From 25945b8fead989cca09a23983623b63ce36dcc0c Mon Sep 17 00:00:00 2001 From: Christian Cleberg Date: Mon, 8 Jan 2024 20:11:17 -0600 Subject: feat: total re-write from Emacs org-mode to Zola markdown --- content/blog/2020-03-25-session-messenger.md | 136 +++++++++++++++++++++++++++ 1 file changed, 136 insertions(+) create mode 100644 content/blog/2020-03-25-session-messenger.md (limited to 'content/blog/2020-03-25-session-messenger.md') diff --git a/content/blog/2020-03-25-session-messenger.md b/content/blog/2020-03-25-session-messenger.md new file mode 100644 index 0000000..627d249 --- /dev/null +++ b/content/blog/2020-03-25-session-messenger.md @@ -0,0 +1,136 @@ ++++ +date = 2020-03-25 +title = "Session Private Messenger" +description = "Exploring the Session Private Messenger application." ++++ + +# Privacy Warning + +The company behind Session (Loki Foundation) is from Australia. If you +didn't know, Australia has introduced +[legislation](https://parlinfo.aph.gov.au/parlInfo/download/legislation/bills/r6195_aspassed/toc_pdf/18204b01.pdf) +mandating companies comply with government requests to build backdoor +access into applications. For more information, read my article on [AES +Encryption](./2020-01-25-aes-encryption.html). + +# About Session + +[Session](https://getsession.org) is a private, cross-platform messaging +app from the [Loki Foundation](https://loki.foundation). As someone who +has spent years looking for quality alternatives to major messaging +apps, I was excited when I first heard about Session. Reading through +[Session's white paper](https://arxiv.org/pdf/2002.04609.pdf), you can +learn the technologies behind the Session app. Part of the security of +Session comes from the Signal protocol, which was forked as the origin +of Session. + +> Session is an end-to-end encrypted messenger that removes sensitive +> metadata collection, and is designed for people who want privacy and +> freedom from any forms of surveillance. + +In general, this app promises security through end-to-end encryption, +decentralized onion routing, and private identities. The biggest change +that the Loki Foundation has made to the Signal protocol is removing the +need for a phone number. Instead, a random identification string is +generated for any session you create. This means you can create a new +session for each device if you want to, or link new devices with your +ID. + +Since Session's website and white paper describe the details of +Session's security, I'm going to focus on using the app in this post. + +# Features + +Since most people are looking for an alternative to a popular chat app, +I am going to list out the features that Session has so that you are +able to determine if the app would suit your needs: + +- Multiple device linking (via QR code or ID) +- App locking via device screen lock, password, or fingerprint +- Screenshot blocking +- Incognito keyboard +- Read receipts and typing indicators +- Mobile notification customization +- Old message deletion and conversation limit +- Backups +- Recovery phrase +- Account deletion, including ID, messages, sessions, and contacts + +# Downloads + +I have tested this app on Ubuntu 19.10, Android 10, macOS Monterey, and +iOS 15. All apps have worked well without many issues. + +Below is a brief overview of the Session app on Linux. To get this app, +you'll need to go to the [Downloads](https://getsession.org/download/) +page and click to link to the operating system you're using. + +For Linux, it will download an AppImage that you'll need to enable with +the following command: + +```sh +sudo chmod u+x session-messenger-desktop-linux-x86_64-1.0.5.AppImage +``` + +![Session Download +Options](https://img.cleberg.net/blog/20200325-session-private-messenger/session_downloads.png) + +# Creating an Account + +Once you've installed the app, simply run the app and create your +unique Session ID. It will look something like this: +`05af1835afdd63c947b47705867501d6373f486aa1ae05b1f2f3fcd24570eba608`. + +You'll need to set a display name and, optionally, a password. If you +set a password, you will need to enter it every time you open the app. + +![Session Login +(Linux)](https://img.cleberg.net/blog/20200325-session-private-messenger/session_linux_login.png) + +![Session Login +(macOS)](https://img.cleberg.net/blog/20200325-session-private-messenger/session_macos_login.png) + +![Password +Authentication](https://img.cleberg.net/blog/20200325-session-private-messenger/session_password_authentication.png) + +# Start Messaging + +Once you've created your account and set up your profile details, the +next step is to start messaging other people. To do so, you'll need to +share your Session ID with other people. From this point, it's fairly +straightforward and acts like any other messaging app, so I won't dive +into much detail here. + +## macOS + +![macOS +Conversations](https://img.cleberg.net/blog/20200325-session-private-messenger/session_macos_conversations.png) + +One key feature to note is that the desktop application now provides a +helpful pop-up box explaining the process that Session uses to hide your +IP address: + +![IP Address Help +Box](https://img.cleberg.net/blog/20200325-session-private-messenger/session_ip.png) + +## iOS + +The mobile app is quite simple and effective, giving you all the +standard mobile messaging options you'd expect. + +![iOS +App](https://img.cleberg.net/blog/20200325-session-private-messenger/session_ios.png) + +# Potential Issues + +I've discovered one annoying issue that would prevent from using this +app regularly. On a mobile device, there have been issues with receiving +messages on time. Even with battery optimization disabled and no network +restrictions, Session notifications sometimes do not display until I +open the app or the conversation itself and wait a few moments. This is +actually one of the reasons I stopped using Signal (this seems fixed as +of my updates in 2021/2022, so I wouldn't worry about this issue +anymore). + +Looking for another messenger instead of Session? I recommend Signal, +Matrix, and IRC. -- cgit v1.2.3-70-g09d2