Signal / Silence on GNU+Linux : A comprehensive summary | Librem 5 app

Hardware Librem 5
1

Why this topic

The purpose of this topic is to identify the different initiatives that exist to date to port the Signal secure messaging application to GNU+Linux systems, including PureOS on desktop and Librem 5.

Since information on this subject is very scattered on this forum and on the web, I hope that this work will help to clarify the situation and define an effective strategy to meet the recurring need (see the links below) of a Signal compatible client on GNU+Linux.

This discussion IS NOT:

  • A search for an alternative to the Signal service. We already know XMPP, Matrix, * insert your favorite service here *.
  • A debate on the development policy of Signal by Open Wisper Systems (OWS) or on the philosophical choices made by Moxie Marlinspike (Matthew Rosenfield, a founder of OWS). Only the technical implications will be discussed here.

Please, no flaming!

Signal desktop official app

Open Whisper Systems (OWS) currently offers a multi-system PC client based on the electron framework.

This application is heavy, not suitable for small screens and has several major limitations:

You cant make calls

You cant edit or add contacts

You’re not able to change the security number from the client, a secundair phone is needed

(Source : Will the Librem 5 run Signal? (Updated))

Issues have been opened on the official OWS github to upgrade the application’s features and port it to smarphones:


There is no hope that the situation will change quickly.

UBport app

Aaron Kimmig, aka nanu-c, maintains and develops an application compatible with Signal messaging for UBports (the successor to Ubuntu Touch). The TextSecure UI is in Go and QML :
https://open.uappexplorer.com/app/textsecure.nanuc

It builds upon the nanu-c’ Go textsecure package:

Both are in active devlopment.

This are forks of unmaintenained jamino’s textsecure-qml and textsecure.

This application seems to be usable on a daily basis for all functions related to text messages.

Unfortunately, the particular software environment of UBports (inherited from Canonical’s technological choices) prevents this application from being ported to other distributions such as it.

Signal CLI

Signal-cli, a basic command-line client for Signal developed by AsamK:

Latest commit Jan 9, 2019

It provides a commandline and dbus interface for WhisperSystems/libsignal-service-java

This client is written in Java, and is based mostly on libsignal-service-java 2, the library OpenWhisper provides and uses for its Android application. This library is based on a lower level library : libsignal-protocol-java.

I’m not that comfortable with having a daemon for messaging that requires a whole jvm running to power it. Luckily for us, OpenWhisper also has released libsignal-protocol-c 9, a C library they use for their iOS application. It is a bit hard to read for non-professional developpers though.

Someone wrote a sort of wrapper around lib-signal-protocol-c, called axc. I believe this wrapper could be used to create a daemon that acts as a standalone client, working even on desktop (given that you can use a phone number for registration).

  • gkdr’ axc Client lib for libsignal-protocol-c:

Latest commit Nov 11, 2018

Source Signal client for the Librem 5

  • SCLI

scli is a simple terminal user interface for Signal. It uses signal-cli and urwid.

Latest commit 4 days ago

Signal to Matrix

  • Signal client for node.js node-signal-client:

Latest commit May 28, 2017

“Dirty port of the Signal Chrome App to Node.j”

  • Signal bridge for Matrix:

Latest commit Feb 9, 2019

It works through the node-signal-client.

MartinDelille’s chat-qt

A Qt based interface for a Signal app (currently just an UI):


Last activity in january 2019.

Silence IM

A fork of Signal with only SMS/MMS encryption:

Latest commit on 23 Mar 2018

An issue has been opened to bring the application to Librem 5.
It is unlikely to happen, as the developer does not have enough time to maintain the android application.

https://github.com/SilenceIM/Silence/issues/670

But it is regularly requested to be able to encrypt SMS messages with Librem 5. Using this protocol from Signal could be interesting. This would allow compatibility with Android users.
The SMS application of Librem 5, Chatty, being based on LibPurple (see below) it would be appropriate to develop an extension of this library that would benefit many applications.

LibPurple:

Libpurple is a C library (GNU GPL), used by Pidgin for example, to support many protocols (Jabber, IRC, SILC, SIP, Zeroconf, AIM, Gadu-Gadu, ICQ, MSN, Yahoo! IM and Zephyr etc.).

It supports third party plugins:
https://developer.pidgin.im/wiki/ThirdPartyPlugins

A (old) ticket had been opened to request that Libpurple support TextSecure (the old name for Signal):

https://developer.pidgin.im/ticket/16537

As Chatty, the Librem 5 SMS / XMPP app, is based on LibPurple, to develop a libpurple plugin for Signal protocol that can be used by all software based on this library could be a good idea.

Purism’s efforts

Sean O’Brian, aka Sean Diggity (Purism’s Director of Business Development) asked for help from UBports Community to port the existing app (or develop a new one?):

And also on mastodon:

He says he’s already in discussion with OWS and Moxie.

Discussions

Here are the initiatives I have been able to identify so far. Feel free to complete this list if you know of any others. I will update this post.

As you can see, there is demand and many people interested in having a real Signal client under GNU+Linux.

Today, the application for UBports has proven that this is possible.

From my point of view, two solutions seem more relevant to have Signal on the Ibrem 5 and other machines:

  • Port the UBports application to GNOME as an adaptive app
  • Develop a plugin for LibPurple of the Signal protocol that can be used for any application, including, why not, a Chatty fork (the UI will already be developed in this case).

Concerning SMS encryption, the protocol formerly used by TextSecure/Signal and now by Silence is an interesting option. It could be ported as a plugin to LibPurple but the problem could be the lack of documentation.

What do you think of that?

Are you interested in or do you know someone who would be interested in working on such an application?

Maybe @sean.obrien could give us some update about the exchanges he may have had with OWS or interested developers?

Others discussions on the Purism forum:




21/02/2019 edit: Add SCLI and Todd Weaver Update from Late Night Linux Podcast
05/04/2019 edit: Add new topic “secure messaging” in “Others discussions…”

14 Likes
2

Is there a way to crowdfund or otherwise sponsor the development of Signal on Librem 5? I’d be willing to chip in if one of the main constraints is paying for developer efforts.

6 Likes
3

Definitely, count me in!

3 Likes
4

I think that would be a good idea.
However, there are not enough people interested to finance a developer at 100% in my opinion.
But we could do something like a bountysource to reward the developers.

2 Likes
6

That’s absurd.

Edward Snowden has no affiliation with Signal and only endorses it. It’s like saying “I don’t buy products with american steel anymore because Donald Trump and endorses american steel” which is just silly. Hell, that example is even less extreme because there are proof of his colleagues having secret meetings with russian diplomats while as far as I know Edward Snowden has not had contact with any Signal developers.

5 Likes
7

Sorry pal, I don’t trust the guy. And he does give it his stamp of approval.

https://www.newsweek.com/bad-news-fbi-edward-snowdens-favorite-chat-app-signal-just-got-50m-funding-816035

Interesting how they fail to mention where the 50 million came from.

8

Please, don’t feed…

4 Likes
9

Next time try to actually read the article, it’s right there in the fourth paragraph

Acton, who became a billionaire after selling WhatsApp to Facebook in 2014, is providing the funds and will become the organization’s executive chairman. He pledged to take an active role in operations and product development.

3 Likes
10

Signal is mine main app for SMS/MMS communication. I love the fact that people who use Signal as well will get an encrypted message, however those who are not in Signal yet will get normal SMM instead. Would love to have this working on my Prism 5 ; )

1 Like
11

There is a rather new application called scli. It is basically a python terminal front end for the already mentioned signal-cli.

2 Likes
12

Thank you, I will add it to the first post!

13

@todd-weaver (Purism CEO) was interviewed on the Late Night Linux Podcast.
You can listen to it here: https://latenightlinux.com/late-night-linux-episode-57/

The summary is here: https://brimborium.net/notes-from-lnls-todd-weaver-interview/

And there is very good news for Signal on Librem 5 !

Will Signal be supported?

Community folks are working on the APIs to have Signal work. Purism have connections with signal, of all the applications out there it is the most likely one to be included by default and meet the criteria Purism have.

7 Likes
14

Someone has opened an issue on the chatty git to suggest SMS encryption with the protocols used by Textsecure / Silence:

This is certainly not the priority of developers, but if some have the ability to contribute…

2 Likes
15

If Signal is supported on the Librem 5 it should

  • Integrate nicely into the native dialer and SMS apps.
  • Provide more contact privacy options rather then just sending hashed phone numbers to the Signal servers (I get the intent isn’t malicious, but privacy). The Signal developers seem dismissive towards improvements of this on the Android side.
  • Support VoIP and video calls.

In addition I registered my Signal account using a burner number not linked to any SIM card for privacy reasons and I also don’t use Signal as my SMS app, so the Signal client for the Librem 5 should support the same functionality.

EDIT: With regards to the “I don’t use Signal as my SMS app” remark: Since it’s a burner number not tied to any SIM card I can’t call/text from it.

1 Like
16

  • The SMS app is Chatty. No need for SMS in Signal app.

  • It’s a Signal app only if it’s compatible with Signal server. If you design a new protocole to discover contact, it’s not a Signal app. Moreover, it is more complicated and secure than a simple hash. Check out the official website.

  • It’s the harder part. Even with open protocole like XMPP it’s difficult to find a free software that support video call. Don’t expect someone develop it for the close Signal vidĂ©o call server. Jitsi and Matrix are better alternative for this use.

2 Likes
17

I’m not sure I correctly understand the statement by Todd. Do you think

Community folks are working on the APIs to have Signal work.

refers to one of the project listed in the initial post in this thread?

18

I don’t know. I found anything about a new project on Purism’s, Gnome’s or OWS git.
I think purism will communicate about this when they finish defining the Librem 5 BOM.The hardware should be the priority now.

19

I gave the software side some more thinking (been mainly thinking of the Librem 5 hardware) and here’s my response to each of your points.

Fair enough, and considering it’s not Android there isn’t much of a need to replace the existing SMS application [which with certain Android variants can be inferior]. Part of the reason I brought it up as “integrate nicely with the existing SMS and dialer apps” was that it would be pretty useful (in concept) if third party chat and VoIP applications could integrate with the PureOS system. The closest example that currently exists in a commercial product would be the BlackBerry Hub on some latter BlackBerry devices, but I never used it personally.

I wasn’t talking about having the Signal application break compatibility with the Signal servers. What I was saying is by default the iOS and Android applications force you to enroll in contact discovery if you want to give the Signal application access to your address book for display contact names and it’s not trivial to disable unless you either opt-out of giving Signal permission to access your address book entirely or modify the Signal application to not send the hashed phone numbers to the Signal server in the first place.

I agree that with time Matrix/Jitsi will be better solutions. Also I thought with the move from the Redphone protocol to WebRTC that the voice/video components of the server are now open source.

2 Likes
20
  • For your first point, I think synbiotic app concept, defined by Purism, addresses this problem:
  • Okay, I understand better. Indeed, a system for managing access rights to the contact book is required for all applications.
3 Likes
21
1 Like