Freedombone Blog

Freedom in the Cloud

Chatting by Telephone

The main developer of the Conversations app has launched a new chat system called Quicksy. It's a minor variation of the Conversations codebase which uses a centralized closed source XMPP server, has telephone numbers replacing usernames, uses SMS and depends upon the Android contacts list as its roster. It actually uploads your Android contacts telephone numbers to a centralized server.

Basically it's a Signal-a-like, but XMPP and without the video or audio capabilities.

Why do I care at all about some proprietary thing, you may very well ask. You're right, probably I should just ignore this. The main thing that bugs me in a Columbo-like way is that it's coming from the same developer that I otherwise had some amount of confidence in. The thinking behind Quicksy is so mistaken, even if the aim is something simple such as "increase the popularity of XMPP", that I'm beginning to wonder whether continuing to use and promote Conversations is a good idea. I even started to think the unthinkable: could I develop an XMPP client for android myself?

I'll let that slide for now and carry on using Conversations, but block the Quicksy server (which presumably is just ejabberd with modifications). One thing I really don't want is people sending me their telephone numbers as JIDs (i.e. username part of XMPP addresses). That just creates privacy leakage which could end badly. Developing an XMPP client would be a vast amount of work, and is easily a full time job for at least one developer.

Using telephone numbers within chat applications isn't advisable. In some places in the world if you have the wrong telephone number, or a particular telephone number in your contacts list, then a flying robot will drop a missile onto your house or onto your wedding. You don't even need to be a terrorist for that to happen. Just someone who bought the wrong refurbished phone in a local shop, or a friend or relation of the person with The Telephone Number. Machine Learning can make a lot of spurious linkages. Maybe you attended the same church or shopped at the same store. There are also plenty of other threat models including phone numbers. If you're trying to escape from an abuser is publishing your phone number to anyone who can read your JID a good idea? I would guess not. What about if you're an immigrant? I assume that in most cases the Android contacts list is not secure and is probably known to Google (via default cloud backups) and the ISP. And then there's the whole IMSI thing with SMS. There are of course very similar issues with Signal.

The usual retort of the developer of such communications apps is that anyone with a conflicting threat model must be excluded and is not welcome in our system. As technologists, is this what we want?

Freedom is a constant struggle. There are no ideal solutions and technology cannot fix all problems. Sometimes the same battles have to be fought over and over.