Published: 2015-06-28 15:59:47 by Daniele Ricci

You waited for it and finally here we are: version 3.0 is out.

On 2015-06-14, Kontalk 3.0 hit the Play Store (F-Droid a few days later). There are still a few rough edges, most of them fixed in today's new release 3.0.1, but XMPP is finally there.
I've decided to release maintenance releases every 15-20 days (at least I will try) and I'm already working at group chat which will be coming in version 3.1. I've set its milestone to August, 2nd, but I really doubt I'll make it for that exact date (maybe an alpha version).

In the meantime, Kontalk is now translated into 13 languages (!!!) and the Play Store listing have been translated into 7 languages. I want to thank all the translators — which have been properly credited of course in the new credits section of the app — for the hard work they are doing of improving our favourite app!

A nice news is our wiki, hosted at GitHub and reachable also from within the app by using the Help item in Kontalk settings. Many pages were born in the last week and, with the help of the translators, most of them are already translated into Italian, Dutch and German. Since it's a wiki, anyone can contribute to them. You are welcome to create a GitHub account and improve or fix any page.

The desktop client is also doing great lately: much has improved in the last two months and more is coming. You now have two ways of using Kontalk on your PC. If you have Linux, you can try our Pidgin plugin for limited functionality. Our official desktop client instead supports pretty much all the features of Kontalk.

Last but not least, our donors: their continued efforts and donations keep the Kontalk project running and shining. Thank you!!

Published: 2014-08-31 17:41:04 by Daniele Ricci
WARNING! Version 3.0 is not compatible with version 2.x, meaning that users from both versions will not be able to chat with each other. However, the upgrade from 2.2.9 to 3.0 will keep your messages intact.

You've been waiting for it for a very long time, here we are at last, announcing the first beta release of Kontalk 3.0. There was a lot of work behind this release and I hope it will work well enough and meet your expectations.

For people coming from the 2.x series, there is a lot of new stuff in this version:

  • new XMPP protocol
  • full PGP asymmetric encryption
  • invitation system and blocking users
  • media encryption
  • new full set of emojis by Emojicon

A complete changelog is available on the GitHub release page here (although this changelog is from version alpha7):

This new release is already available on Google Play beta channel and will be available on F-Droid very soon. F-Droid users will need no special action, however Google Play users are required to either join the Kontalk Android client community1 on Google+ or subscribe to the kontalk-devel2 or kontalk-users3 groups. Once you've done that, go to this page:

And click become a tester. Wait a few hours and you'll have the update straight on Google Play.

Published: 2014-05-16 12:50:10 by Daniele Ricci

Many users have been wondering about security in Kontalk. In this post I'll consider the security concerns I faced and I'm still facing during the development of Kontalk.

Phone numbers

The biggest security implication is phone numbers. Hiding phone numbers to server administrators and to other users is very difficult since they are used as mean of identification. Kontalk uses hashes of the phone numbers in the user ID (something like, which is the SHA-1 hash of +15555245554).
Using decent hardware, by knowing just the country code, you can calculate all of the hash space and find the original value in a relatively short time. It's an easy task to carry out, but you'll have to spend time on that, meaning you have a target.
The hard part comes when the Kontalk devteam is not involved in server administration: despite we have very strong values and we do not give our data to others (of course we are tied to jurisdiction), other server administrators might. That's why we decided to create some sort of democratic network with an internal voting system, used to allow new servers and ban rogue ones. This system is not yet in place (we are still in alpha), but it will be ready at the right time. Further details will follow soon.

SMS provider

Another concern for phone numbers is using a 3rd party SMS provider to verify the numbers. In our case, Nexmo.
Of course it's a company and they have their privacy policy, but the problem is a Kontalk server must know the real phone number to send the verification SMS in the first place, meaning our Nexmo account has a record of all phone numbers that have registered or have tried to register to Kontalk. We really can't do nothing about it. Although we access Nexmo logs only when a user has a problem during registration, in fact we do have the phone numbers of all of our users.

Encryption: end-to-end without OTR

Encryption is another very important security concern. The older 2.2 versions had a weak encryption method which is being replaced by OpenPGP encryption in version 3.0. This new method will do a simple public key encryption using OpenPGP standards. More features such as perfect forward secrecy and deniable encryption will be addressed with a future version having an OTR-like approach.

Trusting server administrators

Last but not least, there is a concern about server administrators. Kontalk is designed to be a community network, meaning that volounteers can rent servers and make them available as Kontalk nodes. Those nodes will have access to all presence data and (unencrypted) messages passing through the server.
A server can prevent login attempts from users registered from another server though: it checks if the server public key is signed by the server that is authenticating the user in that moment. This is the way a server shows "trust" in one another. If anything happens, a revocation of the signature and that server is no longer trusted.
Anyway this doesn't prevent a rogue server from creating forged identities or fake accounts. There are mechanisms to protect users against that, but only when such abuses are discovered — that's because if an abuse is sporadic, it's hard to uncover it.

Still, there's no formal agreement between servers. They all count on mutual trust and spoken deals. This matter will be addressed when Kontalk will grow enough to justify the creation of a nonprofit organization, with an organized team and a more defined path to follow.

Published: 2014-04-01 09:37:36 by Daniele Ricci

This is an April Fools' Day prank.

Since I've started developing Kontalk, I imagined it like this: every user will be able to communicate for free, with the same users helping themselves to maintain the network and keep it active.
It was — and it still is — a very ambitious project, but I thought that by believing in it I would be successful. That's the key, I'd say to myself: believe.

However, I no longer can keep up with it. We became analyzing our users messages through some automated tools we wrote and we discovered some bad things.

Most users are blasphemous and evil. The others just keep talking about very bad jokes or very badly planned pranks. Desperate housewives adultering on their neighbours. Nerds that just keep watching Star Wars over and over. And much, much more. I will not go into further details because some people might be affected by such horrible things.

I can't keep up with it. I can't see people wasting their lives because of Kontalk. Therefore, I decided to shutdown all the servers and unpublish the app from Google Play effective tomorrow April, 2nd at 12:00 UTC.
I want to thank all people who believed in Kontalk as much as I did. Thank you guys, I'll never forget it.

Published: 2014-02-26 18:41:50 by Daniele Ricci

WARNING this post is outdated. Please refer to this page.

It's been some weeks since I've been able to use Kontalk XMPP from my notebook, using a custom Python script to remedy for the lack of client certificate authentication in Pidgin. The code was very ugly (it still is) and had hard-coded values.
So I decided to fix it a bit and release it in the public domain. You can find the script in the xmppserver repository (download link). You'll need Twisted to run it.

user@host:~/kontalk/xmppserver/test$ ./ -h
usage: [-h] [-d] [-p PORT] --domain DOMAIN -c CERTIFICATE -k

An XMPP bridge for clients not supporting SSL client certificate

positional arguments:
  address               forward connections to this host (host:port)

optional arguments:
  -h, --help            show this help message and exit
  -d, --debug           enable debug output
  -p PORT, --port PORT  listen for local connections on this port (default:
  --domain DOMAIN       use this domain for stream initialization
                        X.509 certificate file
  -k PRIVATEKEY, --privatekey PRIVATEKEY
                        X.509 private key file is basically a tunnel that masks the STARTTLS process by doing its own SSL handshake using a provided client certificate and private key.

The first thing you have to do is to export the client certificate and private key from your device. Of course you have to register to Kontalk first if you haven't done it yet. Open Kontalk, press menu > Settings > Export personal key. This will create four files on your SD card:

  • kontalk-login.crt
  • kontalk-login.key
  • kontalk-private.pgp
  • kontalk-public.pgp

Transfer the two highlighted files to your computer. Then you'll need to convert them to an appropriate format using the following commands:

openssl x509 -inform der -outform pem -in kontalk-login.crt -out kontalk-login.pem
openssl rsa -inform der -outform pem -in kontalk-login.key -out kontalk-login.rsa

Your certificate and private key are ready for use!

Start the SSL bridge script:

./ -p 5224 --domain -c kontalk-login.pem -k kontalk-login.rsa

This will start to listen on port 5224 which will be forwarded to after STARTTLS have been negotiated.

Now it's time to configure your favourite XMPP client. We will take Pidgin as an example but the configuration is pretty much the same.
Create a new XMPP account using these parameters:

  • username: dummy (doesn't matter actually)
  • domain:
  • password: dummy (doesn't matter)
  • check Remember password
  • connection security: Use encryption if available
  • check Allow plaintext auth over unencrypted streams
  • connect port: 5224
  • connect server: localhost

And there you go!!! Connect your account and you will see buddies with strange codes. Those are your buddies hashed phone numbers. You'll have to recognize each one by talking to them, sorry. You can then rename your buddies accordingly, Pidgin will keep track of the names.

Please note that encrypted messages are not supported by Pidgin and you'll have to tell your buddies to disable encryption when they talk to you (you won't receive anything otherwise).
Also delivery confirmations are not supported, so your buddy will not see his/her messages confirmed. The only way to confirm them is to open Kontalk from Android. You will receive all the unconfirmed messages again and the app will confirm them.

The SSL bridge script is still not perfect, if you have any problem please report them to the Kontalk issue tracker.