Anyone using Threema?

Dashrender

I like the idea of using if for no other reason than putting more encrypted traffic on the internet.

scottalanmiller

From a brief look it looks like a good idea for people who need that. Foreign reporters and media correspondents are obvious examples.

Nothing I would use. But important to exist.

Dashrender

There is no reason that ALL IM clients could/should provide this. The overhead is so minimal as to be a non issue.

JaredBusch

Most people I text message to have an iPhone, as do I. So all of our texting is encrypted and going over iMessage.

The only IM application I use on a regular basis is Line. I have never bothered to check if it is encrypted or not. That is used to IM with all the Japanese couples we know.

Dashrender

I don't understand why Apple doesn't release iMessage for all platforms... I bet it would be a huge hit.

I recall that BlackBerry did eventually release their BB chat client for other platforms.. but I don't recall how it did.

scottalanmiller

@Dashrender said:

There is no reason that ALL IM clients could/should provide this. The overhead is so minimal as to be a non issue.

It would also cripple standard features. I actively do not want it for that reason. I appreciate the value of the overhead.

scottalanmiller

@Dashrender said:

I don't understand why Apple doesn't release iMessage for all platforms... I bet it would be a huge hit.

I recall that BlackBerry did eventually release their BB chat client for other platforms.. but I don't recall how it did.

Because Apple sells iPhones. BB has to sell their software.

Alex Sage

@JaredBusch said:

So all of our texting is encrypted and going over iMessage.

iMessage uses end-to-end encryption without key verification by user. In this case, apple claims that there is end-to-end encryption, but due to missing user interface functions, the user has no way to verify that another contact's public key really matches with the private key that is only known to that contact. Therefore it is easy for apple to perform a MITM attack by manipulating the automatic key exchange without this being noticed. Subsequently, apple is able to decrypt and even forge exchanged messages.

scottalanmiller

@anonymous said:

@JaredBusch said:

So all of our texting is encrypted and going over iMessage.

iMessage uses end-to-end encryption without key verification by user. In this case, apple claims that there is end-to-end encryption, but due to missing user interface functions, the user has no way to verify that another contact's public key really matches with the private key that is only known to that contact. Therefore it is easy for apple to perform a MITM attack by manipulating the automatic key exchange without this being noticed. Subsequently, apple is able to decrypt and even forge exchanged messages.

You have to trust your vendors. Likewise Threema could hijack your data. Once you are into the world of not trusting your platform, all bets are off.

Now if you want to claim Apple is untrustworthy, sure, that's a reasonable discussion to have. But unless that's the discussion, they are part of your security chain and you need to trust them.

Alex Sage

@scottalanmiller said:

You have to trust your vendors. Likewise Threema could hijack your data. Once you are into the world of not trusting your platform, all bets are off.

Now if you want to claim Apple is untrustworthy, sure, that's a reasonable discussion to have. But unless that's the discussion, they are part of your security chain and you need to trust them.

I agree, you have to trust your vendors. And I am not saying I don't trust apple, I do, but I think it is a interesting discussion.

The Interesting part is that according to threema can't access your data, where in theory apple can.

Could you decrypt my messages, for example if you were required to by law enforcement?

No, that is impossible, as we don't have the secret keys of our users (your secret key never leaves your device). Our servers do need to know who is sending a message to whom, so that they can route it to the correct recipient, but they do not log this information, and cannot decrypt the message's content.

Of course, as @scottalanmiller stated that assumes that you trust threema

scottalanmiller

@anonymous said:

@scottalanmiller said:

You have to trust your vendors. Likewise Threema could hijack your data. Once you are into the world of not trusting your platform, all bets are off.

Now if you want to claim Apple is untrustworthy, sure, that's a reasonable discussion to have. But unless that's the discussion, they are part of your security chain and you need to trust them.

I agree, you have to trust your vendors. And I am not saying I don't trust apple, I do, but I think it is a interesting discussion.

Let's remember that according to threema can't access your data for anyone.

Could you decrypt my messages, for example if you were required to by law enforcement?

No, that is impossible, as we don't have the secret keys of our users (your secret key never leaves your device). Our servers do need to know who is sending a message to whom, so that they can route it to the correct recipient, but they do not log this information, and cannot decrypt the message's content.

Of course, as @scottalanmiller stated that assumes that you trust threema

Right, I understand that their design is to thwart people gaining access through any means. It's inherently a more secure design from a "data leakage" standpoint and far less secure from a "data protection" standpoint. They can't redeliver a failed message, can't reconnect you to lost contacts, can't restore a dead phone, etc.

But at the end of the day, they could perform a man in the middle attack in the same way that Apple can - since they control the platform both could turn on their users and hijack the data. Stating that they "can't" only means so much, because it only takes a trivial technology change that they can push out to make them able to. Apple is in the same boat needing to make a change to do a man in the middle attack.

So in both cases, it all comes down to trust in that particular aspect.

Alex Sage

@scottalanmiller said:

But at the end of the day, they could perform a man in the middle attack in the same way that Apple can - since they control the platform both could turn on their users and hijack the data. Stating that they "can't" only means so much, because it only takes a trivial technology change that they can push out to make them able to. Apple is in the same boat needing to make a change to do a man in the middle attack.

Are you sure?

Is Threema secure against man-in-the-middle (MITM) attacks?

Nobody can spoof a message that appears to come from somebody else's ID. However, anyone can send you a message and claim to be somebody else in writing, so you need to verify through a secure channel (preferrably in person) that the ID of the person you are communicating with is really theirs.

If you are sure about your chat partner's ID, then there's no way for an attacker to spoof or intercept/decrypt a message from or to your chat partner.

The connection between the app and the servers is secure against MITM attacks because the server authenticates itself to the app based on a public key that is hard-coded into the app and whose corresponding secret key is only known by the legitimate servers.

scottalanmiller

@anonymous said:

@scottalanmiller said:

But at the end of the day, they could perform a man in the middle attack in the same way that Apple can - since they control the platform both could turn on their users and hijack the data. Stating that they "can't" only means so much, because it only takes a trivial technology change that they can push out to make them able to. Apple is in the same boat needing to make a change to do a man in the middle attack.

Are you sure?

Is Threema secure against man-in-the-middle (MITM) attacks?

Nobody can spoof a message that appears to come from somebody else's ID. However, anyone can send you a message and claim to be somebody else in writing, so you need to verify through a secure channel (preferrably in person) that the ID of the person you are communicating with is really theirs.

If you are sure about your chat partner's ID, then there's no way for an attacker to spoof or intercept/decrypt a message from or to your chat partner.

The connection between the app and the servers is secure against MITM attacks because the server authenticates itself to the app based on a public key that is hard-coded into the app and whose corresponding secret key is only known by the legitimate servers.

Quite sure. What makes you trust an anonymous third party company so much as to use their own statements to believe that they are safe?

scottalanmiller

@anonymous said:

The connection between the app and the servers is secure against MITM attacks because the server authenticates itself to the app based on a public key that is hard-coded into the app and whose corresponding secret key is only known by the legitimate servers.

Notice that they even point out where the man in the middle attack won't happen, which should highlight to you where it can happen. How did you read this and not immediately see that they had to qualify the "can't" instead of just stating that it can't? Clearly it can and they are telling you right here.

JaredBusch

Right, their statement says no one ELSE can perform a MitM, not they they cannot. They can.

scottalanmiller

@JaredBusch said:

Right, their statement says no one ELSE can perform a MitM, not they they cannot. They can.

And that they can't do it between those two points. They can certainly do it between the GUI and the encryption layer.