The Session Messenger application started out as a fork of Signal Messenger, but has some major differences that are important to highlight and review.
Here we share a quick summary of what we think are the important things to know about:
Overview
-
cross-platform clients, that are available for most computer operating systems, and the two most popular mobile OS. Including direct APK downloads and F-Droid repositories.
-
Desktop OS and Mobile OS full feature clients.
-
Session is operated in a de-centralized manner. (where Signal is centralized.)
-
Maintained by the Oxen Foundation and Platform.
-
Session seems to have more components and complexity then a similar platform like Signal or Telegram. However, this is negated by the fact that the complexity is added to create and ensure privacy preserving techniques and does not use centralized and ancient identifiers or personable identifiers like “telephone numbers”.
Major Notable Features
-
No personable identifier such as a “telephone number” needed for usage.
-
Desktop Client can be used independently or in conjunction with a mobile OS handset.
This is really important feature for certain use cases. -
Onion Routing:
https://getsession.org/faq#onion-routing
“Session’s onion routing system, known as onion requests, uses Oxen’s network of Oxen Service Nodes, which also power the $OXEN cryptocurrency. Check out Oxen.io to find more information on the tech behind Session’s onion routing.”
Quotes From the Lightpaper:
“When users sign-up to Session, their device generates a cryptographically secure Session ID.
This is used as their contact information on the app.
^ This is one of the killer features of this application.
No personal information is required to create a Session ID, so you never need to link your real identity to your identity on Session.
Session IDs are the public half of a public/private key pair,
making them secure, recyclable, and anonymous.
The private half, which is known as your Recovery Phrase, can be used to restore your Session ID on a new device.”
Features still in progress
- Audio calls
- Video calls
Features available today
2021 Session Roadmap
Lightpaper:
Whitepaper:
Project URLs
- https://getsession.org
- https://github.com/oxen-io/session-android/releases
- https://github.com/oxen-io/session-ios/releases
- https://github.com/oxen-io/session-desktop/releases
Oxen URLs
3rd Party Audit
- https://blog.quarkslab.com/audit-of-session-secure-messaging-application.html
- https://blog.quarkslab.com/resources/2021-05-04_audit-of-session-secure-messaging-application/20-08-Oxen-REP-v1.4.pdf
NOTES:
Uses libsodium
Other blogs:
-
https://securitytech.org/secure-encrypted-messaging-app/session/
-
RTWM Session Messenger public ID:
https://rtwm.io/.well-known/session.txt