We originally developed LamChat instant messaging for our own use. To share confidential client information amongst a group of engineers working on client cyber security infrastructure.
The journey to develop instant messaging was borne out of a distrust of email and also the vulnerability that it poses. That is, emails just arrive! Humans can be tricked into clicking the link. Instant messaging is different as you have to connect first before communication starts. The technology and service has evolved a lot especially in the last four years.
LamChat is now a public service and I get asked about it a lot. How does it work? How will you make money from it? Why is it different from Signal, Telegram, WhatsApp and things like Protonmail?
All these technologies have a role to play but what amazes me is the behaviour of humans especially the rush to trust. So many dive into a trendy thing without understanding and I worry about people taking advantage of the vulnerable.
Messaging systems – the Basics
Messaging systems are basically built of two key components; the software on the handset and message exchange system. They all typically use the internet to connect them together. The software running on a phone or PC is typically referred to as the client device.
I have written before about the double ratchet encryption methodology used by LamChat so I won’t go over it again in this piece.
We use a domain name (”lamchat.co“) and certificate to ensure that when we direct the Client to connect with the message exchange server, that it does so correctly and establishes an encrypted tunnel. This is similar to connecting your browser to a trusted website. The various messaging Client applications use an encryption system on top of this to encrypt individual messages. The more secure systems (LamChat, Signal etc) encrypt every message with different keys set so that it protects future communications and previous ones from being decrypted if any one message key set are guessed/calculated.
The other facet of the Client software is that it ensures that the person receiving the message is the only one who can read it. When you connect with someone on instant messaging, say via mobile number, email or otherwise, another set of keys are created and shared between those connected that are added to the encryption effort of each of the messages, thereby ensuring only the intended recipient can read the messages.
Considering open source as security feature of a system
The security of the system depends on the threats and is constantly changing but fundamentally in building the system we are concerned about the quality of the software, the architecture of the message exchange, storage of information and access.
We focussed on building a system with software that is free from malicious code. Supply chain attack is a real threat today and its hard to deal with. I point to the Solarwinds incident in 2021. When software engineers build a system they typically rely on libraries and other pre-written code. So much has been written there is no point re-inventing the wheel. The challenge is, what’s in those libraries? So using open source code or well-used libraries is popular. There are many open source projects that can provide cryptographic technology for us to use.
For example Signal and Telegram offer their code set as open source. The main goal is to show to people that the code they are loading on the phone is good, not evil, or what it can do. The thought there is that if its published openly people can inspect it. We trust that some geek out there has poured over it and would raise the alarm if something was dodgy. Note that LamChat and Signal offers its code set as open source for the Client and message exchange system. Telegram only offer its Client software.
When using open source software what is the best to choose if you want to build a system? The concept of a well supported open source project is an important consideration. In the case of the Signal code set, the contributors are the Signal people and maybe a few others. This means that any version changes need more scrutiny. You might do a lot of work to scrutinise initially, load it on your phone, but accept updates without the same scrutiny. On the other hand with the Matrix/Element code set there are many people contributing so there are many more eyes looking over things that change, adding functionality and owning the system as a group. I think the well supported open source projects provide more security due to the governance in place.
We also want to know about the engineers writing the software, where they are located, their development environment and some of their history. In our case I know them personally, I know where they live and I know the organisation and systems around them.
The Hosting
When you send a message, file or call to someone at the other end of a instant messaging service your message is going to initially turn up at a message exchange system. This system will take your message and forward it on to the recipient. Most systems will hold the message (as an encrypted bundle) until the intended recipient connects.
Services like Telegram don’t fall into this category (at the moment). In the case of Telegram, the Client software is effectively a browser and your messages, files, pictures etc are stored in their central servers. While the connection to their servers is encrypted nicely the details stored on their servers and how are not clear. It is clear that you the user of the service do not control the encryption end to end. You the user only control the encryption to the Telegram servers.
The exchange of any instant messaging service is typically a bunch of servers. These will be located somewhere and operated by someone. While E-to-E encrypted services such as LamChat, Signal etc don’t or can’t decrypt messages, the meta-data of the message exchange are kept there. This meta data is or could be valuable when correlated.
The regulatory or political environment has an impact on where the servers are located. For example the Chinese and American governments have requirements for service providers to comply with and means they can gain access to systems on their soil. This is the same in Australia where LamChat is hosted. In Australia you (a citizen) have a say in those rules, like an American citizen does in their case. There is a legal frame work the operators need to work with.
Most modern message exchange systems use virtual machine technology and some service providers use shared infrastructure like Amazon AWS etc. So who built and operates all this infrastructure? If you use a hosted service like AWS/Azure etc, your servers are running on someone else’s infrastructure and in the extreme case the system can be turned off by the infrastructure operator or even the virtual machines could be copied and distributed. You would not even know! I point to the Parler service experience in late 2019/20. I understand up to a few years ago, Signal was operating on AWS, has anyone checked recently?
I like to ask the question; how do you know?
In the case of LamChat, we built the infrastructure and operate every aspect of it, the rack, the physical servers, the security framework around it, the virtualisation stack and the main software systems. We even offer the availability of independent audit of all of this. Governance and openness is also a form of safety and I point to the case of Crypto AG in Switzerland.
While the LamChat or Signal system does not keep a copy of your messages (like Telegram, Protonmail and others) the meta-data is still important and for us as operators, if people trust us with their information, we need to know where it is and control it at all times, so that we can secure it.
There are other systems available that use the TOR network to hide or anonymise your location. I have seen a system where the message exchange systems are or will be operated by people on the internet who want to participate much like the TOR network. It relies on people participating and joining the cause. Not knowing precisely where my messages are going is still something that bothers me. The problem with TOR is I don’t know who is operating the gateways (might even be the people who I want to avoid) to the internet.
Standards based
It’s only recently that a standards based approach to building a messaging system was made possible. LamChat is based on the Matrix/Element standard. These standards define the processes required to implement a messaging systems and the Matrix standard is the only one we found that supports exchange to exchange connectivity.
The key benefit of a standards approach is that more builders of messaging systems can participate and interconnect and collaborate.
If you are not to technical, how do you know the LamChat message exchange system is standards based? A hint is, when you don’t have to use the LamChat client software! For example you can download a plethora of “Element” compatible client packages to use with the LamChat service. The Element client is an ideal choice. By using the LamChat version it means we have created the application and managed its delivery, which may be of comfort to some users.
Future of LamChat
As instant messaging technology develops and becomes more accepted for everyday communications especially within an enterprise we plan to build gateways to other services such as Slack, Microsoft Teams, and Twitter for example. These will be something we will charge for potentially.
Another possibility for commercialisation is to enable digital currency transactions. This capability is already very popular in China with WeChat.
When large enterprises want to use the system we are building an interface for Active directory and radios server connectivity. This is a service that we will likely charge for and will allow an enterprise to control who has a sponsored account with access to relevant groups, communities and rooms.
“I am passionate about helping people protect themselves from dangers of the internet, especially people who are vulnerable which typically means people who are not in the Cybersecurity industry. We built LamChat to offer people a choice to collaborate securely but also a system where people can communicate freely”.
Alan Kepper – Managing Director at Laminar Communications