Briar: Peer to Peer Encrypted Messaging

Original Article ↗ Hacker News Discussion ↗

Platform support and iOS constraints

  • Many notice Briar is Android-only and question lack of iOS and recent public updates.
  • Several argue Android focus is rational given limited resources and Briar’s target audience.
  • Technical explanations: iOS aggressively kills background apps and forbids the kind of persistent background networking Briar and Tor need; also no JIT for JVM-based code and no process forking for a separate Tor process.
  • Some note that a few iOS apps can run in the background via specific APIs (audio, location), but this is seen as a narrow carve‑out, not a general solution for Briar‑style messaging.

Security model and cryptography

  • Users like Briar’s strong threat model, Tor integration, and metadata minimization; it’s described as “insanely privacy focused.”
  • There are questions whether Briar uses a double ratchet; docs claim forward secrecy but don’t clearly mention ratcheting.
  • A side thread debates PGP vs modern protocols: critics call PGP outdated for messaging (no default forward secrecy), recommending Signal‑style ratchets instead; others highlight ongoing work to add forward secrecy to PGP.
  • One commenter critiques reliance on “standard cryptographic primitives” and suggests nonstandard schemes; others push back, emphasizing public scrutiny and competitions over “homebrew” crypto.

P2P, mesh, and offline communication

  • Briar’s ability to sync over Bluetooth, Wi‑Fi, and even SD cards is widely praised, especially for censorship, disasters, or no‑internet scenarios.
  • Real‑world stories: it worked well as Bluetooth chat on a plane for some, poorly for others.
  • Clarification: despite marketing language, Briar today is not a full mesh network; phones relay only within limited topologies, partly due to OS changes and DoS/metadata concerns.
  • There’s an extended debate about whether large‑scale, relay‑based mesh over short‑range links can practically scale without flooding or routing problems.

Alternatives and ecosystem comparisons

  • Comparisons include DeltaChat, Signal, Session, SimpleX, Ricochet, Cwtch, Secure Scuttlebutt, Firechat, Meshtastic, and Reticulum.
  • DeltaChat and Session get praise for usability and multi‑platform support, but are critiqued for PGP‑style crypto or lack of forward secrecy.
  • Meshtastic and Reticulum are cited as more “network‑layer” approaches (LoRa, radio, multi‑interface overlay); some find Reticulum especially promising but worry it’s mostly a one‑person Python project.
  • Android’s openness (F‑Droid, de‑Googled ROMs, sideloading) is viewed as aligning better with this ecosystem; iOS is seen as a hard wall for truly decentralized tools, though network effects of iOS still hurt adoption.

Usability, adoption, and missing features

  • Adoption is perceived as low, limiting any P2P/mesh benefits; many peers simply don’t run Briar.
  • Pain points: no multi‑device account, limited “one‑to‑many” broadcast features, forum UX (no edit/delete, weak threading), and QR‑only pairing.
  • Others praise Briar’s simplicity and offline app‑sharing feature (Wi‑Fi hotspot / local APK) as a strong preparedness tool if installed in advance.

Legal and trust discussions

  • Some worry about funding links (e.g., Open Technology Fund / US‑state‑related bodies), while others note many respected privacy projects share similar funding.
  • On legality, commenters generally believe strong end‑to‑end crypto and P2P messaging remain legal in most “Western” jurisdictions, though vendors may face cooperation orders and, in the UK, compelled key disclosure.