Categories
FLOSS open source

How to prepare for Chat Control

Chat Control in the EU

I’m loosely following the rocky and opaque road of “Chat Control” in the EU and have now doubt that eventually indiscriminate mass scanning of chat will become a reality for European citizens. These Chat Control measures are supposedly trying to prevent and combat child sexual abuse but it effectively comes down to mass surveillance of all citizens of the EU.

There are plenty of good articles that explain why Chat Control is a very bad idea so I won’t repeat all the arguments here. Therefore I’d rather focus on what people like activist, journalists or just citizens that want there privacy to be respected can do to evade Chat Control1.

Let me just mention here that Chat Control to prevent and combat child sexual abuse is a sliding slope. It’s probably only a matter of time when it will be used for other purposes e.g terrorism, activism, crime. And there is no telling where this will end.

One of he consequences of this vote could be that Signal, a chat app for privacy minded people, will leave the EU because with Chat Control in place they can’t guarantee the privacy of their users anymore. Meredith Whittaker, the president of Signal, has made this very clear2. This leaves the privacy minded people mentioned above with an urgent question. What are the alternatives to have a conversation without Chat Control when Signal leaves the EU. WhatsApp is definitely not the answer since they’ll happily comply with the demands from the EU. So what are the alternatives for chat.

Prerequisites for chat alternatives

Before I start naming some alternatives it maybe a good idea to share some ideas on how I selected the apps and some prerequisites you may require.

  • First and maybe most important it has to be free and open source software. In short this means that the code can be inspected, amended, copied and changed by everyone.
  • Second it’s a very good idea to have your own server (preferably in your home). This enables you to run some of the apps, mentioned below, on your server giving you more control. This sounds like something that is hard for the average user but with software like Yunohost it’s actually quite easy.
  • Third, use Linux on your PC (and if possible Degoogled Android on your phone). Windows, MacOS, Android and iOS are all proprietary software and provide no control whatsoever by you over the environment that you’re working in.

XMPP/Converse.js

I already have Converse.js installed on my Yunohost server at home. This chat client enables me to chat with all other people using XMPP. An advantage of XMPP is that it is decentralized so anyone van setup a server. But even without your own server you can use the XMPP server from someone that you trust. Converse.js easy to install on Yunohost and easy to use in the web browser. With it I can send encrypted messages and images to anyone who has an XMPP account (much like email). For mobile there is e.g Conversations for Android

Briar

An even more secure option is Briar. Briar is a messaging app that bypasses centralized servers. It can connect via Bluetooth, wifi and TOR. Contrary to XMPP, Briar is P2P or peer-to-peer messaging. So no fixed servers are needed to start to send messages. The Briar app acts like server and client. Briar also comes with downsides. First it only runs on Android. Secondly when I used it, it drained the battery of my phone very quickly. This is apparently caused by the wake lock while TOR is running.

Deltachat, TOX, SimpleX chat

These are some chat options apparently capable of evading Chat Control. To name a few: Delta Chat, TOX and SimpleX. I haven’t tried them yet so it would be premature to comment on them.

At this point I would recommend XMPP as a replacement for Signal for the average user. Although it’s not as safe as Briar. It’s easy to get into and it can be self hosted.

  1. Disclaimer. I’m a concerned citizen of the EU that resists the mass surveillance that’s spreading further and further in our nations. On the other hand I’m a simple user and not an expert on IT matters. Therefore I’ll probably made mistakes writing this article but I’ll revisit this topic and will continue to share what I’ve learned when I go along. ↩︎
  2. In the interview with the Spanish newspaper El Pais Meredith Whittaker said: “If the choice were between undermining encryption, undermining our privacy promises in a way that harmed anyone who use the Signal network, or leaving a market, we would leave a market in a heartbeat” ↩︎

Thanks for reading!

Post Views: 7