this post was submitted on 14 Jun 2024
14 points (100.0% liked)

SimpleX Chat

460 readers
1 users here now

Community of SimpleX Chat users – managed by the team.

SimpleX Chat is the first chat platform that is 100% private by design – it has no user identifiers of any kind and no access to your connections graph – it's a more private design than any alternative we know of.

Please ask any questions and make feature suggestions. Your ideas and criticism are very welcome!

https://github.com/simplex-chat/simplex-chat

founded 2 years ago
MODERATORS
 

Hello, is the network connection to the SimpleX network made same way as in Session messenger (single point of failure in the form of several seed/bootstrap nodes "hardocded" in the client software, the nodes which hostnames/IPs can be blocked on ISP/government firewalls) ?

If you know any detail on how it works, please link. Thank you

all 5 comments
sorted by: hot top controversial new old
[–] rrobin@lemmy.world 7 points 5 months ago

I can't offer a comparison with Session, since I'm not familiar w/ it. At a glance messages seem to be routed through some nodes that belong to a pool of service nodes that run some cryptocurrency stake (but I don't know what this means in practice). It does seem seem to do multi hop routing which means its more resilient to privacy attacks (but this says nothing about resiliency to being blocked).

On the SimpleX side, anyone can operate a SimpleX SMP server - that is the server that holds messages while in transit from the source to the destination (each server has a number of queues, each is one-way from a sender to a receiver ).

Each user defines the servers/queues he uses to receive messages, but not to send (those are the defined by the user you are sending messages to). So resilience to blocking means both users need to diversify the servers they use.

The folks running SimpleX host a handful of servers - and I expect those are the ones most people use. In that sense they are a point of failure for someone to block communication. If you check the source you will see an incomplete list of servers there, and in the app settings there are more (and you can add your own).

As for blocking the protocol, the following approaches seem standard for a state operator:

  • block TCP port 5223
  • if a different port is used, block based on TLS negotiation - this seems easy to spot
  • seize the public servers

(This is as far as my knowledge of SimpleX goes - the rest is slightly hand wavy assumptions I never checked)

I don't recall how the SimpleX app manages those server queue(s?). Taking a peek at the app right I only see one receive/send queue when I select a contact. But in theory it should be possible for it to have multiple queues per contact. The documentation does mention this in some comments (newQueueMsg: maybe it is not implemented?)

Finally the android app seems to support integration with ToR and will support .onion addresses if this is enabled, that is probably the most practical way to bypass some blocker (assuming ToR is not blocked :D). But this requires that the SMP server used by your contacts supports ToR addresses.

It would definitely be nice to see support for tunneling over other protocols, and of course more servers running those (ToR, I2P, gnunet?, etc, etc).

Some links to stuff:

[–] bobburger@fedia.io 2 points 5 months ago (1 children)

I don't think so. In my SimpleX client there's a list a available servers but there's also an option to add custom servers.

This article explains how to host your own server if you don't want to or can't use one of the default servers.

[–] jet@hackertalks.com 2 points 5 months ago

The question becomes, if you have an identity and network graph using x servers. And then those x servers are blocked. Now you spin up a new server, will your social graph be aware of this new server? Are you going to be cut off from your old social graph?

[–] bobburger@fedia.io 2 points 5 months ago

@simplex@mastodon.social Can you help with this?