feature overlap with onionshare 2.3.2 ? #53
Labels
No Label
android
arch
backlog
blocked-on-external
bug
bugbash
component/bindings
component/bine
component/connectivity
component/cwtch
component/tapir
component/ui
cwtch-1.14
cwtch-1.15
cwtch-beta-1.1
cwtch-beta-1.10
cwtch-beta-1.11
cwtch-beta-1.12
cwtch-beta-1.13
cwtch-beta-1.2
cwtch-beta-1.3
cwtch-beta-1.4
cwtch-beta-1.5
cwtch-beta-1.5.x
cwtch-beta-1.6
cwtch-beta-1.7
cwtch-beta-1.8
cwtch-beta-1.9
design
duplicate
enhancement
flutter
funding-needed
help wanted
hybrid-groups
in-nightly
in-progress
invalid
ios
linux
mac
need-replication-or-investigation
ops
packaging
post-stable
question
questionable
requires-more-effort-than-we-can-spare
rust
scheduled
stable-blocker
tails
testing-needed
tests
tor
waiting-on-fix-confirmation
waiting-on-new-flutter-feature
whonix
windows
wontfix
No Milestone
No project
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: cwtch.im/cwtch-ui#53
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Hi, was just wondering what more cwtch in its current status would offer over let's say latest version of onionshare, also using hidden services on Tor and having the ability to chat (the latter being fully cross-platform and also allowing for file-sharing though...)
The simplest answer is that Cwtch is designed to be a metadata resistant messaging platform (see the Risk Model section of the secure development handbook: https://docs.openprivacy.ca/cwtch-security-handbook/risk.html)
In Cwtch p2p chat is not only conducting over onion services those servers are also authenticate to each other, and from that they derive an ephemeral key that provides forward secrecy. As far as I am aware OnionShare has no equivilant to this with the same security properties.
For Group chat the routing server in Cwch is explictly untrusted, and (without collaberation of a group member) can learn nothing about who is participating in a given group, what groups the server is hosting or anything else to do with the contents of the chat.
OnionShare routes all messages plaintext via a (self-hosted)server, as such the server learns a lot about the chats it is hosting, and the identities on the server arebound to that server and cannot be used independently (unlike in Cwtch where you identity is a tor-compatible ed25519 key that can be used to host your own peer node and allow people to connect with you)