session-desktop
session-desktop copied to clipboard
oxen-io
[Feature] Privacy vulnerability - deanonymization by Session ID (updated 22.11!)
Privacy vulnerability - deanonymization by Session ID
Problem 1
The ID (or nickname, if got one) is only one, and you can't use it, if you have few alter-egos irl.
Example: I am just a girl Alice (1), but also an anarchist & political activist (2), but also BDSM-lover (3), but also drug-addict (4). I need to make four different Session account through some sneaky ways, because if I will give eg. to BDSM-club members (3) and to my friends (1) same Session ID, I can be deanonymized. Case is worse, if I want to do politics: exchanging same session ID with sneaky people in the net (2) and my friends (1) can give the officials an easy way to recognize me.
Problem 2
One has to distrust Session even when chatting friends, because even if Session is secure, it is not fully private about it's nicknames.
Example: I am a gay male in islamist country. I cannot really trust Session chatting with my friends about this, because if ever my friends gets caught by the government/right-wing group, which will search through their phone and find that this exact session ID, it can be linked to my identity. If I ever published my id online (eg. "Contact me in Session: 5d93..."), I'm screwed.
Example 2: I am an anarchist, who has private activist group in Session. If government gets one of us, they can find each and every one of as, who posted their ID online.
Solving ideas
-
~~They very best one: every time you copy session ID, it is temporary and one-time-use (like in SimpleXChat). [Solves both problems completely]~~ Not possible with Session Messenger
-
Make some kind of "masks" for users. Eg. User can make temporary Session ID, which will work as mask for original ID but never reveal it, and self-delete after period of time. [Solves both problems completely]
-
"Session Subaccount as a Unidirectional Privacy Firewall to Protect the Main Account": user could make few different addresses/ONS' for the same account. Already greatly described here. [Solves first problem completely, second partially]
-
"crutchy" mask-idea: one can make a group where all members are fully hidden, and to which you can join using an address or a link. Then you could make this type of group and send the link to it to the mentioned "sneaky people", so they cannot find your original account through it. [Solves first problem completely, second partially]
-
Make an easy way to switch between Session accounts from the same device: just like you can add few accounts in your Telegram app. This requires the least work to do. [works as handy temporary solution, and should be implemented ASAP because it's easy and useful] !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-
Ability to hide your session ID for a user after they have added you (???) [Solves only second problem]
I believe the right way to solve this is with #421 which is similar to your 2nd proposed solution. This is something we plan to work on in the future. The SimpleXChat solution is not optimal in a decentralized context as you would have to poll in multiple swarms if you generated a random Session ID.
Make an easy way to switch between Session accounts from the same device: just like you can add few accounts in your Telegram app. This requires the least work to do. [works as handy temporary solution, and should be implemented ASAP because it's easy and useful]
this should be finally taken into account