wireapp
Support Hidden Service Connection (kill metadata)
Since we know that the clearnet connection based on 2 insecurities DNS&TLS, Its better to use Hidden Services like onion service or I2P service and hopefully can be supported as an option provided to the apps (specially desktop version)
- How come DNS insecure (Wikipedia provide tons of insecurities, As DNS never created to solve security issues):
https://en.wikipedia.org/wiki/Domain_Name_System#Security_issues
https://en.wikipedia.org/wiki/Domain_Name_System#Privacy_and_tracking_issues
- How come HTTPS/TLS insecure: (Thx to Moxie Marlinspike for sslstrip)
https://invidious.snopyta.org/watch?v=5dhSN9aEljg
- Last Thing that the design of a messenger over clearnet means/posses metadata trackabilities issues.
Solutions&Ideas:
-
Using Hidden services like Tor hidden services or I2P eepsite solve DNS/TLS issues (comparison between the two).
-
e.g Messengers which uses Tor/I2P:
*https://briarproject.org/ (Tor) *https://wahay.org/ (Tor + mumble) *https://cwtch.im/ (Tor) *https://github.com/i2pchat/i2pchat (I2P)
- Messengers on the way to allow their servers to support hidden services:
*Matrix #7088
Useful links:
Tor Anti-DOS mechanism: https://onionbalance.readthedocs.io/en/latest/v3/tutorial-v3.html Onion Header: https://community.torproject.org/onion-services/advanced/onion-location/
