Discreet Log: Our Fortnightly Development Blog

Discreet Log #21: Coming Soon: Image Previews and Links!

26 Nov 2021

Cwtch Beta 1.5, slated for release in mid-December, includes a number of quality-of-life improvements that users have been asking for. Some are even already available in nightlies, such as the clickable links experiment. This post will give you a small preview of what’s coming and, in Discreet Log tradition, talk about some of the technical choices we made and try to answer questions you might have about the implementation.

Image Previews

Screenshot of a Cwtch conversation with a previewed image message

One of the most-requested features for Cwtch is inline image previews, and we’re excited that it’s about to become a reality! Once it becomes available, this will be an opt-in feature available under the Experiments gate in the global settings menu (although we’re considering allowing you to turn it on per-conversation for trusted contacts).

Built on the back of filesharing in Cwtch 1.3, image previews are keyed by the suggested filename’s extension (and no, we’re not interested in using MIME types or magic numbers) and advertised size. If enabled, the preview system will automatically download shared images to a configured downloads folder and display them as part of the message itself. (Due to limitations on Android, they’ll go to the app’s private storage cache, and give you the option to save them elsewhere later instead.) The file size limit is TBD but will obviously be much lower than the overall filesharing size limit, which is currently 10 gigabytes.

For now, we only support single-image messages, and any image editing/cropping will have to be done in a separate application. As we mention in the filesharing FAQ, image files also frequently contain significant hidden metadata, and you should only share them with people you trust.

Profile Pictures

Screenshot of a Cwtch conversation with custom avatar pictures

Now that we have filesharing and auto-downloaded image previews, the natural next step in the progression is to support custom profile images, allowing you to finally swap away from the default fantasy cartoons we’ve been using up until now.

Custom avatars will require two things: having the Image Previews experiment enabled from the Experiment settings menu, and having the user accepted as a contact in your contact list. Unknown users (e.g., people in a group conversation that you haven’t added) will still display their default fantasy avatar as a placeholder, even with Image Previews enabled. This is similar to how custom names work now, where you only see an onion address associated with messages from unadded contacts.

Custom profile pictures will be subject to the same limitations as image previews.

Screenshot of a Cwtch conversation with clickable links and a dialog asking if a clicked link should be copied or opened directly in a web browser

With huge thanks to a contribution from volunteer Nima Boscarino, Cwtch nightlies now have experimental support for clickable hyperlinks! Users running supported versions can find the setting to enable it under the Experiments gate in the global settings menu.

We were initially hesitant to introduce link parsing into Cwtch for security and privacy reasons, but between the flutter_linkify plugin allowing us to add a custom prompt before links are sent to external applications (or give you the choice of just copying the link instead), and our FuzzBot letting us look for parsing bugs, we’ve decided we’re comfortable enough to make it an opt-in feature. Remember that Cwtch is still in beta, and you should limit the number of Experimental features you enable, especially if you’re using it to have conversations with strangers or other potentially untrusted contacts.

Currently, the “open in browser” function uses the system’s default browser. In the near future, we plan to add a setting for specifying any browser (or other binary) you want, which would enable you to e.g. configure links to go straight to Tor Browser, so you can use Cwtch to send .onion links to your friends more easily. :)

Quality of life

For 1.5, we’ve also spent some time smoothing out the core behaviour of the message pane, which is one of those hard-to-quantify but experience-defining aspects of using any messenger app. We’ve fixed several bugs around autoscrolling and loading to the most-recent position in a conversation, brought back the “new messages” divider-line, and fixed some bugs around message ordering. Sarah has also spent significant time working on our new storage backend, which has already resulted in performance improvements across the board, and will allow us to further improve on conversation history loading times on Android in the near future. More on that in the next edition of Discreet Log!

Thanks to our volunteer translators, Cwtch 1.5 will also be the first version released with a complete Russian translation! We’ll be updating the Acknowledgements pane of Cwtch in the coming weeks to thank our translators for their invaluable contributions to making Cwtch more accessible (on an opt-in basis, naturally). If you’d like to volunteer to help translate, email team@cwtch.im or otherwise contact an Open Privacy team member to get added to our team on Lokalise, or, if you’re up for it, submit a PR on our l10n files.

Cwtch and Open Privacy depend on individual donations from people like you in order to keep bringing steady, free improvements to Cwtch IM and Cwtch infrastucture projects. If you’re able to, please consider donating or becoming a Patron!

Discreet Log #20: Cwtch Servers Experiment

11 Nov 2021

Our 1.4 Release of Cwtch now includes a new experiment: hosting and management of Cwtch Servers inside the Cwtch app.

What are Cwtch Servers and What are They For?

Traditionally messengers have solved offline delivery with centralized servers which, as a side effect, must collect metadata to operate. In a step towards decentralization some federated services like Mastodon or Matrix, do technically allow anyone to run their own server, but the setup is usually a barrier to everyone doing it, and still results in metadata collection by the service operator.

Directly messaging a contact in Cwtch is done peer to peer over Tor v3 onion servers. This is optimal as there are no intermediary services used. However, this comes with a major constraint: both parties must be online. If we want offline message delivery, we need some form of shared infrastructure to support it.

Cwtch servers are designed to be untrusted. Which means that don’t learn anything about the messages they are hosing or the profiles or groups those messages are associated with.

Cwtch servers can be hosted privately, for efficient, small group communication, or shared publicly to allow people without the resources access to private, shared, infrastructure.


Organizational Blog

3 Years of Open Privacy

11 Feb 2021

Three years ago, on February 11th 2018, we officially incorporated the Open Privacy Research Society. At that point in time I don’t think any of us had any idea how the following years would go.

2020 was difficult and challenging. The work outlined here is a fraction of what we had hoped to achieve. 2020 impacted our projects, our priorities, and our lives. That said, I think it represents some of the most important work we have done so far, and I am excited to push it as far as we can in 2021.

This work couldn’t exist without an active and amazing base of supporters, like you, who enable our mission - researching and developing privacy enhancing technologies focused on those people and communities that need them most.

To celebrate our 3rd year anniversary I would like to invite you to review some of the amazing work that you helped support in 2020 - and once again ask for your help and support to help us continue our mission in 2021.

Release: Lockbox encrypted web forms

14 Apr 2020

Today we are releasing the first cut of Lockbox, an application for creating simple encrypted web forms!