The guy complains about those login buttons but the app is very much possibly the worst design I may have ever seen when I looked on his site. It harkens back to bad knockoff Metro UI text designs where the designer failed to read any form of typographic guidelines.

The author seems a little in need of therapy and to walk away from this for a little while with just how angry, sarcastic, and tonedeaf it all reads and to be clear, I'm in therapy, it's great and helps.

Honestly, I don't know why he is offering social login on an app that advertises E2E chat anyways, you are just giving them all the Keys to the Kingdom.

I feel like you’re getting personally offended here. And I get it, you’re likely a responsible person who will be respectful with my information.

However… when looking at apps and signing up for them, can you tell me how I would differentiate someone like you (who I can probably trust) with someone who will sell my information, or send me a ton of emails?

Even with good developers, some will make mistakes and lose data. Some will get sold and the new owner will do different things. As a user, not only can I not pick out the bad from the good, but I don’t know that the good will be good forever.

(I say this as someone who has been burned a few time. Always using a different email address when signing up allows me to track who is doing bad things. It happens far too often)

If you want to make sure, check who is behind the app before you sign up and make an informed decision from there

Of course it is easier when you can relate the app to a physical person (as in my case). How can you make sure the physical person has good morals? That is a lot harder

I did dislike implementing AppleID purely because I was told to do it and even how to make it look which went against the design I'd already nailed for the app. It just put me off. I just wish Apple treated developers with more respect but it seems even Apple users are happy that they mistreat us. It seems Apple users enjoy the "power" Apple has over us. I think that this is just evil. It's like enjoying the "power" Uber has over the taxi market, or the "power" Deliveroo has over the miserable sods that do the deliveries. I don't know what the solution is, but Apple needs to change this behavior and the only way might be to "convince" their users somehow. Strikes are never a pretty sight

Again, I guess you could draw an analogy with Uber. We used to depend on our luck to find a clean/respectful/honest taxi driver and now we rely on Uber to manage this for us (with reviews etc). But Uber never really had their drivers in mind, and it took collective action for Uber to start respecting them a bit. I think that something similar needs to happen in the app space. We need rights

This is an interesting viewpoint.

"It seems Apple users enjoy the "power" Apple has over us." --> Absolutely yes. But it just goes back to my main point - I am unable to vet app developers. And even if I do, there is no way to ensure data is handled well long-term. What if Facebook makes you an offer you can't resist?

Basically, I have had many experiences with developers abusing my information. Now I have someone fighting back for me (don't get me wrong, I'm not an idiot. I know they are doing it because I pay them an obscene amount of money).

The way to convince people is for developers, as a whole, to behave responsibly. If developers had never abused my information, I'd likely have no issues ever giving them some of my information.

Edit: I'd just like to say again that I am in no way saying that you are doing anything bad. You seem like a good fellow. And perhaps the curse of being one of the few good people in a room of bad people.

> The only purpose an email address serves is password recovery. Period

And you can still do that with Apple's email relay. So I fail to see where's the problem.

To be clear: This is not meant as a direct attack, just to highlight some of the pitfalls of creating your own e2ee chat protocol.

I had a quick look at your app's e2ee and summarized my findings here: https://telegra.ph/Reviewing-the-app-behind-My-small-revenge...

Feel free to correct.

I also noticed that you created your HN user to post just this, and the telegrap.ph link doesn't allow comments (nor show who you are). Given that you've decided to publish this without asking first if it's correct, I'd appreciate that you either make a reference to this item on HN or amend the specific points I mentioned. I noticed some E2E error messages coming from the trace which means that you (I assume it was you) have been tinkering with it/trying to break it. This is fine, and if you manage to do that, power to you. But if you fail to compromise the encryption then please also consider being a bit less harsh in your conclusion (considering what I've told you)

Finally, I am happy to let you have a peek at the source code if you want to know more about it. I want to OS it but can't get around my paranoia of doing so. You'd just have to make your identity known and offer an email address or similar

Hey, just seen this now.

First of all, thank you for taking your time to do this. I still wish you'd told me before so that I could help you understand a few points before publishing, but I totally get it, good effort. A bit unfortunate that your post got flagged and taken down

A few comments:

> chat keys are ever changed or when (forward secrecy)

Yes, this can be done anytime by any user. Chats -> Settings -> Renew RSA Keys

The Windows client doesn't include any chat capability, it's not just that it isn't E2EE, you simply can't send/receive messages on it. I plan on replacing the Windows client entirely with a web version, it's only there for some few users who really need it

>it's legal to have a directory of all registered users and email addresses accessible to all users

This is not the case. Users can only see other people's contact details when they are in the same "Group". Otherwise, both email address and name is hidden

>On Android, the standard `Random` is not entirely[5] based on current system time, but it does not seem like Codename One uses that. The documentation says it's purely time-based.

I think you may have missed that every message is encrypted with the ChatKey but also with a different IV each time. This ensures each message originates from a different seed

Don't know if you can update your post with this info? Anyway, thanks again and happy to discuss! I might have missed some points. Tbh the E2EE chat isn't really used by loads of people and in retrospective I should have made it non-E2E since most users use the app for its organigrams and not for secure comms. I just did it this way for fun

Edit: One last note

>If you're going to use a closed-source E2EE chat application, you might as well use WhatsApp

The problem with Whatsapp is backups. They kind of make E2E pointless

Edit 2: feel free to reply directly to javierantonf@hotmail.com I can't guarantee I will see your msg here

Edit 3: Isn't 2048 valid until 2023 and possibly beyond?

I have now fixed the one vulnerability you got right (MITM): https://www.groupsapp.online/post/improved-e2e-encryption

> I send 0 emails and privacy and security are top priorities. I am passionate about E2E encryption so I have integrated loads of that in the app too

- "privacy and security are top priorities".

and then

- Wants to force users to only use the least private log ins: via Facebook and Google

- Is pissed when privacy-conscious users hide their emails via Sign-in with Apple

> I am a bit tired of people trusting big tech so much. They are businesses, meant to make money.

Yes, yes they are. So why do you trust FB and Google and force your users to use those log in methods?

I am going to assume you haven't read/understood everything I wrote

I don't force users to use Google/FB. They can use traditional email signup just fine

Emails could be masked before Apple ID came along. Namely, gmail addresses let you do this. So it's not anything new or revolutionary. Users could use that to sign up for Groups before

I would have probably ended up implementing Apple ID, but the fact that they forced it in a most discorteous manner frankly p**d me off. When someone does this kind of stuff you need to remember and try to curb their behavior where possible. That's what I'm doing

ps. I don't trust FB or Google either

> Emails could be masked before Apple ID came along. Namely, gmail addresses let you do this.

How? I've used gmail for over a decade now, and I have no idea how to do that with my address.

> I don't trust FB or Google either

And yet you have no qualms providing a login through either of them both in the app and on the web.

So much for "I care about security and privacy".

Gmail has the `+` trick and ignores any `.`s in the name area. E.g. `foo@gmail.com`, `foo+bar@gmail.com` and `f.o.o@gmail.com` will all deliver to the same gmail inbox.

It's not nothing (I tend to use it to track how my email address is being sold), but not a real level of masking, since anyone in the know could regenerate the "standard" address easily.