Sender | Message | Time |
---|---|---|
16 Mar 2024 | ||
Fina | Being able to disable direct connections seems like an anti-feature to me, considering that we don't want to overload the relay server? In any case, when the direct connections all fail it should default to using the relay anyway. | 16:39:50 |
piegames | Fina all good P2P applications allow to disable direct connections (including most VoIP software like Signal calls). The reason is that this feature leaks quite a bit of potentially sensitive data and should not be used with untrused peers. This is a tradeoff between performance and trust/privacy | 16:41:33 |
piegames | (Note that currently a malicious sender could still promote a sockpuppet relay to at least gain the public IP of the peer, but people who include that in their threat model should go straight up using Tor or a VPN anyways | 16:42:27 |
piegames | * (Note that currently a malicious sender could still promote a sockpuppet relay to at least gain the public IP of the peer, but people who include that in their threat model should go straight up using Tor or a VPN anyways) | 16:42:29 |
Fina | That is true, and it would be the only reason I could think of to do this, however I wonder if it's even enough to prevent this information from leaking | 16:42:40 |
Fina | Having a privacy mode where only the configured relay server is taken into account, no direct connections are allowed, and no direct hints are being sent would make the only party who still knows who is talking with whom the mailbox and the relay server. But that requires more than just disabling p2p traffic. And without reviewing the entire protocol with this thought in mind I'm still not sure this 100% guarantees to prevent your IP from leaking. Does it? | 16:47:32 |
piegames | Direct connections also leak your local network interfaces per design. That may be sensitive in some cases | 16:47:44 |
piegames | In reply to @felinira:matrix.orgThe Rust library allows you to control whether you want direct connections and/or relay servers (you can also force direct connections if you want to), and will only send the necessary hints. This is not encoded in the protocol, but a client feature. (The protocol is pretty agnostic to the hints being sent) | 16:49:14 |
Fina | In reply to @piegames:matrix.org I mean personally if this were my threat model I would not use any sort of direct / immediate file transfer protocol, as a sophisticated third party can always figure out where the traffic is coming from and where it's going, at the very least if they hijack a core router in front of the relay server. That being said one could argue about something like this being useful in some cases where the network is trusted, but the file transfer peer is not. | 16:54:14 |
17 Mar 2024 | ||
@mls-7432:matrix.org left the room. | 20:45:59 | |
18 Mar 2024 | ||
cleverca22 joined the room. | 14:11:21 | |
1 Apr 2024 | ||
@w0mper:matrix.org left the room. | 16:09:38 | |
6 Apr 2024 | ||
Wandering Magus joined the room. | 02:23:56 | |
11 Apr 2024 | ||
foretold joined the room. | 20:48:47 | |
foretold | hey, wanted to ask, is there some sort of gradle plugin i can use to have wormhole on java or kotlin projects? | 21:04:09 |
lukasheili | you might be able to build the rust lib as a native binary and import it via ffi, but i guess you would have more work than just importing it as gradle plugin^^ | 21:29:16 |
12 Apr 2024 | ||
foretold | I was watching the pyCon 2016 video on magic wormhole protocol, and the person was talking about how you need a new key every time. I wanted to ask, is it possible to use this protocol as a rendezvous service to establish a connection between two different android phones, but i would like to have some sort of persistance, lets say you scan QR code once, and you can use that to connect to the phone as long as it is online and connected to the internet. | 13:27:27 |
Fina | you can use the one-time channel to establish persistent credentials for some other protocol | 13:44:02 |
Fina | is that useful? not sure. | 13:44:29 |
foretold | Can i have a key saved in another phone and use that to establish other protocol connection? I dont want to send data, just establish it like you say | 13:45:49 |
foretold | use the mailbox bridge server, to exchange IP and other data and then use that to establish other protocols basically. Because to make an app where you can connect to two devices wherever you are, you need some sort of bridge, since IP changes | 13:47:05 |
Fina | well, if you choose a long enough nameplate to be guaranteed to be unique, might work. not sure why you would want to use magic wormhole specifically then though. | 13:50:07 |
foretold | Do you know what else i could use to establish the connection? I would just want to use the wormhole mailbox server, use it as a bridge to form connection between different devices. Just the handshake part. I hope i am making sense | 13:52:15 |
foretold | i will take a look at this project https://gitlab.com/lukas-heiligenbrunner/wormhole | 14:06:31 |
foretold | I just need to figure out how the whole handshake happens and the transit relay happens | 14:07:56 |
foretold | Lukas you used rust port for the wormhole stuff right? | 14:17:36 |
lukasheili | https://github.com/magic-wormhole/magic-wormhole.rs Here might be a better place to start searching 😉 | 14:17:54 |
lukasheili | In reply to @foretold:matrix.orgYess. As also Warp does... | 14:18:13 |
20 Apr 2024 | ||
dko1905 joined the room. | 17:54:33 | |
21 Apr 2024 | ||
7eter joined the room. | 09:32:50 |