Show HN: ZuccNet – Encrypted Facebook Messaging
github.comFacebook Messenger already has Secret Conversations, which is end-to-end encrypted mode based on the Signal protocol.
Here's the technical whitepaper: https://about.fb.com/wp-content/uploads/2016/07/messenger-se...
Here's some of the academic work on messaging franking that it has driven: https://eprint.iacr.org/2017/664.pdf
Here's the instructions how to use it: https://www.facebook.com/help/messenger-app/1084673321594605
Of course, you need to trust that the client from the app store and no, the implementation is not open source.
Also, ZuccNet is using RSA-2048-OAEP to encrypt each message: https://github.com/tomquirk/zuccnet/blob/master/src/util/cry...
This is not forward secure. It will also only work for messages under 256 bytes. I don't know what happens in this code if you exceed that message length.
You want to use ephemeral session keys here. Read the Secret Conversations whitepaper as an example.
If you are trusting facebook in any matter, you are misunderstanding something. Whatever they say, they have the keys to decrypt it. It is like trusting the thief to guard your house.
I dislike this "ZuccNet" as the real goal should be abandoning facebook ecosystem but I still think that anything for naive people is better than nothing, so thumbs up.
Your assertion is false. Please read the whitepaper.
Facebook does not have the key to decrypt messages sent with Secret Conversations. It is generated on-device. You can confirm that using simple reverse engineering tools on, say, the Android APK.
Yes, Facebook could subvert the binary by pushing an update. That is the risk you are accepting.
This is whitepaper, it is not implementation of closed source application.
Let me explain how this works in PR world. You publish (with all the bells and whistles) that you have end to end encryption and explain protocol that uses asymmetric cryptography (just for the sake of simplicity I will simplify - you have public and private key, you send public key to all chatters with you, they will encrypt randomly generated symmetric key with it (asymmetric crypto is slow, you don't want to use it directly) and send it back (where you decrypt it) and vice versa. Then you use symmetric key that you have safely exchanged for use in block cypher, lets say Rijndael 265635238 bits (as big numbers mean more safety(tm) /s).
You publish white papers of protocol, get all the cryptographers on your side. Fanboys are screaming, public is applauding, girls wants to sleep with you and president is thankful. What you don't tell is that you also encrypt symmetric key with YOUR public key that is embedded into application and send it along as a "status_check" field.
And everyone is happy forever after. /s
> Your speculation is not interesting to me.
This works in both directions. But bottom line, whitepaper is not the application (and even if it would be, have fun reading http://www.underhanded-c.org/ or https://en.wikipedia.org/wiki/Dual_EC_DRBG and who has more motive as the corporation that profits from spying on everyone and everything). It is just as the name says. Whitepaper.
"Timeo Danaos et dona ferentes"
or maybe you will like this one more:
"Trust is built in drops and lost in buckets"
And you dont trust someone as Facebook or Google any more. They have lost trust in ship containers not buckets.
> Yes, Facebook could subvert the binary by pushing an update. That is the risk you are accepting.
That's exactly the kind of risk you should never accept when it comes to Facebook.
Says the ex-Facebook engineer.
> Whatever they say, they have the keys to decrypt it.
This is a baseless assertion.
In Australia its illegal to encrypt user data with out the ability to decrypt it.
Do they offer this service in Australia? Yes. Then they have the keys.
Facebook isn't doing the encrypting. You are. You have the key on the phone.
You could also have the law enforcement public key that was compelled to be installed in your corespondent keyring, invisibly, re-encrypting all those messages for FB, LEA and IC. That way its all "end-to-end encrypted" and giant public messaging system can be selectively tapped by authorities. Everyone loses!
as of a few months ago[1] it seems like Facebook and other tech companies haven't complied with it yet. I think governments are still just pestering them about it.
[1]https://www.independent.co.uk/life-style/gadgets-and-tech/go...
but it is a safe assumption
It's a falsifiable assumption. Audit the binaries if you want to convince yourself. You will see code to generate and use keys locally, with no mechanism to fetch or share keys from a server.
If you want to go beyond generic concerns, there are plenty of academic papers that have looked at Facebook Secret Conversations, found actual issues, and helped get them fixed: https://link.springer.com/article/10.1007/s00145-020-09360-1 https://link.springer.com/chapter/10.1007/978-3-319-63697-9_... https://link.springer.com/chapter/10.1007/978-3-319-96884-1_...
Why are you so eager to trust an organization that has so often demonstrated it's not worthy of trust?
This is Facebook, for pete's sake. The same company that conducted psychological experiments with zero clinical/ethical oversight by manipulating its users' feeds to see if it could cause depression/anxiety (or the opposite).
Facebook is evil and you should not trust them even a little bit.
He is so eager, because he was a software engineer at Facebook. His site is in his profile.
The app can auto-update itself at any time and install some binaries that do share the key with the server; trust is virtue of every single thing the company (im this case FB) can do and auto-updates is one of them.
"When you report a secret conversation, recent messages from that conversation will be decrypted and sent securely from your device to our Help Team for review."
So they either have the keys or a way to force the client to decrypt.
Or it’s decrypted on your side, and you reporting it sends the decrypted form. How else would a “report” button work if not with unencrypted data? Not everything is a conspiracy.
Trust is earned.
From Facebook Secret Conversations FAQ:
> If you think a message you've received in a secret conversation goes against our Community Standards, you can report it. Learn more about what a secret conversation is. When you report a secret conversation, recent messages from that conversation will be decrypted and sent securely from your device to our Help Team for review. We won't tell the person you're talking to that you reported it.
Since Facebook's software is managing the keys, they have the ability to decrypt Secret Conversations. You have to trust Facebook not to snoop. Whereas w/ ZuccNet, the public keys can be exchanged via a separate channel from Facebook, thus rendering Facebook unable to snoop.
The metadata of our conversations is really more important than the content most of the time. Especially if FB is tracking the conversation participants before and after the chat.
If we chat and then shortly there after you search for some fringe political group, it's pretty safe to see that as a strong indication that I'm involved with that group. Or if my geolocation places me at some political event and we chat during or just after it, you're implicated.
FB doesn't need the contents of messages, they need the metadata plus all the other user tracking.
This isn't safe to use:
https://github.com/tomquirk/zuccnet/blob/42e351e36b3b5dbaef0...
1. Try encrypting a message larger than 256 characters. Even if you somehow succeed, it will fail to decrypt. (My understanding of JS crypto is that it will throw an error if you try.)
2. It lacks forward secrecy.
A much better design would be to encrypt with an ephemeral (one-time) 256-bit AES key (using CBC+HMAC), then encrypt the key with RSA. (AES-GCM is probably easier, but if you're worried about message commitment, that's not recommended.)
(On sweis's comment about Secret Conversations: I don't trust closed source implementations--and neither do a lot of us on HN, so that's a non-starter. Tell the Facebook team to open source it, with reproducible builds, if you want it to be trusted.)
Recommended reading for the author: https://soatok.blog/2020/11/14/going-bark-a-furrys-guide-to-...
I bet Facebook gets a lot more value out of tracking you across services and locations than from the actual contents of your messages.
This doesn't address it; if you're willing to go to these lengths, just switch to another platform that encrypts E2E.
True, if you can get your friend to care enough to install this exotic app, you can also get them to install the WhatsApp alternative of the day...
The Venn diagram of "people who would be willing to use a tool like this" and "people who are already using Signal" is a circle.
Still, it's a fun proof of concept tool.
Reminds that Facebook messenger started out as (non federated) XMPP and worked with OTR until they re-factored everything.
For a little while it was possible to just use pidgin, and have OTR work with Google talk (also boycotting fédération), Facebook and general XMPP.
But now the silo walls have been reinforced.
Interesting idea. The problem that I see is once me and my friend(s) decide together to use some special tool we could just as well decide to use another platform. Might be easier to use as well (even my father knows how to use, for example, Signal). Surely Zuck will not be reading other platform messages if preventing that is your goal ;-)
Will this result in getting locked out of your account for “suspicious spam messages?”
I would still stay away from Facebook even with this. That platform is a data miner. Nothing more, nothing less.
And all these years I've been using it as a photo sharing site, trip planning site, event planning site, news aggregator, messenger, and about a dozen other things.
Data mining is the price you pay to have those things for free. I'll leave it up to individuals to decide whether or not it's worth the cost.
great as an academic exercise, but not useful in reality.
Can't seem to login if I'm using 2FA, even with an 'app password'.
Just create a Facebook without Facebook knowing your activity
A browser extension that does exactly this would be useful.