Freedombone Blog

Freedom in the Cloud

End-to-End Policy

Another thing changed recently on the XMPP configuration within Freedombone is the end-to-end security policy. Previously if you posted anything without encryption there would be a big scary and usually also noisy warning notification telling you to do better. This is ok for private one-to-one chats, but not for public multi-user chats such as channels used for open source projects.

So I did a little tweaking and now either OpenPGP or OMEMO are required for one-to-one chat (if you try anything else it will just fail) and there is no encryption requirement for multi-user chat. So you won't get any annoying alarms when posting to multi-user chats. You can of course still do encrypted multi-user chat if you want to, it's just not a strict requirement enforced by the server.

I now find that using XMPP with Conversations on Android is actually a nice experience with very little friction. The cryptostuff all seems to "just work", and there is no possibility of accidentally sending an unencrypted private message as there was before. As of Conversations 2.1 OMEMO encryption is now the default, so you don't need to be concerned about turning it on.

Also in cryptostuff-related news I noticed recently that the Tor daemon on my server was struggling and that apps were not accessible via their onion addresses. This happens occasionally, because Tor is not a perfect system. Relays appear or disappear. Guards change. Systems are attacked and defended. It would be nice to know when these outages are occurring though, so I've added a watchdog to monitor the health of the Tor daemon and report any changes in status via email. So now just by reading your email you can know whether there are any Tor problems happening. In future I'd like to integrate this with XMPP, because that might be more useful. I don't read emails all that often.

Tags: freedombone, tor, onion, xmpp, encryption