I am the original author of ChatSecure [1], the only free and open source OTR client for iOS devices. We also released an Objective-C wrapper around libotr called OTRKit [2] to help other developers integrate their apps with the OTR protocol. Gibberbot [3] is the equivalent program for Android devices, both of which are currently supported by The Guardian Project.
OTRv3 [1] has been designed to somewhat help the problem of differing instances and has been available since libotr 4.0.0, but in practice I haven't found a good way to solve the UI/UX problem in a user friendly way. The latest beta builds of Gibberbot support the transfer of private keys from desktop to mobile, but I haven't tested it, or how well it works to transfer a conversation from one device to another.
mpOTR [2][3] is designed to solve a different problem, and I believe development has been stalled because the current design doesn't allow chatrooms to scale to large numbers of people.
You could theoretically clone the source, check out the release tag, compile it, and then compare the checksum of the binary of the .app file, but I'm not sure if that would even generate the same exact file or not. You might also need a jailbroken device to decrypt and extract the App Store binary.
If you really want super paranoid level security, communicating digitally is probably not your best bet anyway.
Here's the SHA1 checksum of the compiled binary from the latest release (2.0):
Considering the fact that Apple is in the NSA wiretapping program and involved in secret tracking [1], don't you think it's unfair to call someone who's asking a way to verify if Apple isn't messing with the code "super paranoid"?
Though it's a lot easier to compel Apple to silently push a wiretap update to a handset than to have, several months/year ago, engineered a secret backdoor into a chipset...
You've gotta draw the line somewhere (unless you're rms). I would venture to say an open source OS and applications on worldwide-deployed hardware in the hundreds of millions count is probably safe enough for my purposes.
Why don't you charge for your iOS app? Is it because you expect that somebody would recompile the sources and charge less? You still have to worry about fraudsters.
ChatSecure will always remain free of charge to ensure that everyone in the world has unrestricted access to privacy technology. The project is mostly funded by very generous grants, so there is no need to "monetize" the project.
The amount of money we could make by selling the app directly to users wouldn't even begin to support the actual cost of producing and supporting the software.
I know it's not necessarily an accurate selling value of the application, but you could just charge $.99. That would probably head off a lot of the recompilers by making it not-so-worth-it. You never know, though. People will try anything.
Thank you for writing this. Do you have a bitcoin donation address with which we can compensate you for your time and service?
I still don't trust it, as the binaries come via the App Store (and without paying another $100 I can't build/install them myself), but it's good that someone's taken the first steps.
I don't want that kind of control, I just want to be able to install software of my choosing. All of the rest of "that kind of control" is time-wasting folly.
This is a nice technology, but if it is really supposed to protect you from a serious thread, you first need to define, who your adversary is and how strong are his capabilities.
For example, if your adversary is some big national agency, you are chatting this way, but both of you don't anonymize yourselves properly, you could just raise suspicion [since most people don't chat encrypted] and more surveillance can be deployed against you.
To sum it up, the technology is good, but if it should be used for more than an exercise, it must be combined with other protection.
"Hiding anomalous activity is hard, but vitally important. The problem with many security systems based purely on secrecy is that their usage is itself anomalous. It singles out and attracts attention to the users. If the adversary doesn’t know who those users are initially, they can cross correlate real world data with the suspicious activity and narrow their focus to real people."
Make sure you actually authenticate the key fingerprints.
Note, doing this over video chat (if you know what the other person looks like and sounds like) with a fresh key pair is a decent way.*
* Assuming you believe no one has the resources to impersonate your chat partner in near real time.
Personally i find all OTR 'apps' inconvenient.
Keys always change. Clients aren't compatible across platforms.
You end up just clicking "ok" all the time to untrusted conversations because else you just can't talk to the other party.
I like gpg based chats better for that reason, people tend to keep the same key.. it works more or less everywhere (except phones somehow) AND.. if you trust their keys you don't have anything to do it just works, regardless of being IM, email, or whatever else. One trust db. Not 100.
GPG for chat (at least XEP-0027) is much, much less secure than OTR. You have no authentication of received messages, no defense against replay attacks or dropped messages, no perfect forward secrecy. In my opinion, support for it should be removed because it endangers people who think it is secure.
I would like to see an automatic way to use GPG to sign OTR keys, though. You can create a message "My OTR fingerprint is abcdef..." and sign that, but it would be nice if clients did that automatically. Or maybe even use the GPG key itself instead of the OTR key...
I publish my OTR public key fingerprint on the front page of my website, which is it's self signed using my private PGP key. On that same page, I provide links to DDG searches of my fingerprints so people can see the multitude of places that it has been indexed. It gets indexed in a lot of places because I am active on several public mailing lists and the fingerprint is included in the signature of all my emails. All of my emails are signed using the same PGP key as the front page of my website.
A tip for anyone using this as a plugin for Pidgin: generating the keys usually takes a lot of processing power, and needs to be done once per account in Pidgin. The generating process triggers the first time you start messaging someone that also uses OTR with that account, which is often an inconvenient time (as you don't always know they use OTR beforehand). You can trigger the key-generation for an account via the plugin preferences of OTR, that way you can get that part done while you're not chatting.
Have you tried recently? libotr version 4.0 (released last year) added handling of this very issue. Both parties need to be running >=4.0, but it shouldn't break down horribly in this scenario.
1. https://github.com/chrisballinger/Off-the-Record-iOS
2. https://github.com/ChatSecure/OTRKit
3. https://github.com/guardianproject/Gibberbot