Jump to content

Session (software)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Anoopspeaks (talk | contribs) at 04:26, 7 December 2023 (top). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Session
Developer(s)The Oxen Project
Initial releaseFebruary 2020; 4 years ago (2020-02)
Repositorygithub.com/oxen-io/session-android/
Operating system
TypeInstant messaging
License BSD-3-Clause
MIT
GPL-3.0
Websitegetsession.org

Session is a cross-platform end-to-end encrypted instant messaging application emphasizing user confidentiality and anonymity. Developed by The Oxen Project under the non-profit Oxen Privacy Tech Foundation, it employs a blockchain-based decentralized network for transmission. Users can send one-to-one and group messages, including various media types such as files, voice notes, images, and videos.[1]

Session provides applications for various platforms, such as macOS, Windows, and Linux, along with mobile clients available on both iOS and Android.

Features

Session does not require a telephone number or email address for account creation. Instead, it utilizes a randomly generated 66-digit alphanumeric number for user identification. Communication between users, including messages, voice clips, photos, and files, is end-to-end encrypted using the Session protocol. Session uses the Loki blockchain network for transmissions. In 2021, an independent review by the third-party Quarkslab verified these claims.[2][3][4][5]

Development

Session started as a fork of another messenger, Signal, aiming to build upon its foundation. However, concerns about the centralized structure of Signal Protocol and potential metadata collection led the team to deviate and create their own protocol, called "Session Protocol". This approach prioritized increased anonymity and decentralization. During development, the team encountered various challenges, leading to the necessity of abandoning or modifying many features.[4][6]

Limitations

Session lacks support for two-factor authentication, and its underlying protocols are still in a developmental phase. Following the migration from the Signal Protocol to its internally developed protocol, Perfect Forward Secrecy and deniable authentication were not implemented.[7]

References

  1. ^ Bhattacharjee, Shomik Sen (October 8, 2021). "Session Is a Blockchain-Based Private Messenger That Uses Decentralised Server Nodes To Ensure Anonymity". Gadgets 360. Retrieved June 18, 2023.
  2. ^ Ankush, Das (February 10, 2022). "8 Reasons to Try Session as a Private Messaging App". MakeUseOf. Retrieved December 8, 2022.
  3. ^ "New WhatsApp Alternative "Session" Works Without Your Phone Number". Fossbytes. March 9, 2020. Archived from the original on May 31, 2023. Retrieved July 31, 2023.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
  4. ^ a b "Session Messenger Review – Best Secure Messaging App?". RestorePrivacy. Retrieved October 11, 2021.
  5. ^ Oxen Session Audit Technical Report (PDF). Quarkslab SAS. 2021.
  6. ^ Florence, Eric (January 6, 2022). "Session Messenger Review". SecurityTech. Retrieved August 3, 2023.
  7. ^ "The Session Protocol: What's changing — and why - Session Private Messenger". Session. December 16, 2020. Retrieved August 10, 2023.