diff options
Diffstat (limited to 'content/blog/2020-03-25-session-messenger.org')
| -rw-r--r-- | content/blog/2020-03-25-session-messenger.org | 116 |
1 files changed, 116 insertions, 0 deletions
diff --git a/content/blog/2020-03-25-session-messenger.org b/content/blog/2020-03-25-session-messenger.org new file mode 100644 index 0000000..f15822f --- /dev/null +++ b/content/blog/2020-03-25-session-messenger.org @@ -0,0 +1,116 @@ +#+date: <2020-03-25> +#+title: Session Private Messenger +#+description: + + +* Privacy Warning + +The company behind Session (Loki Foundation) is from Australia. If you +didn't know, Australia has introduced +[[https://parlinfo.aph.gov.au/parlInfo/download/legislation/bills/r6195_aspassed/toc_pdf/18204b01.pdf][legislation]] +mandating companies comply with government requests to build backdoor +access into applications. For more information, read my article on +[[./2020-01-25-aes-encryption.html][AES Encryption]]. + +* About Session + +[[https://getsession.org][Session]] is a private, cross-platform +messaging app from the [[https://loki.foundation][Loki Foundation]]. As +someone who has spent years looking for quality alternatives to major +messaging apps, I was excited when I first heard about Session. Reading +through [[https://arxiv.org/pdf/2002.04609.pdf][Session's white paper]], +you can learn the technologies behind the Session app. Part of the +security of Session comes from the Signal protocol, which was forked as +the origin of Session. + +#+begin_quote +Session is an end-to-end encrypted messenger that removes sensitive +metadata collection, and is designed for people who want privacy and +freedom from any forms of surveillance. +#+end_quote + +In general, this app promises security through end-to-end encryption, +decentralized onion routing, and private identities. The biggest change +that the Loki Foundation has made to the Signal protocol is removing the +need for a phone number. Instead, a random identification string is +generated for any session you create. This means you can create a new +session for each device if you want to, or link new devices with your +ID. + +Since Session's website and white paper describe the details of +Session's security, I'm going to focus on using the app in this post. + +* Features + +Since most people are looking for an alternative to a popular chat app, +I am going to list out the features that Session has so that you are +able to determine if the app would suit your needs: + +- Multiple device linking (via QR code or ID) +- App locking via device screen lock, password, or fingerprint +- Screenshot blocking +- Incognito keyboard +- Read receipts and typing indicators +- Mobile notification customization +- Old message deletion and conversation limit +- Backups +- Recovery phrase +- Account deletion, including ID, messages, sessions, and contacts + +* Downloads + +I have tested this app on Ubuntu 19.10, Android 10, macOS Monterey, and +iOS 15. All apps have worked well without many issues. + +Below is a brief overview of the Session app on Linux. To get this app, +you'll need to go to the [[https://getsession.org/download/][Downloads]] +page and click to link to the operating system you're using. + +For Linux, it will download an AppImage that you'll need to enable with +the following command: + +#+begin_src sh +sudo chmod u+x session-messenger-desktop-linux-x86_64-1.0.5.AppImage +#+end_src + +* Creating an Account + +Once you've installed the app, simply run the app and create your unique +Session ID. It will look something like this: +=05af1835afdd63c947b47705867501d6373f486aa1ae05b1f2f3fcd24570eba608=. + +You'll need to set a display name and, optionally, a password. If you +set a password, you will need to enter it every time you open the app. + +* Start Messaging + +Once you've created your account and set up your profile details, the +next step is to start messaging other people. To do so, you'll need to +share your Session ID with other people. From this point, it's fairly +straightforward and acts like any other messaging app, so I won't dive +into much detail here. + +** macOS + +One key feature to note is that the desktop application now provides a +helpful pop-up box explaining the process that Session uses to hide your +IP address: + +** iOS + +The mobile app is quite simple and effective, giving you all the +standard mobile messaging options you'd expect. + +* Potential Issues + +I've discovered one annoying issue that would prevent from using this +app regularly. On a mobile device, there have been issues with receiving +messages on time. Even with battery optimization disabled and no network +restrictions, Session notifications sometimes do not display until I +open the app or the conversation itself and wait a few moments. This is +actually one of the reasons I stopped using Signal (this seems fixed as +of my updates in 2021/2022, so I wouldn't worry about this issue +anymore). + +Looking for another messenger instead of Session? I recommend Signal, +Matrix, and IRC. |