Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacktivismo launches ScatterChat

Posted by ryuzaki0 on from the anti-electronic-shoulder-surfing dept.

un1xl0ser writes to tell us Hacktivismo has released a new chat program known as ScatterChat. It is a friendly fork of GAIM that "provides end-to-end encryption, integrated onion-routing with Tor, secure file transfers, and easy-to-read documentation." This announcement was made at HOPE, where CDs were distributed. A torrent and several screenshots are also available."

10 of 121 comments (clear)

  1. protocol level by Anonymous Coward · · Score: 3, Insightful

    For encryption to catch on it needs to be done at protocol level, IMHO. For example the unfortunately unfree project SCIM. That's the only way to really hide it from the end user, and that's what's necessary.

    1. Re:protocol level by ClamIAm · · Score: 2, Insightful

      When security is hidden from the user (and therefore they don't understand it at all), they have no way to tell when they've been 0wned. For further info, see almost every incident of phishing ever.

    2. Re:protocol level by westlake · · Score: 2, Insightful
      When security is hidden from the user (and therefore they don't understand it at all), they have no way to tell when they've been 0wned. For further info, see almost every incident of phishing ever.

      True, but meaningless.

      How many users need translation to understand elementary Geek-speak?

      How many posters have found themselves out over their head whenever they have tried to get past the ideology of Freenet (for example) and make an independent assessment of the network?

      There is no point in exposing technologies to the user unless you can present the issues in a way that he can comprehend

      Otherwise:

      "Any sufficiently advanced technology is indistinguishable from magic."

  2. So basically, it's gaim-encryption and tor by verbatim_verbose · · Score: 4, Insightful

    I don't see anything particularly interesting here. We already have gaim-encryption. You already can use tor as a proxy for gaim. So... why is this interesting?

  3. The oddity of combining Tor and a keys by gnoshi · · Score: 5, Insightful

    This strikes me as a little odd, as the use of Tor in this context seems somewhat redundant given that public/private keypairs are being used for the communication, meaning that a the participants can be easily identified in a conversation as being user A and user B. That said, the use of Tor may make it more difficult to track that back to Person A and Person B.

    The problem is that because the key pairs are persistant, a user need only connect without Tor once, and suddenly it is possible to identify the person demonstratably responsible for a potentially large number of conversations.
    As another person here has mentioned, OTR would have probably been a better choice due to the deniability aspect. In conjuction with Tor, this would mean that tracking (and proving) a conversation is connected to a person would be more difficult. The exception may be if users had already exchanged public keys, in which case the ability to use those public keys may be conventient. Of course, those keys can still be taken advantage of in the first-step verification of the user for OTR communication.

    It seems like a good idea, just the choice of method of encrypted communication of messages seems a strange.

    1. Re:The oddity of combining Tor and a keys by gnoshi · · Score: 4, Insightful

      You make a valid point - encryption != digital signature.

      When the system is initially setting up encryption, the public key for the user's signing key is sent.
      Unless the signature keys are single-use, this reveals the user's identity. Sure, the session key protects the conversation itself, but it reveals with certainty who is involved in the conversation. Furthermore, should the conversation encryption be broken, there is no deniability.

      That is my understanding based on: http://www.scatterchat.com/docs/crypto_protocol.tx t

  4. missing the point by Anonymous Coward · · Score: 5, Insightful

    You guys are all missing the point, but thats alright since the article didn't tell it to you and none of you were there.

    I was, so I'll be kind enough to point it out.

    ScatterChat was designed for people who have reason to fear their conversations being watched. Specifically political dissadents and activists in countries where censorship is common, such as in the middle east or channel. This is to be used for them, and for reporters, and for people who are, in some way or another, are trying to save the world but don't have the time to learn about computers.

    Along these lines, Hacktivismo developed a tool that runs out of the box encryption and anonomizer. They have already met with activists to help learn what the tool should do (from a user end) and to teach them how to use it. They're also working on the next version. They mentioned that they are looking for people to help with the documentation, and for the translation into other languages (mainly, Chinese and Arab).

    So, don't be so harsh. While you're all here whining about how this program isn't 1337 enough for you, these guys are working on a program that will keep people out of jail just because those people have thoughts of freedom. You think it could be better? Email them and help.

    tedivm

  5. Re:Tor? by fireboy1919 · · Score: 2, Insightful

    how well it's going to deal with a realtime app like IM

    Considering the paths traveled, it probably isn't that good at realtime apps. It's a good thing that IM isn't a realtime app. Its just e-mail but with the delivery mechanism being the home computer rather than an smtp server that has a different delivery mechanism.
    It's unlikely that many would notice an extra quarter second of lag in an instant message. Heck, with most of my conversations, there's a good minute or two between reply and response as people ruminate over what they're going to say...or type a long response.

    Even a few seconds would be nothing - and in the TCP world, a few seconds is an eternity.

    --
    Mod me down and I will become more powerful than you can possibly imagine!
  6. Paranoia by Chrax · · Score: 3, Insightful

    I'm a bit paranoid about my privacy, but damn are the guys at Hacktivismo dramatic about it. They seem to think that everything they make is a tool that will assuredly be used in a rebellion against an oppressive regime, and boy are they ever sticking it to the Man!

    "ScatterChat is a HACKTIVIST WEAPON designed to allow non-technical human rights activists and political dissidents to communicate securely and anonymously while operating in hostile territory."

    Hostile territory? Political dissidents? HACKTIVIST WEAPON? It's a goddamn instant messenger. Useful? Sure it would be if there weren't already GAIM plugins for encrypting your messages. But even if they weren't, it's hardly a revolutionary weapon that will stamp out tyranny.

    And their Hacktivismo License? That cracks me up. "If you use this software, and you commit human rights abuses, we can sue your ass!"

    Don't get me wrong, I agree with these guys on a lot of points. But with the level of drama, you'd think an allegorical The Man should be wearing a black mask over his eyes and tiptoeing around the stage stealing food from starving children and shocking prisoners' testicles.

  7. Re:Not as plugin(s)? by Chandon+Seldon · · Score: 3, Insightful
    If security is important enough to screw around with Onion routing then you want to be sure all the security options are turned on all the time, and you don't want other plugins screwing stuff up.

    Offical Gaim is reasonably well built to be an insecure instant messaging app, but security isn't something that you can add with a plugin.

    --
    -- The act of censorship is always worse than whatever is being censored. Always.