With an emphasis on privacy. Session is a fork of Signal with interesting features

With an emphasis on privacy


Session es a messaging client with end-to-end encryption. It is ideal to avoid the transmission of metadata with sensitive information.

Privacy begins with enrollment. Unlike other options it is not required to enter the phone number. Just click on Create Account after installing it for the program to generate a unique random session ID.

Each user will only have to share their session ID with the contact they want to add. It can also be shared in QR code format.

Session allows the following types of conversations:

Group chats

This option has two modes. Closed chat for up to 10 people, and unlimited open chat.

Voice messages

The developers promise the same privacy features.

File sharing.

Session can be used to exchange all kinds of documents and images.

With an emphasis on privacy. This is how Session works

Conversations in Session are encrypted end-to-end, as in most other private messaging applications. However, the difference is that in Session, the identities of the people communicating are also protected.

The messages are sent to their destinations through a decentralized routing network similar to Tor (with some key differences), using a system that its managers call  onion requests (Onion in the original). Onion requests protect user privacy by ensuring that no individual server knows the origin and destination of a message.

An onion routing network is a network of nodes over which users can send anonymous encrypted messages. Onion routing networks encrypt messages with multiple layers of encryption, and then send them to through a series of nodes. Each node "unwraps" (decrypts) an encryption layer, which means that no individual node ever knows both the destination and the origin of the message. Session uses onion routing to ensure that a server that receives a message never knows the sender's IP address.

When a message is generated, it is directed to the recipient's Swarm. A swarm is a group of Service Nodes in charge of temporarily storing messages for the recipient to retrieve them later.

Every swarm is a collection of 5 to 7 Service Nodes responsible for storing messages for a predefined range of session IDs. They assure that messages are replicated across multiple servers on the network, so that if a Service Node goes offline, they are not lost. In this way, Session's decentralized network is much more robust and fault tolerant.

You cannot say that Session uses peer-to-peer technology since clients do not act as nodes on the network, and they do not relay or store messages from other clients. The model is closer to a client-server architecture, where the Session application acts as a client and the swarm of Service Nodes acts as a server.

The application is supported by the Loki Project. This project is supported by a non-profit entity that goes by the name of Fundación Loki. The foundation provides users with tools to interact online in an anonymous, decentralized, secure and private way.

The Loki Foundation, as the person in charge of the project, ensures thate in case of receiving judicial summons, it would not be in a position to reveal the identities of the users simply because you don't have access to the data necessary to do so. The session account creation does not use or require email addresses or phone numbers. Session IDs (which are public keys) are recorded, but there is no link between a public key and a person's actual identity, and due to Session's decentralized network, there is also no way to link a session ID to a specific IP address.

The most the Loki Foundation could provide, if forced to do so, it would be tangential information such as the access records to the getsession.org website or the statistics collected by the application stores of mobile devices.

Session is available for Windows, Linux, Mac, and mobile devices


A comment, leave yours

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Gabriel said

    The work that Via Libre does is admirable, isn't it inconsistent that they use corporate networks like TW YT, instead of free networks, respectful of privacy?