Introduction

The purpose of this document is to analyse communication options such as mail, social media, chat, calls and video calls from the perspective of a privacy conscious individual. I also care about freedom of speech and would like to avoid vendor lock in.

Max Tegmark:

“…[Robots] are coming to hack us. It’s kind of humbling that we are hacked by this dumb machine learning algorithm.”

Network effects

Network effects appear when friends encourage you to choose a particular platform. It is hard to resist the pressure from peers, friends and family who describe how convenient the software is and how nice it would be to write, talk, share pictures and videos on that platform. Network effects are natural, I suppose. They can apply to any form of communication.

Silos versus freedom

Through communication tools such as Skype, Whatsapp or Zoom you can only communicate with people registered at the same company. Incompatible tools split our digital expression into silos. These silos lock us to a particular platform and limit our freedom of expression. Once a silo has managed to attract a large number of users, network effects pushes those users to attract more peers inside.

Our communication doesn’t have to be locked into a particular platform. The internet protocols were conceived with neutrality at the core.

Mail

Email

Email is an open protocol and that is good because it means you can exchange emails with someone who uses an email server from a different company. In other words there are no communication silos with email. But the security aspect of email exchanges is fundamentally broken.

Most emails are encrypted at the transport layer. End-to-end encryption would be better, but it’s usage is rare.

Snail mail

Snail mail can be seen as an emotional form of communication through a physical medium: paper. You can smell it. You can touch it. You can drop a tear on it. You can tear it apart. You can burn it. It’s based on plants that were growing in a forest somewhere. It might have spent time in a trash bin. It might have been recycled.

Chat, calls and video calls

What happened to the VOIP software on Linux? Why is there such a reliance on proprietary platforms? Is it because of technical constraints or are there other political reasons for it?

Free programs recommended by Richard Stallmann on his skype page: Jami, Linphone, Mumble, Jitsi.

Ekiga

Ekiga is/was a softphone for gnome Linux desktop. Development has stopped since the last release in What happened to it? Why has development stopped? According to wikipedia, the original developer Damien Sandras is now working for be.ip on open source voip software.

Matrix

“Matrix is an open protocol for decentralised, secure communications.”

  • People should have full control over their own communication.
  • People should not be locked into centralised communication silos, but instead be free to pick who they choose to host their communication without limiting who they can reach.
  • The ability to converse securely and privately is a basic human right.
  • Communication should be available to everyone as a free and open, unencumbered, standard and global network.

Element

Element, previously called Riot-web is a chat application based on the matrix decentralised communication protocol. Matrix is an open protocol meant to avoid communication silos.

Based on the Double Ratchet Cryptographic library called Olm specified in whispersystems.org doubleratchet which now redirects to signal.org doubleratchet.

Jami

https://jami.net/

Wikipedia Jami

“Jami (formerly GNU Ring, SFLphone) is a SIP-compatible distributed peer-to-peer softphone and SIP-based instant messenger for Linux, Microsoft Windows, OS X, iOS, and Android. Jami was developed and maintained by the Canadian company Savoir-faire Linux, and with the help of a global community of users and contributors, Jami positions itself as a potential free Skype replacement. Jami is free and open-source software released under the GNU GPL-3.0-or-later. In November 2016, it became part of the GNU Project.”

Jami.net peer to peer file sharing support based on the PJSIP library. Write the following about the improvements they made to enable communication over UDP:

“While PJSIP is recognized as the reference for Voice over IP communication applications, it is not designed to work in a distributed network. For this reason, our team had to make significant contributions to the PJSIP project. In order to grasp the nature of those improvements, it is necessary to understand the difference between UDP and TCP. They are both data transfer protocols allowing machines to communicate, but they work differently.” “TCP keeps track of every packet of data sent and ensures that they are reliably transferred by requiring the receiver to confirm reception of every single one of them and the sender to resend those that were lost. UDP on the other hand, doesn’t handle packet loss. While it is less reliable, it is preferable in applications such as media streaming because the data is time sensitive. In those cases, a lost packet will simply cause a small video or audio glitch and waiting for it to be resent would make it worse than simply moving on to the following bits. In the case of data transfer however, a single lost packet can corrupt a whole file and reliability is therefore more important than timeliness, which is why TCP is more suited for this application.”

Linphone

Linphone Development and support available from Belledonne-communications, a company based in Bordeaux, France.

Linphone desktop is programmed mostly in C++ the sdk has some java code in it.

Signal

The issue is that the desktop client requires a mobile phone with camera to be started. As of January 2020 I still use a nokia 3010 phone. I cannot install the signal application on that phone and this means that I cannot use signal on my desktop.

Skype

Skype was purchased by Microsoft. Screen sharing has a poor quality on Linux desktop.

How to transfer credits and contacts to another skype account

Teams

Teams is a Microsoft product based on Skype. It has a development version that runs on Debian Linux desktop computers.

Side note: I use second-hand laptop computers with open source software on them. They cost less than a fifth of new computers and I run them for years. Running the latest version of Microsoft windows is generally not possible or becomes very slow on old hardware. In fact companies that rely on Microsoft OS have a different world-view since the heavy requirements of Windows, leads to planed obsolescence.

Technical issues

See also the Teams section in the debian page.

Issue when loging in teams in Firefox. Adding the following to your browser security settings - Adding https://learn.microsoft.com/en-us/microsoftteams/troubleshoot/teams-sign-in/sign-in-loop#resolution

Telegram

Another chat application.

See the security section at https://en.wikipedia.org/wiki/Telegram_(software)#Security

Whatsapp

Short message to friends:

I don’t use Whatsapp for ethical reasons, because of the Cambridge Analytica scandal and the risk posed by Facebook’s extensive use of personal data and social connections to sell not only advertisement but also political influence. Whatsapp users give away the frequency and location of their interpersonal connections. This data describes every users preferences within its social graph. As Whatsapps user base grows, it makes the social graph available for a better fit of the machine learning models that influence our decision making. These rather simple models feed us with information and optimise the effect that this information has on shifting the needle of a purchasing decision or a voting decision. Facebook has billions of users. Among them there are several hundred users similar to us. The information that was the most effective at influencing their decision will be shown to us first. The models are driven to optimize viewing time and engagement, as a result, controversial or shocking news will be shown more often. The use of these models becomes unethical when misleading or false information is propagated within the network. Facebook provides the infrastructure and sells the users metadata necessary for these advertisement models to operate within our societies. It has been accused by multiple jurisdictions in the US and in Europe of not putting sufficient safeguards in place to avoid the oversized influence of misleading actors. Already in many developing countries, Facebook is gaining more revenue from political campaign funds than from advertisement.

Why you should switch to signal or telegram (2018):

” A lot of people wondered why would a company such as Facebook pay so much money to acquire a company such as WhatsApp, which had absolutely no way of making money, yet. The (not so and subtly) obviously answer was, WhatsApp had collected a lot of user data, and that’s precious to the Gollum that is Facebook.”

Whatsapp betrayed its user by sharing contact details with FaceBook for advertisement purposes:

“Today, we know that there’s a separate WhatsApp app for businesses. And now there are also reports that WhatsApp will soon start showing ads in users’ statuses, and in other places within the app ([1][2][3 BBC]). What this means is that WhatsApp and Facebook will start tracking everything you do on your phone to tailor ads to you. They will see your contacts list (which they already are, actually). This is a clear betrayal, for many users.”

Webex

Zoom

Call with screen sharing in great quality.

Privacy policy

Encryption

Some conversations and related data need to remain private.

Age

https://github.com/FiloSottile/age

Installation

apt install age

PGP

How to use GPG to encrypt stuff

“Suppose Alice wants to send a message to Bob. Alice will encrypt Bob’s message using Bob’s public key. This ensures that no one else other than Bob can read the message, because only Bob can decrypt the message using his private key. Anyone with Bob’s public key encrypt a message that only Bob can view. This explanation should also explain why Bob must guard his private key - because anyone with his private key can decrypt any message encrypted using his public key.”

“Now, Alice has guaranteed that whatever message she sends to Bob can only be viewed by Bob. This ensures the privacy of the message.”

“However, anyone with Bob’s public key can send a message intended for him. How can Bob ensure that when Alice says she sent him a message, that the message is from Alice and not from someone else?”

“This is where signatures come in. Alice can generate a file containing the checksum of the original, plaintext message and sign that file using her private key. Anyone who has Alice’s public key (and trusts her public key) can verify the authenticity of that file, because to generate that signature, Alice’s private key is required. Assuming that Alice’s private key has not been compromised, it is pretty much impossible for anyone to forge the signature, or for Alice to deny that she did not generate the signature. This ensures the authenticity of the message, that it is indeed sent by Alice herself and not anyone else.”

Security issues

“PGP conflates non-repudiation and authentication.

“I send Bob an encrypted message that we should meet to discuss the suppression of free speech in our country. Bob obviously wants to be sure that the message is coming from me, but maybe Bob is a spy … and with PGP the only way the message can easily be authenticated as being from me is if I cryptographically sign the message, creating persistent evidence of my words not just to Bob but to Everyone!”

“OTR has introduced deniable authentication to address this problem and many next generation tools have adopted that concept. OTR cryptographically allows two people to be sure who they are talking to, yet they cannot prove it to anybody else.”

“It’s time for PGP to die.”

Social Media

Social media “facilitate controlled experimentation”. When you use social media, you subject yourself to experimentation and behaviour modification.

Twitter now X

Web browser

Firefox

Chrome