[smc-discuss] [fosscomm] Kontalk - encryption, as easy as whatsapp!

[Praveen A]

2014/1/21, Vipin Nair <swvist at gmail.com>:
>>
>>
>> This is a real, easy, working, free software solution for completely
>> private communications.
>
>
> These are tall claims and I would take it with a pinch of salt. Good
> Cryptography is extremely hard[0].

Well, it is always good to challenge. I'm ready to correct me if I'm
proven wrong. It was my assessment based on the knowledge I have. I
have been thinking of something similar for some time.

> How does Kontalk compare to other systems like CryptoCat[1], TextSecure[2]
> and Telegram[3]? There was a lot of debate on the security of Telegram on
> HN[4] and elsewhere[5] recently.

I had a look at telegram and I can share my views. Hopefully someone
can take a look at the other two options. I will try to look at the
other two when I get some time.

The default option in telegram is not end to end encryption but they
provide it as "secret message" as an option.

Telegram is using their own protocol, although open. Kontalk will be
switching to xmpp.

Kontalk uses pgp, and it is well tested. It is trying to combine many
of the existing technologies rather than inventing new.

Cryptocat is using OTR so both parties has to be online at the same time.

Kontalk is more like sms/email/whatsapp where it can be asynchronous.

> Also, CryptoCat has released the beta version of their Android and IOS app
> and is available for a public review[6].
>
> Personally, I would like to see something like the CryptoCat threat
> model[7] for all application that claim to use 'encryption' or is 'secure'.
>

Thanks for sharing this. I will go through it later.

-- 
പ്രവീണ്‍ അരിമ്പ്രത്തൊടിയില്‍
You have to keep reminding your government that you don't get your rights
from them; you give them permission to rule, only so long as they follow the
rules: laws and constitution.