I’ve used Session messenger that’s recommended and it has two critical flaws:
Link preview leaks your IP when pasting links
The onion route can have the first and last hop before the destination be the same server IP.
After looking into the GitHub repo these problems have been raised quite some time ago, but the issues remain open:
In addition to this, all attachments that are sent are written to the disk if you’re in groups and everything in 1 on 1 conversations after accepting the first attachment. There’s no way to disable this either. Also the option to clear data doesn’t appear to shred it as far as I can tell.
I find other design decisions to be dubious but not as critical (i.e. the decision to remove PFS, and the logic behind their sybil resistance being that it’d be too expensive but would be budget rounding error for an APT targeting journalists) and just wanted to mention this too so everything is out there.
Has anyone else ran into these issues or have similar concerns?
This is the correct way to handle link previews, and matches the behavior of all secure messengers (except Matrix?) AFAIK.
You should disable link previews if you are concerned about this, but the reasoning is that if you are pasting a link you’ve presumably already visited the website you’re linking to, so it’s something you’ve previously established a connection to.
Session shouldn’t just emulate the behavior of the other messengers. Unlike most other messengers, Session routes its messages through its anonymization network. In that context, I consider generating link previews via clearnet connections to be a leak, and I wonder if Session users are aware that happens. Session shouldn’t presume that the user has already visited the website let alone visited it using a clearnet connection.
Personally I hate the link previews function for this reason, so I just disable it in all my messenger clients.