Titus Stahl

Delta Chat - another decentralized encrypted messenger

While a year ago, there was very little choice for people who wanted to use a messenger that is both end-to-end encrypted and decentralized, there are now several options available: XMPP with OMEMO fits the bill as does Riot and the upcoming Briar release. I recently discovered another new arrival on the scene: Delta Chat (Android only) uses your existing email account to implement a chat function and secures messages with OpenPGP, implementing the Autocrypt standard. Obvious advantages of this approach are that it is unnecessary to create another account and that you can use the app to communicate even with people that do not have the app installed. However, one disadvantage is that the encryption does not have forward secrecy. It’s also not immediately clear to me from the UI which of my messages will be encrypted and which won’t – which might make secure use much harder (but the reason might be that I have no other contacts that use the app).

I would not recommend this yet for any sensitive information, but it is an interesting concept.

Cooperatively owned social media platform

Social coop is a social media site that is cooperatively owned by its members, part of the GNU Social/Mastodon fediverse. This opens up the opportunity to have a social media platform that does not act against the interests of its users, by tracking them, spying on them or selling their data. My user profile is at: @titus@social.coop.

To join this cooperative, you are asked to make a financial contribution (although there seems to be the possibility for people with few financial resources to join without paying). But you can also communicate with me or anyone else on the GNU Social/Mastodon platform by joining one of the other instances which are mostly free.

New Stanford Encyclopedia Article on Hope

Together with my colleague Claudia Blöser, I was asked to write an article about hope for the Stanford Encyclopedia of Philosophy as part of our hope research project that is funded by the Hope and Optimism project at Notre Dame University. The article covers both the philosophical history of hope in the Western tradition, current approaches in analytical philosophy and authors like Bloch and Rorty.

Discussions of hope can be found throughout the history of philosophy and across all Western philosophical traditions, even though philosophy has traditionally not paid the same attention to hope as it has to attitudes like belief and desire. However, even though hope has historically only rarely been discussed systematically — with important exceptions, such as Aquinas, Bloch and Marcel — almost all major philosophers acknowledge that hope plays an important role in regard to human motivation, religious belief or politics. Historically, discussions of the importance of hope were often embedded in particular philosophical projects. More recent discussions of hope provide independent accounts of its nature and its relation to other mental phenomena, such as desire, intention and optimism.

Continue reading (open access)

New publication: The Metaethics of Critical Theories

I have contributed a chapter to the Palgrave Handbook of Critical Theory that is edited by Michael Thompson, titled “The Metaethics of Critical Theories”.

Unfortunately, Palgrave’s intellectual property policies prevent me to put a copy online (even the author’s version is embargoed for three years). If you cannot access the article online, let me know and I am happy to share it via e-mail.

The abstract of the chapter is as follows:

Critical theories, from their beginning in Marx’s philosophy to the Frankfurt School with its different generations, have always been characterized by a certain ambivalence toward moral questions. They often conceive themselves as an alternative to traditional moral philosophy, which is criticized both for separating context-free normative justification and empirical descriptions too strictly and for its seeming commitment to moral and normative standards developed independently from historical and social contingency. The different generations of critical theory have all attempted to develop a theory of normative judgment which is appropriately critical but which nevertheless does not require any commitment to naive moral naturalism or context-free realism. In the chapter, the author traces this through the different stages of the development of critical theories, and argues that at least some of the answers we can find in this tradition do not fit into the usual division between realist and antirealist theories in contemporary metaethics.

Encrypted messengers: Why Riot (and not Signal) is the future

(Update: All of the following is based on my best understanding of the matter, but I am no technologist and this should not be treated as definitely reliable advice).

As a response to the Snowden revelations, the number of messaging apps that promise security against surveillance has rapidly multiplied. There seems to be an emerging consensus – ranging from Edward Snowden to the New York Times – that Signal is the best choice for those nervous about the privacy of their messages.

Indeed, Signal has a number of advantages that set it apart from many competitors: The encryption algorithm that it uses is well-reviewed and most experts in the field think that it can indeed protect against dragnet surveillance. It also allows experts to inspect the source code of the entire app for back doors which makes it more trustworthy than competitors such as WhatsApp. Finally, OpenWhisperSystems – the company that produces Signal – is known to log only minimal information about its users. As a result, when law enforcement agencies demand information about message “metadata” (who messages when with whom), they cannot supply them with much useful information.

However, the question what the best messaging app is for those who want to resist the surveillance state is not as clear-cut as it might seem. The answer to that question depends very much on why you think surveillance is bad.

One possible answer is that you just want to hide information about yourself (which is very often a completely legitimate wish). In that case, the only feature you will care about is whether the encryption can be cracked or whether the app that you use keeps you from accidentally revealing information.

Another reason to care about surveillance is that surveillance undermines collective, public freedom in a democracy by taking away control over the public sphere from citizens. If that is your main worry, then other criteria will become important as well. You will still care about the quality of encryption, but you will also care about whether the messaging app that you use actually allows ordinary people to take back control over their interactions with others.

It is this aspect where some features of Signal become problematic. The most important concern is that Signal is a silo. That means that, if you use Signal, you can only communicate with people who use Signal as well. This not only means that you also have to use the official Signal app and that alternative implementations of the app are discouraged by OpenWhisperSystems. It also means that you have to connect to OpenWhisperSystems servers to communicate with other users. In contrast to a system like e-mail, you cannot choose a provider out of many competing offers. This effectively creates a dependency on OpenWhisperSystems. As users can only communicate if they use OpenWhisperSystems servers, and can only do so using the OpenWhisperSystems version of Signal, it is not possible for users to change any aspect of Signal that they do not like by switching to a competing app or provider.

This is especially important because, while OpenWhisperSystems does not collect any metadata at the moment, they can start doing so at any time because all communications of Signal users go through their servers. If OpenWhisperSystems adopts any policy that goes against users’ interests in the future, users cannot switch providers without losing all their contacts. Perhaps this is unlikely, but it might be desirable to have a system where no single company has that much power.

An alternative to Signal is Riot. Riot is a messaging app that uses a form of encryption that is very similar to the one used by Signal and also allows anyone to inspect its source code. In these respects, Riot promises to be exactly as secure as Signal (but see below for a few issues that are being resolved at this moment; clarification update: Riot’s encryption is still in Beta. Do not use it for anything important until it is out of Beta and has been thoroughly reviewed).

But Riot has other advantages that make it, in some aspects, superior to Signal. Riot is based on the so-called Matrix protocol which is a federated protocol. That means that anyone who wants can run a Matrix server can do so and Riot users from all these servers can communicate with one another. There is no central instance that controls Matrix or Riot. In addition, people are writing alternative clients to access the Matrix/Riot network, implementing their favorite features and workflows. As users can vote with their feet for their own interests and choose providers and apps of their liking, this means that they really control their communication mode, adding an important element of freedom which distinguishes Matrix/Riot from Signal.

Apart from this fundamental difference, there is a number of further advantages of Riot/Matrix over Signal:

  • Signal can run only on one mobile device (your identity is tied to one device). Multiple devices have different identities. Riot allows you to use one single identity on all your devices.
  • Signal users are identified by their phone number. You cannot use Signal without transmitting your phone number to OpenWhisperSystems and you have to give your phone number to everyone you wish to communicate with using Signal. Riot users are identified by usernames. You do not need to give anyone your number to get in touch with them via Riot (which might be especially important for people who have reason to fear being stalked).
  • The dependence of Signal on phone numbers leads also to another problem: When you install Signal on a mobile device, OpenWhisperSystems verifies that you indeed own the phone number by sending you an authorization code via text message. Many authoritarian states are known to intercept such authorization codes and thereby impersonate users (Signal will send all your contacts a message whenever you change devices, but there is still a risk that they will not understand that your identity might have been stolen). Riot has a simple username/password system and does not rely on text messages (however, it also does not yet alert other contacts if you – or someone else – add another device to your account Update Jan 2017: this issue is fixed at least on the Riot desktop client now).
  • Signal only works on Android when your phone has the Google Play Framework installed. This is a piece of software that is installed on most Android devices by default and that gives Google virtually unlimited control over your device. As Android is an open-source system, one can run Android in principle without installing the Play Framework or any other Google apps and without giving Google any access to the phone, but Signal will not work on Google-free tablets or phones. Riot works without any problem on such devices. (Update Feb 2017: This is no longer true)
  • Riot has an open programming interface. Everyone can write software interacting with Riot, such as bots. Signal is a closed system that only allows the official client to interact with it.

These features – together with the fact that Riot has a much better desktop client than Signal and additional features such as video calls – make Riot a better, and more sustainable choice.

It must be mentioned, however, that Riot also has some downsides at the moment:

  • You can access your encrypted Riot messages via a web app. This is fundamentally insecure (as the web server can send you malicious code that steals your encryption keys) and poses a risk to users. As long as you exclusively use the client apps, you can avoid this problem, though.
  • Riot’s encryption is not yet fully stable and, more importantly, it is not yet enabled by default in chats (you have to enable it manually). This will be changed in the future, but makes it more likely for users to make mistakes until then.
  • Riot has no foolproof way yet to only communicate with those devices from others that you have verified as really belonging to them (until this Github issue is fixed). (Update Jan 2017: Riot has now an option to only send messages to devices you have verified.)

While these are important issues, it must be mentioned that they are only minor in the sense that they can be fixed by the Riot people (or anyone else) by improving the software underlying it. By contrast, the silo nature of Signal is a structural problem that cannot easily be solved.

If you have reason to suspect that you are personally targeted for surveillance, then the fact that Signal has been more extensively reviewed, is a good enough reason to play safe and use Signal. However, if you want to help test a free and sustainable ecosystem for encrypted communication (clarification update: and if you don’t have to rely on the encryption for anything important as it is still in Beta at the moment), then Riot / Matrix is the better alternative.