The beta version of the web client of threema.
The makers of the Swiss crypto Messengers threema currently testing its web client. The version for Android users heise online was able to try out short.
After competitors such as signal and WhatsApp Messenger also threema soon have a web client. Early 2017 it will "threema Web" first unlock for users of the Android app, the Swiss start-up to heise online announced. Users of iOS and Windows Mobile are to come later to the course.
Currently, the Web client is tested in a closed beta program. heise online was able to try it: To connect smartphone and PC, the user scans the threema app a displayed in the desktop browser QR code. This is just as quick and intuitive as WhatsApp. In the test a few seconds stood the connection after scanning.
With the web client you can not only comfortable chatting with the keyboard, but also files by dragging & Drop ship. A set Emojis is also available. According threema the web client runs "in any modern desktop browser on Windows, Linux, Mac OS, etc ...",
When trying out Chrome and Firefox almost all messages are delivered immediately or after a few seconds. Full holperfrei the beta version is not running as expected. Sometimes uploading images or failed messages were somewhat longer go.
End-to-end encryption between the Web client and App
As with the WhatsApp smartphone apps the users exchange remains from the news. They are the end points of the central end-to-end encryption of the communication between threema users. The Web client is only "Rear drangehängt"So, gets its news quasi second-hand from the smartphone app of the user.
Threema relies on WebRTC, a protocol developed specifically for real-time chats. On its own channel encryption threema sets as described in a white paper an end-to-end encryption of the well-reputed crypto library NaCl and based on it SaltyRTC.
Since Web client and app often not in the same network, the connection is made via external Signaling Server - also end-to-end encrypted. The actual data transport is to take place if at all possible via a direct connection between the Web client and app.
WebRTC uses this hole-punching techniques from STUN and TURN to drill holes in firewalls. Doomed to failure, a relay server is used, which, however, can read due to the E2E encryption data. the PC and smart phone on the same network, the data packets according to this threema not leave.Picture 1 of 4
Beta version of the Web client of threema (4 photos)In the next version of threema app for Android, the Web client appears in the menu.
Source code of the Web client is released
The necessary basis of secrecy is the exchange of keys between web app and smartphone app. This is done by scanning the QR code that displays the web app.
Threema gave a lot of effort to extend the promise already given by the smartphone app in terms of privacy and confidentiality on the Web client. You have it designed a consistent approach to end-to-end encryption. How well this is implemented and whether it is successful in practice, it will turn out after the start. The source code of threema Web threema want to completely release.(Jürgen Schmidt, Christian Wölbert) /(CWO)