The National Security Agency has some of the brightest minds working on its sophisticated surveillance programs, including its metadata collection efforts. But a new chat program designed by a middle-school dropout in his spare time may turn out to be one of the best solutions to thwart those efforts.
Prompted by Edward Snowden’s revelations about the government’s intrusive surveillance activities, loosely knit citizen militias of technologists and security professionals have cropped up around the world to develop systems to protect us from government agencies out to identify us online and grab our communications.
John Brooks is now among them.
Brooks, who is just 22 and a self-taught coder who dropped out of school at 13, was always concerned about privacy and civil liberties. Four years ago he began work on a program for encrypted instant messaging that uses Tor hidden services for the protected transmission of communications. The program, which he dubbed Ricochet, began as a hobby. But by the time he finished, he had a full-fledged desktop client that was easy to use, offered anonymity and encryption, and even resolved the issue of metadata — the “to” and “from” headers and IP addresses spy agencies use to identify and track communications — long before the public was aware that the NSA was routinely collecting metadata in bulk for its spy programs. The only problem Brooks had with the program was that few people were interested in using it. Although he’d made Ricochet’s code open source, Brooks never had it formally audited for security and did nothing to promote it, so few people even knew about it.
How Ricochet Works
To build Ricochet, Brooks patterned his program on something that already existed — TorChat, a peer-to-peer instant messaging program released in 2007 that used Tor hidden services to transmit communications. TorChat had a number of implementation problems when it came out, however, and has largely been abandoned by users and its developers. Brooks vastly improved the concept.
Ricochet doesn’t communicate with central servers like Wickr and doesn’t allow direct connections like Tox. Instead, each desktop client operates as a Tor hidden service and uses the Tor network to transmit encrypted and anonymous communication. The client generates a random 16-character public key or ID to authenticate the user and establish the channel for secure communication in a simple way that doesn’t require users to install Tor separately. Generating the public key occurs with a single click, and the key is stored on the user’s machine, or on a USB drive so a user can communicate with Ricochet from different machines.
“It is idiot-proof and anonymous,” says Gray.
When someone wants to communicate with another Ricochet user, their client reaches out through the Tor network to arrange a rendezvous point. The client first connects anonymously via three hops to a Tor relay, which doesn’t know where the connection originated. That relay looks up the other person’s Ricochet client ID — published by the person in their Twitter profile or email signature — and obtains a list of other Tor relays that can be used to reach out to the other party’s Ricochet client — a list that changes every 24 hours. When the message reaches the other Ricochet client indicating a neutral relay for the rendezvous, the two clients meet there to exchange communication. But at any time, there are at least six relays between the two users, three on each side.
“At no point do you ever contact anyone directly,” Brooks says. “There is no way you could find my IP address or anything about who I am or where I am. [A]nd the rendezvous point in the middle can’t find out anything about either of us.”