SimpleX vs. Cwtch, who is right?

SimpleX is not the program you want to use.

I have on several occasions tried to get epoberezkin to answer basic questions, but every time they run to the hills.

SimpleX prides itself with having no identifiers. The most revealing identifier would be your name, then phone number, then your IP, then your email, then your username. SimpleX server knows your IP-address by default. But the CEO pretends this is not an issue. They ignore the fact IP-addresses are constantly used to determine identity of copyright infringers using torrents etc. They either tie to the household, or to the person if they live alone.

SimpleX uses something called queues. Which are basically random persistent tokens that allow fetching data from the server. The server generates the token for Alice, and Alice shares them to Bob off-band.

Alice can use queue ID to_bob1 to send a package for Bob, who can then fetch it with queue ID from_alice1. Same, vice versa.

SimpleX is not transparent enough about the fact the server can trivially correlate the IP addresses that converse.

There is queue rotation, but since unauthorized users must not be able to change the queues between Alice and Bob, the server must authenticate Alice before this action. This means Alice is recognized by the server, regardless of which IP-address they connect.

So Alice can’t rotate their queues without the server knowing which queue pair Alice and Bob use next.

Since the server knows the queue ID between two users in long term (that is, unless they re-register for Simplex and start fresh), the server can keep accumulating all queue IDs associated with Alice and Bob. The server can also associate every IP-address it has seen Alice connect from to that user.

If Alice and Bob use Tor from day one, and somehow never fail to misconfigure Tor and leak their IP, SimpleX is probably OK. If they ever fail, then the user is permanently deanonymized.

This is why SimpleX sucks compared to Cwtch. Cwtch uses anonymous Tor IDs, that are trivial to spin up, and take down. You can have as many user IDs as you want, even 1:1 mapping for all contacts to micromanage your online status for every contact.

Cwtch forces connections through Tor, Onion Services can not operate without you having anonymity.

My huge issue with SimpleX, is the CEO is vacillating between the positions of “Tor has vulnerabilities, therefore it’s not 100% solution”, and at the same time offering Tor as an opt-in solution for paranoid users (their words, not mine.)

Tor is obviously not a panacea, but the CEO conveniently forgets, is

  1. There is for now, nothing better. We haven’t seen any improvements to the concepts of onion routing since NSA slides crowned Tor the “King of Anonymity solutions”.

  2. IF the anonymity provided by Tor fails, all that happens is, your IP address will leak to a third party. Which is what’s happening with SimpleX by default.

Cwtch solved the problem of IP-addresses get revealed due to accidental misconfiguration, which is an actual threat.

SimpleX solved the non-issue of usernames and offered the same IP-address protection as every bog-standard messaging app: None.

Evgeny, again, if you want to offer improvement over existing software like Cwtch, you need to expand on what they solved (like I did with TFC by solving endpoint security which Cwtch does not solve), not pretend the first thing metadata-resistant communication solves, does not matter, and then boast about being “first to have no persistent IDs”

Your system has a persistent ID. It is the

[(alice_tor_ip_address1, queue_id1),
(alice_tor_ip_address2, queue_id1),
(alice_tor_ip_address2, queue_id2),
(alice_tor_ip_address3, queue_id2),
(alice_tor_ip_address3, queue_id3),
(alice_home_ip_address, queue_id3),
(alice_tor_ip_address4, queue_id3)]

list of tuples collected by the server over time.

First HN. Now PrivacyGuides. You’re running out of hills to run with your snake oil. Please stop running and address these issues.

2 Likes