Features
Features and XMPP support
Features that set us apart
CoyIM implements many features that exist in other chat clients. There are, however, some things we do differently:
- End-to-end encryption of all one-to-one chats with OTR version 3.
- Automatic anonymization of server connections through Tor (if installed).
- Extra layers of encryption and server anonymization through the use of Tor Onion Services (if the server in question has a known address).
- Compartmentalization of different accounts through the use of separate Tor circuits, random connection delays and other mechanisms.
- Secure lookup of connection information over Tor (using SRV, SRV for TLS and Onion Services in SRV entries if possible).
- Encrypted transfer of files and directories between CoyIM users. (using encryption mechanisms from OTR to make this encryption both authenticated, confidential and deniable).
- Strong authentication mechanisms using
SASL SCRAM
(depending on the server support,SHA-512
,SHA-256
orSHA-1
, with thePLUS
version if possible). - Migration from other chat clients such as Pidgin, Adium, Gajim or xmpp-client, by importing all account information, including OTR keys and fingerprints.
- Protect all your configuration information, including OTR fingerprints and keys by saving it in a strongly encrypted configuration file.
Features we want to have
We believe that CoyIM currently is a very capable secure chat client. But at the same time we want to add some more features. You can check our Github issue tracker to see a full list, but here are some of the most important for us:
- Availability in more languages - we currently have support for English, Swedish, Spanish and several more languages. But we want to reach more people around the world, so support for more languages is definitely a priority for us.
- Support for more multi-user chat features. The current chat room support works extremely well for many purposes, but we are also missing other features that would improve the experience.
- Bundling Tor. Currently you have to have Tor installed separately, but it would be great to be able to simply download CoyIM and it contains everything you need, including Tor.
- Creation of a new anonymous random account with one single action.
- Support reproducible builds for all platforms. We currently only support reproducible builds for Linux, and since this is an important security feature we want to extend it to macOS and Windows as well.
- Improved user interface. With the work on multi-user chat we put a lot of attention on the usability of all features, and the graphical design. We want to extend this work to the rest of the application.
- Display a unified security rating that combines several different measures of security, making it easier for someone to immediately understand the level of protection they have.
Features we won’t have
The focus of CoyIM is on providing the most secure experience for the user. For this reason, we are very careful in what features we add to the application. Any feature we add will increase the size of the code base, it will lead to more complexity and a higher likelihood of bugs. This means that we often will say no when deciding on new features. This also has a large impact on the structure of the application itself. Other features would not necessarily make the codebase more complex, but come with other risks. This might sound negative and oppressive, but as a user it should give you comfort - every feature we will not implement is something you don’t have to worry about as a security threat.
Here is an overview of some things you might expect to find in a chat client, but will not make it into CoyIM:
Configuration options for everything
Many programs allow you to configure every single aspect of the system. This is natural - as developers it is sometimes hard to make a choice. So, often we end up simply giving the user a choice. Of course, this can be very powerful, and being able to customize everything in an application can lead to great results. But at the same time, every added choice also leads to more code. So, as a security-centric application, we will often try to avoid configuration options and instead try to choose the option that is correct for most cases.
Automatic logging of conversations
Most communication applications will store logs of all your communication somewhere. You can often manually delete this, or turn it off, but the default is to store this information. Our philosophy is that it’s better to not store the information in the first place. That way, the risk of the information being stolen disappears. Conversations in CoyIM should be thought of as ephemeral, in the same way physical conversations face-to-face generally will not be stored or recorded. CoyIM will not store logs, and does not even have the option to turn it on.
Stickers, emoji renderings and other non-text communication
Most communication applications support many different ways of expressing yourself. Especially on mobile phones, the idea of stickers, emojis, gifs and other graphical representations are available. In the case of CoyIM, we have decided to minimize these tools, and instead focus on text as the communication medium. Outside of the complexity cost of these features, there are some additional security risks attached to graphics. Many of the worst exploits to hit messenger applications over the last few years have used bugs in image processing libraries as the vulnerability of choice. By minimizing the use of graphical representations we are also reducing the risk of these kinds of attacks.
Links
Links are a normal part of most applications these days. But at the same time, links in emails and messages are common vectors of attack. Security professionals have tried for a long time to encourage people to not indiscriminately click on links, and we want to contribute to that idea. For this reason, the CoyIM user interface tries to avoid the use of links, and will also not highlight or recognize links in conversations.
Fancy graphical user interfaces provided by browser technology
Most communication applications these days use browser technology to build their user interfaces. They do this either by embedding a so called “web view” in their applications, or they build the whole application using something like Electron. And while these technologies allow you to create very pleasing user interfaces quite easily, they also come with risks. Browser technology (such as HTML, JavaScript and CSS) are large and complex, and when using these methods you are effectively embedding a browser in your application. That means that you are also embedding all vulnerabilities from the browser in your application. For this reason, CoyIM is not built using this kind of technology. Sometimes that means CoyIM will not look as good as other alternatives, but there’s still much we can do using native GTK.
Support for other communication protocols
There exists many different chat protocols. XMPP is only one of them. But over the years, things such as ICQ, MSN, Yahoo, Skype, Facebook Messenger and many more have been created. CoyIM will never support these protocols. In general, when adding protocols, the effect leads to an exponential increase in complexity. Making a system with only one communication protocol work well is hard enough. Trying to manage different protocols with different features and behaviors while still retaining an extremely high level of security is simply not feasible. XMPP is a well supported protocol. It has many extensions which add a myriad of features, but the core is simple enough that it can do anything you need it to do. At the same time, there exists many applications that support XMPP, so we are not losing anything important by only supporting it.
Support for other encryption protocols
Just as with the communication protocol, we only want to support one single encryption protocol. That protocol is OTR, and we want to support it as well as we can. There exists many protocols out there, but we believe that OTR has the strongest security profile out there. We are also quite confident in our implementation of OTR, since it has received an audit showing it does what it is supposed to do. For this reason, we will not implement PGP, OMEMO or any of the other possible encryption protocols in CoyIM.
Plugins
One common feature for communication applications is the support of plugins. These can give all kinds of new functionality depending on the application architecture. Sometimes, applications use plugins internally to implement different features, and sometimes they allow users to manage and install their own plugins. But just as with many other things on this list, the explosion in complexity from such a feature is simply impossible to accept if we want to maintain an acceptable level of security. Fundamentally, a plugin architecture adds a lot of complexity by itself, since you need to design the points where plugins can be hooked in. But once you have plugins, you simply have no control over the code base, since a plugin could do a wide range of things that could compromise the security of the application. For this reason, we have no plans to ever support plugins in CoyIM.
XMPP support
CoyIM is an implementation of the XMPP standard. With some exceptions for security reasons, CoyIM supports the core protocol as detailed in RFC 6120, RFC 6121, RFC 7590 and RFC 7622.
XMPP extensions
The XMPP Standards Foundation develop extensions to XMPP in a series of standards called XMPP Extension Proposals (XEP). This page lists the XEPs that are fully or partially supported by CoyIM:
- XEP-0004 - Data Forms
- XEP-0030 - Service Discovery
- XEP-0045 - Multi-User Chat
- XEP-0047 - In-Band Bytestreams
- XEP-0054 - vcard-temp
- XEP-0065 - SOCKS5 Bytestreams
- XEP-0077 - In-Band Registration
- XEP-0092 - Software Version
- XEP-0095 - Stream Initiation
- XEP-0096 - SI File Transfer
- XEP-0115 - Entity Capabilities
- XEP-0136 - Message Archiving
- XEP-0199 - XMPP Ping
- XEP-0203 - Delayed Delivery
- XEP-0231 - Bits of Binary
- XEP-0245 - The /me Command
- XEP-0368 - SRV records for XMPP over TLS
- XEP-0380 - Explicit Message Encryption