While the kickstarter campaign hasn’t reached level necessary to support the development of a Signal messenger client for the Mudita Pure, the recent announcement of MuditaOS going open source has made me hopeful, that a community-driven effort might make this still possible in the not too distant future. This thread is about collecting thoughts about how the Messenger should act, how it should deal with stored data, how to deal with it as primary device vs secondary device etc. Any thoughts on the feasibility from a technical point of view are also welcome.
My first thoughts on this topic are:
Server-side data storage
Signal messenger prides itself as a service that is run by a non-profit that doesn’t collect data about users. It has nothing to sell, nothing to disclose to curious government agencies, even if they are forced to. This is on the server-side.
While in transit, messages are protected by the Signal protocol encryption scheme, with its revolutionary ratchet mechanism that makes every transaction unique in terms of encryption keys. Imagine this potential threat: someone is collecting all your encrypted messages by listening in on your traffic. In simple encryption schemes it is enough to get a single key to decrypt all messages at once (such as is the case in GPG, PGP, Threema and others). The cool thing about the Signal protocol lies in the fact that even if someone were to get access to your phone and extract the current encryption keys, your previously sent messages are still safe (as long as they are not stored on your phone anymore). This is because the encryption keys for sent messages are deleted as soon as they are not needed anymore to send or receive messages, while moving through the ratchet.
Data persistence on client-side
Users may want to keep the history of their messages on their device, just like they keep their SMS conversations. While I would argue that there should be an option to automatically delete messages after a certain time, the messages that are stored on the device should be somehow protected from intruding eyes by some level of encryption. Supporting encrypted backups through the companion app may also be an option, similar to how this done on Android.
If the client on the Mudita wants to be the primary device, it has one additional feature to handle in comparison to secondary device apps for Desktop and iPads: device authorization. Only the primary device can add, monitor and remove secondary devices. This may be tricky to implement, since the linking procedure requires the scanning of a QR security code, but the Pure doesn’t have a camera. There are workarounds, but it’s not easy to make this user-friendly.
Video call impossible
For obvious reasons it is not possible to implement video calling on the Pure. Text format should not be a problem, but what about voice calling. Is it technically feasible if all falls into place?
Mobile data access
Currently, the mobile data is planned to only be accessible on another device that uses the Pure as a modem. Is feasible to allow access to mobile data in the app while on the road?
What are your thoughts on this?
Obviously we can’t expect this app to be developed by someone for us, but if enough people are passionate about making this a reality, synergies can be found and in some months or years this could be welcome (opt-in) addition to the ecosystem. Also keep in mind that this is not a do-once-enjoy-forever task. The Signal messenger is in active development and this project would need to be maintained, ideally in cooperation with the Signal Foundation.
Thanks for starting this topic. The word on the street is that it’s hard to stay afloat on Signal servers as they’re not letting in any unofficial apps, so a close cooperation with the Signal Foundation might be crucial.