The part of the design which piqued my curiosity and distinguish Tinfoil Chat from other messengers is the endpoint-security aspect.
Besides the software it uses a very simple made data-diode[0] circuit especially to prevent key- and plaintext-extraction by limiting the data flow in only one direction. This is used to connect three distinct computers (sending/receiving/networked) from which only one is considered compromised (the networked one).
The rational behind that is as long as your (sending/encrypting and receiving/decrypting) endpoints aren't compromised during installation it's very hard to compromise them later.
That can't be said about Wire on an unsave endpoint like an android phone. On the other hand, Tinfoil Chat isn't the easy to use messenger which you want to recommend to any non tech-savvy person.
(It's actually only sending computer that must not be compromised during installation, but in other respects you're right.)
The other nice aspect is Onion routing by default similar to Briar, Ricochet, Onionshare and Cwtch. TFC has no server in the middle that could collect metadata, and Onion Services hide geolocation of the users as well.
I completely agree it's not easy-to-use in comparison to other messengers, but I've found it very difficult to increase convenience without losing endpoint security.
> (It's actually only sending computer that must not be compromised during installation, but in other respects you're right.)
Thanks for clarification, it slipped my attention that plaintext extraction isn't possible even with a compromised receiving endpoint as long as the data-diode is in place.
And thanks for your work. I'm currently experimenting with TFC on various hardware and considering it as topic of my (long due) bachelor thesis in Software Engineering.
another chat for the collection thanx for the link.
Im curious schlowmo, do you recall hunt4eva?
how about L!G! or trollster? If not dont worry your handle is similar to someone, ive not heard from in a long time.
Besides the software it uses a very simple made data-diode[0] circuit especially to prevent key- and plaintext-extraction by limiting the data flow in only one direction. This is used to connect three distinct computers (sending/receiving/networked) from which only one is considered compromised (the networked one).
The rational behind that is as long as your (sending/encrypting and receiving/decrypting) endpoints aren't compromised during installation it's very hard to compromise them later.
That can't be said about Wire on an unsave endpoint like an android phone. On the other hand, Tinfoil Chat isn't the easy to use messenger which you want to recommend to any non tech-savvy person.
[0] https://en.wikipedia.org/wiki/Unidirectional_network