The question goes straight to @linuxxx.

How secure is Viber? After an update recently, each conversation one starts says it's end to end encrypted.

How true is that?

I guess that it isn't

They say they care about your privacy, but they actually don’t give a fuck about it. https://viber.com/terms/...

@BlueNutterfly Let me analyze that right now for you, gimme a few minutes!

@BlueNutterfly Alright, quick analysis but hereby:

- metadata is not protected, not good/great privacy wise.
- closed source: you can't verify anything about what they claim
- they use 'their own from scratch written implementation' of the double ratchet protocol (Signal protocol). Why in the living fuck would you rewrite a library of the already strongest crypto protocol in the world?! I can apply the same logic here as with telegrams crypto: do not use/write your own fucking crypto algorithms!!! There are very good tested/verified algo's out there for a reason!
- authenticating an entire user (also automatically accepting their keys from any of their devices in the future) is not a good idea since it would only take an attacker who compromises an account to start reading along with convo's, also interesting for state sponsored attackers!

I'd call it insecure and I personally wouldn't trust it.

Hope you can use this info :)

@linuxxx Thanks for the information :)

@Haxk20 in case of IM's mostly the metadata isn't protected which pretty much invalidates the entire fucking encryption.

@Haxk20 Let me rephrase. It doesn't 'invalidate' the encryption but the amount of profiling you can do based on sent times, sender, receiver, location, amount of messages, message length and so on is stunning.

But the fact that they wrote their own implementation of a perfectly fine/strong/secure crypto protocol really boggles my mind as there is literally no valid reason for that.
The only reason I can think of indeed is some kind of backdoor system.

@Haxk20 And then the fact that their custom crypto system is proprietary....

This feels nasty.

Does it have Two-factor-authentication now?
Before It had problem, if you no longer use your Viber account connected phone number, someone else will eventually get it. If that person logins to Viber with that number, he can read all your chats.

I guess @linuxxx is capable of doing a full blown audit? Because if not it's all opinions and assumptions

@Kimmax It's not all opinions and assumptions. I looked up facts and they're worrying from a privacy/security perspective.

I'm not a cryptographer so I wouldn't even trust my own in depth analysis of their crypto algo!

But next to that, their code is closed source so I couldn't anyways :/

@linuxxx what messenger would you recommend to use??

@c3ypt1c Signal all the way. Open source, do their best to protect metadata and their crypto protocol is one of the best in the world (also used by whapp)

It's also audited and the results were great!

Good rule of thumb... if the encryption/privacy mechanism is proprietary and closed source you should not trust it! No exceptions.

The best practice is to just support open source software whenever possible, but really this ‘rule of thumb’ doesn’t mean that no proprietary software should exist for profit; it just meant a that if it is proprietary, but wants to be trustworthy, then at the least, it’s encryption and transport routines must be open source code that’s implemented in a verifiable way that leaves no doubts or blurry areas in its function (there are usually ways integrate open source within a proprietary model).

Open source practices and ideologies must be the future if we want to have a truly free and open society where privacy exists in any meaningful way.

@linuxxx I’d say the metadata issue is more than just ‘not good/great’; it is a potential DISASTER for anyone expecting privacy!

If you look at much of the leaked data from Snowden and others, metadata is often all they care about. Just knowing you are talking to someone, regardless of the actual conversation or data, is often enough. The metadata is enough to get people killed in some places, and in other scenarios it can be disastrous as accusers can craft a narrative. Imagine being in front of a jury in a court room, if they can prove that you talked to some person it could arguably be better to have zero encryption rather than to be leaking metadata that leaves an open ended narrative to the imaginations of third parties. It’s all solid advice/comments you gave @linuxxx, I just wanted to elaborate on the often overlooked metadata issue. I give props to you for mentioning it!

Any system that doesn’t encrypt metadata is a broken system if the goal is end to end privacy.

@agaskins Thanks haha! You can't encrypt all the metadata since that would render modern day protocols useless but at least do your best to secure as much of it as possible!

@linuxxx you are right! I use the term encrypt too broadly, because where metadata can be deduced (via packet timing analysis schemes, for one example) encryption isn’t the only issue, but for these cases there are usually well known methods to obfuscate and/or make metadata very hard to come by. I haven’t analyzed the app in question, so I just assumed you meant the dumb sort of metadata leakage where they weren’t really even trying (I could be wrong). My comments are just in general though, and not specific to this or any application. But to be clear, metadata should always be handled properly (if not of the encrypt-able sort) and made to be something one must work unreasonably hard for to get even the smallest of crumbs - if the application is to call itself secure. These are tough goals for any one application to meet, which is further reason open source is so critical here... afaik, only open tools can function together efficiently enough to give this ultimate end result.

@agaskins I haven't noticed you that much but you seem to be very like minded!

@linuxxx @agaskins Exactly, you can’t totally hide it, but you can decide to not store it, that’s the key,

@Jop- If you’re not a crypto specialist. But that ain’t the problem, the problem is to use it before it has been tested

@Jop- Well it's been widely reviewed before it was called secure so I'd call that fair enough.
Telegrams crypto has also been widely reviewed and it had been found by experts that the protocol is quite broken.

@Jop- Take AES for example, it's widely used and has been reviews numerous times with great results every time because it's resilient against nearly all attacks. The signal protocol (or Double Ratchet/Axlotl) has the same thing, it uses a few very strong algo's resulting in literally multiple levels of cryptography within the algo/protocol itself. It's also the only 'non-us govt made' crypto protocol (and app) allowed to be used for messaging in the American senate/white house.

@linuxxx that non-us-gov thing reminded me of the elliptical curve backdoor, @theNSA is always watching, so I just don’t trust Telegram’s protocol, has it is not widely used. The more it is used, the more tested it is, the best it is!

@Jop- https://security.stackexchange.com/...

@Jop- There's literally links to whitepapers explaining attacks..?

@Jop- it’s about trust... do you trust the encryption app that turns off encryption by default at the behest of the US government, and which almost every person who is considered an expert in the field warns about? Or do you make an effort to try and find something a little more worthy of trust? Either decision is fine if you make an educated choice, but it seems ignorant to knock the apps that do, what almost every professional in the field considers to be, the right things. Yet you favor the app that those same people in the field warn against... why? You come here with no more valid reasoning than you demand of everyone else. Encryption is a very complicated thing, just having it is not enough. A company making app must adhere to a certain degree of openness, they must do things to show that they have no ulterior motives and instill trust, and more... but Telegram fails on most all these fronts.

@ArchLinux Yup it's hosted on aws!

If you open-source an encryption algo, anyone with enough motivation can reverse engineer it's decryption algo - however strong it is.

They built it from scratch indicates that the vectors they've used have been customized - as it should be if you are paranoid about security.

I don't know what they expose as their metadata - definitely hope it's not messages.

Having worked with encryption and infrastructure I can suggest you to have some trust in the system, but not totally.

And finally, cryptographic algo is definitely a good use case for any closed source systems.

@sam21s reverse-engineer decryption algo? What?! We have mathematical proofs that our algos are mathematically not crackable without things like quantum computers

@-vim- show me the the encryption code and I shall decrypt

@-vim- you can't just give me the encrypted data and ask me to to decrypt it. But with the full enc code it's a bingo. I guess, you got the "reverse engineering" thing wrong.

📍

@linuxxx i believe the best algorithm would be decentralise the whole process with e2e encryption. Hence, over Signal i would suggest Riot as much better option, disregarding the UI though.

Best part of Riot is its bridge with applications like Slack, Gitter.

@yadhuksp I'm a riot user (including the encryption) as well ;)

@linuxxx why do you still prefer signal then?

@thekaleidoscope Because it's accessible to everyone and I already got everyone i know who wants to communicate with me to use Signal. I'd happily use a service developed by a team which works this ass off for privacy by default through providing an open source and highly secure messenger :)