Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Real time communication improvements #1147

Merged
merged 19 commits into from Aug 17, 2019

Conversation

@Mikaela
Copy link
Member

commented Aug 12, 2019

Resolves: #1137

  • Remove duplicate Signal & Wire (which also fixes Wire VoIP warning being wrong)
  • Move Tox and Jami to instant messengers
  • Change Jitsi to Jitsi Meet
  • List Mumble

Resolves: #967

  • Remove Signal Desktop platforms as Android/iOS is required.

References: #1071

List security audits for:

  • Signal
  • Wire
  • Keybase

Preview: https://deploy-preview-1147--privacytools-io.netlify.com/software/real-time-communication/

voice-video-messenger: remove duplicates with instant-messenger
also move Tox and Jami to Instant Messengers, Change Jitsi to Jitsi Meet
@netlify

This comment has been minimized.

Copy link

commented Aug 12, 2019

Deploy preview for privacytools-io ready!

Built with commit 9235f50

https://deploy-preview-1147--privacytools-io.netlify.com

Mikaela added some commits Aug 12, 2019

@Mikaela
Copy link
Member Author

left a comment

My usual commentary

@@ -15,9 +15,6 @@ <h1 id="im" class="anchor"><a href="#im"><i class="fas fa-link anchor-icon"></i>
github="https://github.com/signalapp"
android=""
ios=""
mac=""
windows=""
linux=""

This comment has been minimized.

Copy link
@Mikaela

Mikaela Aug 12, 2019

Author Member

See #967

Show resolved Hide resolved _includes/sections/instant-messenger.html Outdated
<li><a href="https://eprint.iacr.org/2016/1013.pdf">A Formal Security Analysis of the Signal Messaging Protocol (2019)</a> by Katriel Cohn-Gordon, Cas Cremers, Benjamin Dowling, Luke Garratt and Douglas Stebila</li>
<li><a href="https://wire.com/en/security/#audits">Indepedent security audits</a> on Wire's website</li>
<li><a href="https://keybase.io/docs-assets/blog/NCC_Group_Keybase_KB2018_Public_Report_2019-02-27_v1.3.pdf">Keybase's Protocol Security Review (2019)</a> by <a href="https://www.nccgroup.trust/">NCC Group</a></li>
</ul>

This comment has been minimized.

Copy link
@Mikaela

Mikaela Aug 12, 2019

Author Member

This is the same order we list them in on the page.

Show resolved Hide resolved _includes/sections/voice-video-messenger.html Outdated


{% include cardv2.html
title="Mumble"

This comment has been minimized.

Copy link
@Mikaela

Mikaela Aug 12, 2019

Author Member

I suggested it in #1137 and thus had to remove encrypted from the title. @nitrohorse OKed it, but I understand if you wish to remove it.

I think Mumble may be more beginner friendly than Linphone and currently the only other suggestion is Jitsi Meet, which requires WebRTC that many are going to have disabled thanks to the Firefox tweaks.

title="Mumble"
image="/assets/img/tools/Mumble.png"
website="https://mumble.info/"
description="Mumble is an open source, low-latency, high quality voice chat software primarily intended for use while gaming. <span class=\"badge badge-warning\" data-toggle=\"tooltip\" title=\"\">Warning</span> While Mumble doesn't log messages or record by default, <a href=\"https://github.com/mumble-voip/mumble/issues/1813\">it's missing end-to-end encryption</a>, so self-hosting is recommended."

This comment has been minimized.

Copy link
@Mikaela

Mikaela Aug 12, 2019

Author Member

See also the related information section

Show resolved Hide resolved _includes/sections/voice-video-messenger.html Outdated
<li>More information about Mumble:</li>
<ul>
<li><a href="https://wiki.mumble.info/wiki/Running_Murmur">Running Mumble Server</a> and <a href="https://wiki.mumble.info/wiki/Murmur.ini">its config file</a>, particularly <a href="https://wiki.mumble.info/wiki/Murmur.ini#obfuscate">obfuscating IPv4 addresses</a> and <a href="https://wiki.mumble.info/wiki/Murmur.ini#Process_Administrivia">logging</a></li>
<li><a href="https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/Mumble">Torifying Mumble</a>

This comment has been minimized.

Copy link
@Mikaela

Mikaela Aug 12, 2019

Author Member

I think this may make Mumble more privacy friendly than Jitsi Meet, presuming logging is disabled. Tor Browser disables WebRTC, doesn't it?

This comment has been minimized.

Copy link
@nitrohorse

nitrohorse Aug 13, 2019

Member

Yeah, just validated myself and it's disabled in about:config.

@@ -136,26 +136,24 @@ Backend: closed-source

Ricochet: https://github.com/ricochet-im/ricochet

Tox: https://github.com/TokTok/c-toxcore

Ring/Jami: https://git.jami.net/savoirfairelinux

This comment has been minimized.

Copy link
@Mikaela

Mikaela Aug 12, 2019

Author Member

I corrected the source code location for Jami. Otherwise I just moved things around.

@Mikaela Mikaela requested review from JonahAragon, blacklight447-ptio, nitrohorse and privacytoolsIO/editorial Aug 12, 2019

@Mikaela Mikaela marked this pull request as ready for review Aug 12, 2019

@Mikaela

This comment has been minimized.

Copy link
Member Author

commented Aug 12, 2019

Would there be any point in listing Signal desktop separately and saying that it needs to be linked to Signal mobile?

JonahAragon added some commits Aug 13, 2019

@JonahAragon
Copy link
Member

left a comment

Made some changes at Mikaela#1 I'd like to see included, otherwise LGTM.

I also can't decide if we should include a Supports VoIP badge on the Instant Messengers that support VoIP, because we removed them from the Voice section. I just want it to be clear that Signal/Wire also support Voice. But maybe the warning listed is enough. I'm very on the fence about it. If we do want to add a badge like that though, I need the cardv2.html changes I made in #1148 to be merged first.

@JonahAragon JonahAragon reopened this Aug 13, 2019

@@ -60,6 +57,8 @@ <h3>Worth Mentioning</h3>
<li><a href="https://keybase.io/">Keybase</a> - <span class="badge badge-warning" data-toggle="tooltip" title="This software relies on a closed-source central server.">Warning</span> End-to-end encrypted messaging with social verification.</li>
<li><a href="https://status.im/">Status</a> - <span class="badge badge-warning">Experimental</span> A free and open-source, peer-to-peer, encrypted instant messanger with support for DAPPs.</li>
<li><a href="https://ricochet.im/">Ricochet</a> - <span class="badge badge-danger" data-toggle="tooltip" title="This software is safe if you manually keep Tor up to date."><a href="#ricochetTor" class="text-white">Danger</a></span> <span class="badge badge-warning" data-toggle="tooltip" title="This software is considered safe but experimental and the client has not been updated since 2016."><a href="https://github.com/ricochet-im/ricochet#experimental">Experimental</a></span> Ricochet uses the <a href="/browsers/#browser"><i class="fas fa-link"></i> Tor network</a> to reach your contacts without relying on messaging servers. It creates a hidden service, which is used to rendezvous with your contacts without revealing your location or IP address.</li>
<li> <a href="https://tox.chat/">Tox</a> - <span class="badge badge-warning">Experimental</span> A free and open-source, peer-to-peer, encrypted instant messaging and video calling software. </li>
<li><a href="https://jami.net/">Jami (formerly Ring/SFLphone)</a> - Gives you a full control over your communications and an unmatched level of privacy. Jami has <em>text messaging, video and audio calls, file transfer, video conferencing</em>.</li>

This comment has been minimized.

Copy link
@nitrohorse

nitrohorse Aug 13, 2019

Member

Minor suggestion; remove "a": Gives you full control...

@nitrohorse

This comment has been minimized.

Copy link
Member

commented Aug 13, 2019

I also can't decide if we should include a Supports VoIP badge on the Instant Messengers that support VoIP, because we removed them from the Voice section. I just want it to be clear that Signal/Wire also support Voice. But maybe the warning listed is enough. I'm very on the fence about it.

Looking it over I think adding a badge would be a good idea. The callout in the warning alert is kind of easy to miss.

Otherwise, LGTM too!

@nitrohorse
Copy link
Member

left a comment

LGTM once comments are resolved 👍

@Mikaela

This comment has been minimized.

Copy link
Member Author

commented Aug 13, 2019

So I just need to warn about WebRTC and Minor suggestion; remove "a": Gives you full control...?

Do I need to somehow add the supports VoIP label or will @JonahAragon do that later?

Mikaela added some commits Aug 13, 2019

@Mikaela Mikaela requested review from JonahAragon and nitrohorse Aug 13, 2019

@Mikaela

This comment has been minimized.

Copy link
Member Author

commented Aug 13, 2019

@JonahAragon @nitrohorse How about this?

@Mikaela

This comment has been minimized.

Copy link
Member Author

commented Aug 13, 2019

image

I am going to cancel that last commit though as I think it looks better with the space.

@Mikaela Mikaela force-pushed the Mikaela:rtc-improvements branch from 7b246f6 to 7c4c200 Aug 13, 2019

JonahAragon added some commits Aug 13, 2019

Use updated label functionality
The labels/badges functionality added to cardv2.html in cbe5de4 work better here.
@JonahAragon
Copy link
Member

left a comment

K last change: Since #1148 was merged the changes I pushed to Mikaela#2 make more sense for the VoIP and other badges.

@Mikaela Mikaela requested a review from JonahAragon Aug 13, 2019

@nitrohorse
Copy link
Member

left a comment

👍🏼

@JonahAragon JonahAragon dismissed stale reviews from nitrohorse and themself via 9235f50 Aug 17, 2019

@JonahAragon JonahAragon merged commit 1947b84 into privacytoolsIO:master Aug 17, 2019

1 of 4 checks passed

deploy/netlify Deploy preview processing.
Details
Header rules No header rules processed
Details
Pages changed 4 new files uploaded
Details
Travis CI - Pull Request Build Passed
Details

@JonahAragon JonahAragon deleted the Mikaela:rtc-improvements branch Aug 17, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.