From 6815c884837c8f8679085af7e7f7aaa1f2ff5929 Mon Sep 17 00:00:00 2001
From: anarsec <anarsec@riseup.net>
Date: Tue, 3 Oct 2023 21:54:55 +0000
Subject: [PATCH] cwtch stable

---
 content/_index.md           | 2 +-
 content/contact/_index.md   | 4 ----
 content/posts/e2ee/index.md | 8 ++++++--
 content/series/_index.md    | 8 +++++---
 4 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/content/_index.md b/content/_index.md
index 60f6abe..baebd15 100644
--- a/content/_index.md
+++ b/content/_index.md
@@ -6,4 +6,4 @@ paginate_by = 10
 * You need to write anonymous responsibility claims or do action research? â†’ [**Tails for Anarchists**](/posts/tails) and [**Tails Best Practices**](/posts/tails-best)
 * You need to manage a large number of digital identities on a daily basis? â†’ [**Qubes OS for Anarchists**](/posts/qubes)
 * You want to protect your digital devices from covert house visits by law enforcement? â†’ [**Make Your Electronics Tamper-Evident**](/posts/tamper)
-* See the [**series of guides**](/series) for an overview.  
+* All other guides are listed [**here**](/series). 
diff --git a/content/contact/_index.md b/content/contact/_index.md
index e3c3e19..c315142 100644
--- a/content/contact/_index.md
+++ b/content/contact/_index.md
@@ -12,10 +12,6 @@ paginate_by = 5
 
 [What is Cwtch?](/posts/e2ee/#cwtch)
 
-**Matrix**: @anarsec:riot.anarchyplanet.org 
-
-[What is Matrix?](/posts/e2ee/#element-matrix)
-
 **Email**: anarsec (at) riseup (dot) net 
 
 [PGP key](/anarsec.asc) 
diff --git a/content/posts/e2ee/index.md b/content/posts/e2ee/index.md
index b2e7249..1998a16 100644
--- a/content/posts/e2ee/index.md
+++ b/content/posts/e2ee/index.md
@@ -39,7 +39,7 @@ The following options for encrypted messaging are listed from most metadata prot
 * **Peer-to-peer**: Yes
 * **Tor**: Yes
 
-Cwtch is our preference, by a long shot. It is currently transitioning from [beta to stable versions](https://docs.cwtch.im/blog/cwtch-stable-roadmap-update-june). For an overview of how Cwtch works, watch the video above. The [Cwtch Handbook](https://docs.cwtch.im/) will tell you everything you need to know to use it. Cwtch is designed with metadata protection in mind; it is peer-to-peer, uses the Tor network as a shield, and stores everything locally on the device, encrypted.
+Cwtch is our preference, by a long shot. For an overview of how Cwtch works, watch the video below. The [Cwtch Handbook](https://docs.cwtch.im/) will tell you everything you need to know to use it. Cwtch is designed with metadata protection in mind; it is peer-to-peer, uses the Tor network, and stores everything locally on the device, encrypted.
 
 <br>
 
@@ -55,10 +55,14 @@ Like all peer-to-peer communication, Cwtch requires *[synchronous](/glossary/#sy
 
 >"Cwtch contact to contact chat is fully peer to peer, which means if one peer is offline, you cannot chat, and there is no mechanism for multiple people to chat. To support group chat (and offline delivery) we have created untrusted Cwtch [servers](https://docs.cwtch.im/security/components/cwtch/server) which can host messages for a group. [...] the server has no way to know what messages for what groups it might be holding, or who is accessing it."
 
-Any Cwtch user can turn the app on their phone or computer into an untrusted server to host a group chat, though this is best for temporary needs like an event or short-term coordination, as the device must remain powered on for it to work. Once the server exists, contacts can be invited to use it. You can create a group chat with only two people, allowing for asynchronous direct messaging. If an adversary gets access to a server running on your own device in addition to an invitation to join the server, they can deanonymize you. Fortunately, both Systemli and [Anarchy Planet](https://anarchyplanet.org/chat.html#cwtch) run public servers that are suitable for long-term groups and can't be used to deanonymize you. 
+Once the server exists, contacts can be invited to use it. For asynchronous direct messaging, create a group chat with only two people. 
+
+Any Cwtch user can turn the app on their phone or computer into an untrusted server to host a group chat, though this is best for temporary needs like an event or short-term coordination, as the device must remain powered on for it to work. If an adversary gets access to a server running on your own device in addition to an invitation to join the server, they can deanonymize you. Fortunately, both Systemli and [Anarchy Planet](https://anarchyplanet.org/chat.html#cwtch) run public servers that are suitable for long-term groups and can't be used to deanonymize you. 
 
 Asynchronous conversations on Cwtch need to be started from a synchronous conversation - you need to be online at the same time as your contact to invite them to a group, and then you no longer need to be online at the same time. In the future, Cwtch plans to improve this with [hybrid groups](https://git.openprivacy.ca/cwtch.im/cwtch-ui/wiki/One-Pager:-Managed-Groups-%28-A-Roadmap-towards-Hybrid-Groups%29). Until hybrid groups are implemented, you will need to establish your asynchronous Cwtch conversations by using a second channel to set a time for when you both need be online. 
 
+For public-facing projects, we recommend using the "Appear Offline Mode" in order to mitigate [targeted correlation attacks](https://git.openprivacy.ca/cwtch.im/cwtch-ui/issues/712) - this allows you to only connect to servers without connecting to peers. This way, an adversary cannot control the timing of network traffic arriving at your client. However, hybrid groups must be implemented before this will work, so for now, we don't yet recommend Cwtch for public-facing projects.   
+
 >**Note**
 >
 >[**Briar**](https://briarproject.org) is another application that works in a similar way (with peer-to-peer and Tor), using the [Bramble Transport Protocol](https://code.briarproject.org/briar/briar/-/wikis/A-Quick-Overview-of-the-Protocol-Stack) (BTP). Briar's main distinguishing feature is that it continues to work [even when the underlying network infrastructure is down](https://briarproject.org/how-it-works/). It was [audited in 2017](https://code.briarproject.org/briar/briar/-/wikis/FAQ#has-briar-been-independently-audited). Unfortunately, Briar Desktop does not yet work with Tails or Qubes-Whonix because it cannot [use the system Tor](https://code.briarproject.org/briar/briar/-/issues/2095). Unlike Cwtch, to connect to a contact on Briar, you both have to add each other first. You can either exchange `briar://` links or scan a contactâ€™s QR code if they are nearby. [Briar Mailbox](https://briarproject.org/download-briar-mailbox/) allows asynchronous communication. 
diff --git a/content/series/_index.md b/content/series/_index.md
index bb34d8c..74f4f0a 100644
--- a/content/series/_index.md
+++ b/content/series/_index.md
@@ -19,10 +19,12 @@ paginate_by = 5
 * [Why Anarchists Shouldn't Have Phones](/posts/nophones/)
 * [GrapheneOS for Anarchists](/posts/grapheneos/)
 
-#### Tails and Qubes OS
+#### General 
 * [Linux Essentials: The Basics Needed to Use Tails or Qubes](/posts/linux/)
 * [Removing Identifying Metadata From Files](/posts/metadata/)
-
-#### Tails, Qubes OS, and GrapheneOS 
 * [Encrypted Messaging for Anarchists](/posts/e2ee/)
 * [Making Your Electronics Tamper-Evident](/posts/tamper/)
+
+# Offensive
+
+*Coming soon*
-- 
GitLab