cwtch vs speek ? #409

New Issue

icwtch · 2022-03-26T08:53:10Z

icwtch commented

2022-03-26 08:53:10 +00:00

Hi,
there seems to be a new kid on the block, brushing up the now defunct ricochet project, so basically a very similar project to yours.
Could you have a closer look at the project and see how cwtch stacks up to it ? (I'm by no means connected to the devs)... Thanks.
Links :
https://speek.network/
https://github.com/Speek-App/Speek

Hi, there seems to be a new kid on the block, brushing up the now defunct ricochet project, so basically a very similar project to yours. Could you have a closer look at the project and see how cwtch stacks up to it ? (I'm by no means connected to the devs)... Thanks. Links : [https://speek.network/](https://) [https://github.com/Speek-App/Speek](https://)

kalos commented

2022-03-26 21:10:31 +00:00

Have you tried this with anyone? Just curious about how well it works in practice. :)

icwtch commented

2022-03-27 06:35:32 +00:00

not yet, but will next week.

dan commented

2022-04-04 23:12:28 +00:00

"All messages are end-to-end encrypted. The Speek client is creating a Tor hidden service on the client PC. The message is then routed via the Tor onion network to the receiver. This makes it possible that the IP addresses are never public and the users can stay anonymous. The users are identified with public keys. Each user can share their public key with others to add them to the contacts list."

So it sounds mostly like Cwtch core, Cwtch with no experiments enabled, so no groups etc, and no multiple profiles.

looks like the have filesharing from screen shots

> "All messages are end-to-end encrypted. The Speek client is creating a Tor hidden service on the client PC. The message is then routed via the Tor onion network to the receiver. This makes it possible that the IP addresses are never public and the users can stay anonymous. The users are identified with public keys. Each user can share their public key with others to add them to the contacts list." So it sounds mostly like Cwtch core, Cwtch with no experiments enabled, so no groups etc, and no multiple profiles. looks like the have filesharing from screen shots

sarah commented

2022-04-04 23:59:00 +00:00

Main security difference: This is based on the ricochet-refresh code base (based on the ricochet code base) whic has a non-offline deniable authentication protocol - the security implications of which are non-trivial. In comparison Cwtch sessions are offline-deniable. (See this part of the security handbook: https://docs.openprivacy.ca/cwtch-security-handbook/authentication_protocol.html#cryptographic-properties)

It also looks like they have adapted the QML based UI from the original ricochet, like ricochet refresh. It is very hard to lock QML down especially when introducing new features (it also doesn't translate well to a mobile environment - which is the main reason we stopped building on Qt).

Main security difference: This is based on the ricochet-refresh code base (based on the ricochet code base) whic has a non-offline deniable authentication protocol - the security implications of which are non-trivial. In comparison Cwtch sessions are offline-deniable. (See this part of the security handbook: https://docs.openprivacy.ca/cwtch-security-handbook/authentication_protocol.html#cryptographic-properties) It also looks like they have adapted the QML based UI from the original ricochet, like ricochet refresh. It is very hard to lock QML down especially when introducing new features (it also doesn't translate well to a mobile environment - which is the main reason we stopped building on Qt).

👍 2

richard commented

2022-04-13 22:46:49 +00:00

Hi,
there seems to be a new kid on the block, brushing up the now defunct ricochet project, so basically a very similar project to yours.
Could you have a closer look at the project and see how cwtch stacks up to it ? (I'm by no means connected to the devs)... Thanks.
Links :
https://speek.network/
https://github.com/Speek-App/Speek

Yeah I responded to them in their reddit thread:

https://old.reddit.com/r/TOR/comments/tkgk41/ricochet_reborn_a_user_friendly_torchat_for/i2hnq35/

tldr; it's ricochet-refresh with a paint-job and some interesting patches on top

> Hi, > there seems to be a new kid on the block, brushing up the now defunct ricochet project, so basically a very similar project to yours. > Could you have a closer look at the project and see how cwtch stacks up to it ? (I'm by no means connected to the devs)... Thanks. > Links : > [https://speek.network/](https://) > [https://github.com/Speek-App/Speek](https://) Yeah I responded to them in their reddit thread: https://old.reddit.com/r/TOR/comments/tkgk41/ricochet_reborn_a_user_friendly_torchat_for/i2hnq35/ tldr; it's ricochet-refresh with a paint-job and some *interesting* patches on top

quartermarsh2 commented

2022-04-15 05:29:55 +00:00

Thanks Richard.
I'll be kind and go with dude-bro incompetence, which some might say verges on maliciousness. I read their documentation and just kept having this sneaky feeling that corners had been cut and problems had been glossed over. I would not hesitate to think twice about recommending this app ;)

Thanks Richard. I'll be kind and go with dude-bro incompetence, which some might say verges on maliciousness. I read their documentation and just kept having this sneaky feeling that corners had been cut and problems had been glossed over. I would not hesitate to think twice about recommending this app ;)

👍 1

sarah closed this issue

2022-04-25 17:52:52 +00:00

Sign in to join this conversation.