging +Once you've created your account and set up your profile details, the +next step is to start messaging other people. To do so, you'll need to +share your Session ID with other people. From this point, it's fairly +straightforward and acts like any other messaging app, so I won't dive +into much detail here. + +** macOS +#+caption: macOS Conversations +[[https://img.cleberg.net/blog/20200325-session-private-messenger/session_macos_conversations.png]] + +One key feature to note is that the desktop application now provides a +helpful pop-up box explaining the process that Session uses to hide your +IP address: + +#+caption: IP Address Help Box +[[https://img.cleberg.net/blog/20200325-session-private-messenger/session_ip.png]] + +** iOS +The mobile app is quite simple and effective, giving you all the +standard mobile messaging options you'd expect. + +#+caption: iOS App +[[https://img.cleberg.net/blog/20200325-session-private-messenger/session_ios.png]] + +* Potential Issues +I've discovered one annoying issue that would prevent from using this +app regularly. On a mobile device, there have been issues with receiving +messages on time. Even with battery optimization disabled and no network +restrictions, Session notifications sometimes do not display until I +open the app or the conversation itself and wait a few moments. This is +actually one of the reasons I stopped using Signal (this seems fixed as +of my updates in 2021/2022, so I wouldn't worry about this issue +anymore). + +Looking for another messenger instead of Session? I recommend Signal, +Matrix, and IRC. |