[guardian-dev] making Gibberbot as successful as Whatsapp without selling out

[Chris Ballinger]

I recently had a conversation with Nathan about building a special push
message server with support for ChatSecure and Gibberbot (perhaps open and
extensible for other apps as well?) that would act as a "knocking" system
to tell users to open the app. This would avoid the nasty problem of having
to store everyone's login credentials on an external server running as an
XMPP client to provide push support.

We could store an array of salted hashes of JIDs keyed to a device's push
token, and verify ownership by sending a message/request to a special JID
running on our server. Then when someone else wants to chat and it appears
you are offline, they can ask our server to "knock" all devices connected
to that JID hash, and you to prompt you to open the client and establish a
secure connection.

This approach would also provide much better battery life than constantly
keeping a socket open (which is actually impossible to do on iOS for longer
than 10 minutes unless you are a VoIP app).

As far as secure file transfer, I think OTRv3 has a new extra symmetric key
exchange now for this sort of thing, although I could be wrong.

On Tue, Sep 18, 2012 at 7:07 PM, Hans-Christoph Steiner <
hans at guardianproject.info> wrote:

>
> We've been having this discussion off list, so I wanted to bring it out
> to the public forum to get more ideas flowing:
>
> On Tue, Sep 18, 2012 at 9:19 PM, Hans-Christoph Steiner <
> hans at guardianproject.info> wrote:
>
> > On 09/14/2012 02:03 AM, Nathan of Guardian wrote:
> > > On 09/13/2012 10:50 PM, Mark Belinsky wrote:
> > >>
> > >> There are a few features that set these apart. Whereas gibberbot
> > >> requires a tutorial, these apps "just work".
> > >
> > > I will say that is is many of the "just works" aspects that are
> entirely
> > > contrary to privacy and security by design. This is the crux we find
> > > ourselves at. Being here in India, I am experience the prepaid
> > > pay-per-message world people live in, so I think the idea that you get
> > > "free unlimited global messaging" is pretty attractive, though
> deceptive
> > > because people are still paying for mobile data packets.
> > >
> > > I think we could market Gibberbot, or perhaps a better named app, as
> > > "Global Free Unlimited Mobile Messaging with the best Security and
> > > Privacy Controls". Maybe we come up with a new name for both Gibberbot
> > > and ChatSecure, so we can claim Android and iOS, and even integrate
> with
> > > CryptoCat2, so we have a web/desktop experience.
> > >
> > > I counter Mark's assertion that Gibberbot requires a tutorial to use.
> We
> > > put in the wizard text to help communicate some of the more advanced
> > > features of security. Otherwise, putting in your Google or Facebook
> > > username and password just works.
> > >
> > > Still, here are some features that I hope we can adopt in Gibberbot to
> > > make the app more simple. I know Miron is working on many of these, and
> > > Derek has designed similar concepts in the past:
> > >
> > > - Make the app feel more like SMS messaging as opposed to the outdated
> > > buddy list/chat/IM messaging. This means focus on persistent
> > > conversation threads in an inbox as the primary interface.
> > >
> > > - Hide the concept of "logging in" as much as possible. If people want
> > > to communicate via their Google account, then we should tap right into
> > > their pre-existing registering Android/Google credentials, or oauth
> into
> > > their Facebook. Any registering/connect/disconnect should happen in the
> > > background.
> > >
> > > - Make it easy to create a new account (prehaps auto-registering on
> > > jabber.org servers) for people that don't have or know their gmail or
> > > facebook account info. The concept is "message me on Gibberbot" not
> > > "chat with me on Gmail/Gtalk/Facebook via Gibberbot".
> > >
> > > - Perhaps this new account login/username is OPTIONALLY based on their
> > > phone number, such that it is easy to find/connect to people you
> already
> > > know w/o any more information. This is similar to RedPhone's use of
> your
> > > phone number as the username/extension. I think this is a huge
> > > security/privacy risk in terms of traffic analysis.
> > >
> > > - Support file, picture, audio transfer/attachments to the
> > > conversation... MMS continues to suck and not work, but people still
> are
> > > trying to figure out how to send private picture messages
> > >
> > > Any others people want to add to the list?
> >
> > I think we can emulate the Whatsapp quite a bit while keeping to privacy
> > by design really just by using sensible defaults.  Honestly, I think the
> > only stuff we shouldn't emulate is the marketing and spamming of the
> > contacts.  In addition to what Nathan outlines, here's what we would
> > need to do:
> >
> > - we choose a good, no logging service like dukgo.com or jabber.ccc.de
> > make it the default.
> >
> > - if its not setup, use their phone number to create a new account on
> > the default service
> >
> > - have it generate and store a password, with an option to set it if
> > they want.
> >
> > - provide a dead simple way for people to sms the install link to people
> > in their contacts, but one-by-one and make it apparent what the message
> > is for
> >
> > - whenever a message from a new contact is received or sent, it can add
> > that as a XMPP/gtalk contact, then providing what Whatsapp does not:
> > interoperable buddy lists with your gmail/gtalk.
> >
> >
> > This would all be the default setup behavior, but have one button early
> > on that leads you to the standard XMPP client setup screens.
> >
> > .hc
>
> >
>
>
>
> _______________________________________________
> Guardian-dev mailing list
>
> Post: Guardian-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>
> To Unsubscribe
>         Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
>         Or visit:
> https://lists.mayfirst.org/mailman/options/guardian-dev/chrisballinger%40gmail.com
>
> You are subscribed as: chrisballinger at gmail.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20120920/939923a5/attachment.htm>