L5 Messaging app

So the topic of protonmail made me wonder about the privacy issues when using text messaging on the L5. In that, I suppose is is encrypted, (I apologize, I’m playing catch up learning all I can about the L5) but if texting to someone on apple/android regular texting apps, encryption is lost then on their end? Same when sending a protonmail email to a gmail user?

Then I wonder how secure/private it is texting L5 to L5? Or voice calls between L5 and L5? I guess I’m trying to ascertain if it is on par with using Signal?

Sorry if this has been covered before.

The chat application used in the Librem 5 (chatty) uses XMPP, and work is being done to properly implement OMEMO, wich is an implementation of the signal encryption protocol, for XMPP.

GSM Calls are not encrypted, but VOIP solutions are being worked on. There are also matrix clients that already support encryption like: mirage

8 Likes

Thanks for the info. So then for it to really be secure, you need both ends using an L5 correct? Otherwise, it’s all open on the user end that may be using apple/android?

No you only require that both ends support the same protocols for an encrypted conversation.

That is the beauty of federated services.

5 Likes

you know ProtonMail is the largest in and one of the better email-services on the European continent but the COUNTRY (Switzerland - where the best chocolate comes from and where Lila cows are grown :joy: ) is not part of EU …

as a joke. i always ‘pride’ myself in how nice it is to communicate with support-at-puri-dot-sm with e2eee (end to end encrypted email) but i forget that i exchanged the Public-Keys on plain https (secure http) that can be intercepted more easily :upside_down_face:

that being said you have to watch out HOW you establish TRUST when using e2eee with someone else using ProtonMail or some other capable system of e2eee. at this point i’m mainly getting used to it. i’m definately not where i should be with my CLI usage …

edited name :stuck_out_tongue:

I mean the only breach here is that anybody who intercepted the exchange is now able to encrypt messages that only you can decrypt… Not a breach at all, and there’s a reason key servers are accessible publicly and you can search for anyone’s public key (anyone who shared it on a keyserver, that is), or that people post their public key on their homepage, etc.

Your point about establishing trust does stand though!

1 Like

the COUNTRY (Sweden - where the best chocolate comes from and where Lila cows are grown :joy: ) is not part of EU …

SWIT ZER LAND

1 Like

That would be Switzerland.

1 Like

Sweden has the best rotten herring. There are no lilac cows there, but many of the houses are red.

Sweden is part of the EU.

1 Like

lol. i always confuse the two when writing :stuck_out_tongue: thanks guys for pointing out the error !

yes i was talking about Switzerland :slight_smile: but accidentally wrote Sweden :joy: silly me

PureOS 9

The following packages have unmet dependencies:
matrix-mirage: Depends: python3-matrix-nio but it is not installable
Depends: python3 (>= 3.8) but 3.7.3-1 is to be installed or python3-pyfastcopy but it is not installable
Depends: qml-module-qt-labs-qmlmodels but it is not installable
E: Unable to correct problems, you have held broken packages.

So as of now no encrypted messengers are supported natively… Disappointing.

Matrix-mirage is installable in PureOS 10 Byzantium. Which will be the next version to have on the Librem 5.

2 Likes

sudo python3 --version
sudo apt update
sudo apt list --all-versions python3
Listing… Done
python3/byzantium 3.9.2-3 amd64 [upgradable from: 3.9.2-2]
python3/now 3.9.2-2 amd64 [installed,upgradable to: 3.9.2-3]

sudo apt install python3=3.9.2-3
Reading package lists… Done
Building dependency tree… Done
Reading state information… Done
The following additional packages will be installed:
libpython3-stdlib python3-minimal
Suggested packages:
python3-doc python3-tk python3-venv
The following packages will be upgraded:
libpython3-stdlib python3 python3-minimal
3 upgraded, 0 newly installed, 0 to remove and 111 not upgraded.
Need to get 97,5 kB of archives.
After this operation, 1.024 B disk space will be freed.
Do you want to continue? [Y/n] Y

Disappointing? This is just my abbreviated hint into which direction you should (probably) proceed with! In order to achieve … before you start with apt install matrix-mirage. Either dep: python3 (>= 3.8) or python3-pyfastcopy, explanation is here. In addition to python3.9/, python3.8/ is part of PureOS repo as well.