speek-app / speek Goto Github PK

All is in the title.
I'm using : Speek.Chat-1.6.0-x86_64.AppImage (on Ubuntu 20.04 64bits)

Doesn't work at all.
The console output:
Gtk-Message: 15:44:59.634: Failed to load module "appmenu-gtk-module"
QIODevice::read (QFile, "/home/xxx/.config/speek/tor/torrc"): device not open
qrc:/ui/MainWindow.qml:47:9: Unable to assign [undefined] to bool
qrc:/ui/MainWindow.qml:47:9: Unable to assign [undefined] to bool
qrc:/ui/main.qml:182: TypeError: Cannot read property 'themeColor' of null
qrc:/ui/main.qml:195: TypeError: Cannot read property 'themeColor' of null
qrc:/ui/main.qml:191: TypeError: Cannot read property 'themeColor' of null
qrc:/ui/main.qml:192: TypeError: Cannot read property 'themeColor' of null
qrc:/ui/main.qml:183: TypeError: Cannot read property 'themeColor' of null

At the second lauch it display only :
Gtk-Message: 15:58:35.040: Failed to load module "appmenu-gtk-module"
qrc:/ui/MainWindow.qml:47:9: Unable to assign [undefined] to bool

Same behaviour with Windows version.

What cat be done ?

Thank's

Pretty cool website but I just have a small nitpick.
Telegram's apps are all open source. Currently, the website makes it look as if Speek is claiming telegram is fully closed source like WhatsApp. Would be better to at least add an asterisk and just write that Telegram server is not open source but the apps are.

Speek says it have p2p file sharing feature. While transferring files I feel like the speed is too slow. I want to understand how files are shared. Are they really p2p or the file will be transferred over the tor network.

Hi,

After a fresh install, I just get an empty windows when launching. No buttons, menus, nothing ?

)
I cant' get how to use this. I'm on Windows7

Thanks for help

As this is an opensource & privacy focused messenger, would you consider putting this app on F-Droid for FOSS users please?

Tor is banned in my country so I need to use bridges. When app starts it gives me opportunity to set bridges using "Advanced network configuration". But when i tried to enter the bridge (in this format: obfs4 207.148.108.221:443 7259F29EC35E385B25D1DD56A3B39B76BBE63940 cert=aMu33DOPGFQsjgLZ7JtKB6Eysn9kaN4ubcWbi2zsO+rAORC1eKDrDiGqXqkJD8ZLgY25QA iat-mode=0) app just said "This behavior is NOT supported!" and then stopped.

I have now tried the speek chat by downloading speek version 1.6.0 directly from github,but as you see on that photo,speek doesn't show anything at all,as in nothing at all. Only thing it says is that Im logged in. So I tried to download Speek again,but this time from Microsoft Store,but even then I still get the same. You need to fix that,otherwise its useless to use it. I cant use the pre-release of speek version 1.6.1 or 1.7.0,because there is none for Windows 11 64bit.

I'm using Windows 11 Home 64bit

• Note: The speek you see is of version 1.6.0

The application will not even start in Fedora 36, I tried to start it from the terminal and got the following.

❯ ./Speek.Chat-1.7.0-x86_64.AppImage 
Warning: Ignoring XDG_SESSION_TYPE=wayland on Gnome. Use QT_QPA_PLATFORM=wayland to run on Wayland anyway.

(speek:6518): GLib-GIO-ERROR **: 14:26:46.077: Settings schema 'org.gnome.settings-daemon.plugins.xsettings' does not contain a key named 'antialiasing'
Trace/breakpoint trap (core dumped)

Hello,

in the Linux version (I don't know about the other versions) it would be really helpful if Speek could use the current directory where the app is launched from to create, read and write the config files, instead of the ~/.config/speek directory. Alternatively, it could provide a command line switch to specify the directory where configuration should be created in and read from. This would make it a portable app that could, for example, be managed completely from an external encrypted drive.

Thanks for the great work!

Having quite a few issues with getting Speek running on my TAILS setup. The mobile app works flawlessly from my rather minimal testing thus far but no complaints.

However getting it working on TAILS has been a nightmare. I installed heaps of the GUI dependency packages (on my so can't list them all right now, can update later.) But all I've gotten it to do is open the small welcome box but none of the buttons on that box work. Eg. I can't get into the actual application, just to the splash screen and the verbose debugging log throws non-stop warnings and errors.

Is there any chance you could upload a Tails walkthrough. Doesn't have to be long, just exactly what dependencies are needed, etc. I set it up exactly according to the Linux guide but TAILs does differ from more of the mainstream distros in many ways.

Thx,

• d3v

Hi, just discovered your project and started digging through the source code. This led me to discover that at least parts of it is very similar to Ricochet Refresh. The license also mentions the non-profit who backs Ricochet. What is the differences and similarities between these two projects?

Dear @Speek-App team,

It is possible to migrate the personal account to organization?

Converting:

• https://help.github.com/articles/converting-a-user-into-an-organization/

It is possible to rename this account and create the organization and move/transfer the repository to the organization.

Rename account:

• https://help.github.com/en/enterprise/2.13/user/articles/changing-your-github-username

Create an organization:

• https://help.github.com/en/github/setting-up-and-managing-organizations-and-teams/creating-a-new-organization-from-scratch

Transfer a repository:

• https://help.github.com/en/github/administering-a-repository/transferring-a-repository

Like:

• https://github.com/IBM
• http://github.com/gnome
• http://github.com/kde
• ...

Can't switch to other languages with the input method, please investigate

I would like to know if there is a Crowdin page to translate or another way for me to help translate the interface?

Hey, I saw that the windows installer won't work on win 10. I've got windows store blocked because of privacy reasons. Is there any way to run this on win 10 except store?

What version of qt are you using? I have many problems when compiling with qt6.5, and it has troubled me for many days without compiling successfully.

Unable to download macOS app from apple app store in Italy
could you make yourself independent from the apple store and make the app available?
thank you

¤ Groups:

• Make android version have same features as speek version 1.7.0 for PC (aka groups options etc, you know).
• Option to turn on/off this encryption in paranthesis beside nickname in a group. (IF possible)
• When you create a group,only the one who can create the room can rename the group
• When you make a group,a random .onion web link is automatically created (Which changes every time you make a group).
• Moderation (with commands to kick,mute and a command to see list of commands)
• Prefixes on users that shows who is a member,guests,moderator,owner

¤ When opening the speek.chat window:

• Make it so that the Group Host window opens in 1 single window (maybe in a tab or something)

¤ Speek.Chat itself:

• Possible to synch account on PC with Speek on android so we can use same account both on PC and android.
• Make it so the the person or the group doesnt go offline in any way when the phone goes into sleep mode or lock mode.

¤ Profile photo:

• Make it possible to set a profile picture on PC version of speek,so that when you set it via speek on PC version,it will show you the profile picture on the added user on other persons speek app.
  -- Example: Lets say John uses speek on PC and added a user called Tony and Tony added John on his PC and John want to add his profile picture,then Tony would then see John's profile picture,and same with if Tony added his own profile picture it wpould show his own photo on john's friendslist. Same goes for when users are in group as well

For the past two days, I have received the same error after logging in and trying to add a friend. The login seems to work fine as it gets to 100% bootstrapped, then it proceeds to say nothing but the same message after.

May 26 19:55:44.000 [notice] Bootstrapped 100% (done): Done
May 26 19:55:56.000 [notice] Closed 1 streams for service [scrubbed].onion for reason resolve failed. Fetch status: No more HSDir available to query.

Tried a bridge but the program just would automatically close out. I'm on Linux Mint 20.3 Una.

Sorry I'm not expert on this area, but for example using a VPN instead?

Idea source https://code.briarproject.org/briar/briar/-/issues/1685

General idea: The administrators of the group would have some general adjustments for the group, according to the group configuration a category is assigned.

Generic settings for group administrators:

• Give the possibility that the users of the group, add new users, or not.
• Allow users to send messages or not.
• Allow users to send images or not.
• Allow users to send files or not.
• Allow users to send music or not.
• Allow users to send audios or not.
• Allow users to send gif or not.
• Other settings...

Depending on the general settings of the group, categories could be assigned, the categories change according to the group's permissions.

Category "Channels"

Category feature:

• Group members can only receive messages.
• All users can create a new "Channel" by default group permissions shown above.

For example, in a group that is not allowed to speak to its members and only administrators can speak, this category would be assigned since information is only received from administrators (for example, offers, or news about games, news, etc.)
In this case it would be good to give the possibility of self-publishing rss news for administrators.

Category "Group"

Category feature:

• Group members can send and receive messages.
• Group members cannot add new users (Only administrators can do so)
• All users can create a new "Group" by default group permissions shown above.

Category "Supergroup"

Category feature:

• Group members can send and receive messages.
• Group members can add new users.
• All users can create a new "Supergroup" by default group permissions shown above.

I think that would be better. More organized, cleaner. Regards

Since there are no servers and everything, can one send and receive messages via an API, programmably?

I am aware that this application allows anonymous communication without the use of central servers through having each user host a hidden tor service, thus requiring both users to be online at the same time to communicate.
However, I have been unable to find any information on whether it is possible to tell the difference between a device connecting through the tor network and one hosting a hidden service or not.
If the former is true then accidentally leaving this program open when connecting to some networks would carry a far greater risk of raising suspicion, which could be explained away but is still undesirable.

Will there ever by an ios app? I would like to give this a go but without an ios app it's isn't super useful for me. If there is an ios app will it be able to recieve push notifications? I recall reading somewhere that this was difficult to do in ios. Thanks, keep up the good work!

have no idea how to import backed up idenity zip folder into the android app. i cant find where to put it.. and theres no import button in the app itself.

Hello,
After starting, on Windows 10 and on Ubuntu 20.04 , we only see "en ligne" (French environment).
see below screenshot:

Why? We already have Session claiming that it's a no-metadata application as well but unfortunately that's not possible, I don't see why you all keep claiming that your application doesn't collect metadata or whatever every application literally needs metadata to operate in the first place, a messaging application needs metadata to communicate in the first place with or without Tor - there is no such thing as "no metadata" and why bother promoting your application as if it's just so secure? Tor is part centralized to operate a decentralized network and Tor nodes can be compromised, routing user data through Tor wouldn't mean that it's not possible to compromise your user contacts although it's promised at least implied that their contacts will remain hidden and protected, if you're going to release an application at least be genuine and honest and not cliche and deceptive but you're wasting your time regardless, I'm sure you learned a lot from developing this application but you are wasting your time because you are still being generic, your application is generic there's no good form of "privacy and security" about it and why bother contradicting Tor? Tor website already claims that the network isn't completely secure yet you are already stating that your application is just so secure? No middleman servers? Tor is all about middleman servers so what the hell are you even talking about? We already have Signal that unnecessarily wants numbers, we already have Session with the same bullcrap thing as you, we have Telegram with the suspicious activities and we have Matrix/Element which is by far the only actual good platform for general purposes. Just get rid of your current application and develop something that's actually unique for once, stop with all the generic applications we have too many "secure messengers" that literally all have similar designs, if you really want your application to be privacy and security centralized then THINK HARDER because your current method is not that method.

Describe the bug

When first opening Speek a dialog with the options "Launch Speek.Chat" and "Configure Network" is shown.
If this dialog is closed (no option was selected) and Speek is launched again then the application will open the main window but never connect to the network - it will display "Connecting 0%" forever. Relaunching doesn't help, only reinstalling Speek.

I only tested this on Windows, don't know if this occures on other platforms.

Steps to reproduce the bug

0. (Deinstall Speek if installed.)
1. Install Speek.
2. Open Speek.
3. Close the app after the first-launch window is displayed.
4. Open Speek again.

Current broken behavior

The application will display "Connecting (0%)" indefinitely.

Expected behavior

The first-launch window should open again or the application should connect properly.

Screenshots, videos or logs

Tested device

• Device: PC
• OS: Windows 10
• App type: Windows Store app
• App version: 1.5.0.0

When changing themes from dark to light font stay light coloured making hardly visible
Android 12 device

On the desktop there is a button to open the settings folder where one can then extract the backup.zip to. I don't think this is very intuitive but at least it is possible.

On Android (and I guess the same is true for iOS), I don't see a way to restore a backup (except by rooting your device 😅).

Am I missing something?

Hi,

A little while ago, one of your developers came to our room, and asked for feedback. I thought I'd write something up here. I'll touch on each thing here.

1. Use the fork option

As this is a fork of Ricochet Refresh, you should fork that repository. This will keep commit and ownership information for files you didn't write. There's no reason not to do this.

It looks a lot less dodgy which has already been noted in other places like Reddit by upstream.

2. Use proper development cycle

Whoever is writing code here, really should not be pushing to main, and using silly commit messages like "fix".

• https://www.freecodecamp.org/news/how-to-write-better-git-commit-messages/

What you should be doing is branching and using the pull requests feature of Git. I suggest squashing commits before merging them into main. The feature-style commit workflow seems most appropriate

• https://www.atlassian.com/git/tutorials/comparing-workflows/feature-branch-workflow

The idea is you want each commit to main to be a "feature" that has been tested in a development branch.

One of your developers did mention that there was an interest in working with upstream. They will likely only be interested if you start doing things properly. Make it easy for them to cherry pick https://www.atlassian.com/git/tutorials/cherry-pick

Once a particular version of the software is ready "tag it" and do a proper release.

We would generally recommend using the "git tag" command because you want to sign it with your PGP or SSH key. We show an example in our readme.

On a side note the benefit to doing it the way I described is you won't have to manually write a changelog each release, as those can be autogenerated from your pull requests, including those contributed by other people.

3. Don't share credentials, and don't use the Speek-App account

What you should be doing is creating a github org and inviting your developers. It's important to provide accountability, of which account did what.

While you're at it, either set up PGP or SSH signing.

• https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits
• https://calebhearth.com/sign-git-with-ssh

4. Use submodules

For external modules like tor these should be submodules, not the commited source code of Tor. https://github.com/blueprint-freespeech/ricochet-refresh/tree/main/src/extern See the difference? If there is a vulnerability with Tor this depends on your developer happening to commit new source code for Tor. This is bad and should be fixed immediately.

• https://www.atlassian.com/git/tutorials/git-submodule

This is particularly important what you've currently got is Tor frozen at a particular time, 3 months ago. If a vulnerability is discovered in Tor, it may go unfixed in Speek, for a length of time.

5. Marketing

I know you guys are spending quite a bit of effort on this, it's important that you get your ship into good shape before you go about doing that. I've seen various evidence of activity from this project, on Twitter seems people were under the impression they were going to get a free "gift card".

There has also been soliciting listings, backlinks etc on other sites.

It shouldn't be your priority, please, get things right first.

6. Remove Travis credentials:

I know this was imported when you uploaded Ricochet refresh's code, but it's still not a good look. If you use Travis, do https://docs.travis-ci.com/user/environment-variables/#Defining-Variables-in-Repository-Settings

7. License

Put the license in a sane place, normally it's found in the root of your source code repo. I would suggest keeping it there so it's easy for package maintainers to find.

Suggestion how to fix this

1. Create a Github Org, invite your developers
2. Require that they enable 2FA on their accounts
3. Transfer this repository to your organization
4. Archive this repository. Don't worry about the stars it's not a huge amount, It's 235. As your project gains momentum which it will be if you do the above (as it will be easier for people to contribute), you'll end up with many more. You can mention something in the README.md about why you've done this and point to the new repo
5. Fork the Ricochet Refresh repo, start making pull requests from this repository into it.
6. This will fix your commit history, (which is dreadful right now).

Some other benefits that you'll gain from doing things properly

• A much clearer picture of when a regression makes its way into your code, which can be assisted by git bisect https://interrupt.memfault.com/blog/git-bisect
• Easier for third parties to audit. Nobody is interested in even looking at what has changed between releases because none of your commits have useful names

May 12 19:20:15.000 [warn] Problem bootstrapping. Stuck at 5% (conn): Connecting to a relay. (Connection timed out [WSAETIMEDOUT ]; TIMEOUT; count 21; recommendation warn;
May 12 19:20:15.000 [warn] 20 connections have failed:
May 12 19:20:15.000 [warn] 20 connections died in state connect()ing with SSL state (No SSL object)

https://www.virustotal.com/gui/file/22542da60a5dec5321245d91652c3749d2a387303264cf1b06c91a7abe22eb65/relations

tnx.

Interested in your application, especially the fact that initially the connection between contacts is also serverless, but alas, encountered a popular problem of confidentiality for free and decentralised applications. You have, as with other apps, an ID open to the person you are talking to and adding to contacts by that ID, which in some, but not all, makes communication not so anonymous.

The problems with this implementation:

1. A permanent linked ID helps annoying contacts who for example are blacklisted and can spam you by trying to add you as a friend. Other scenarios are also possible.
2. If your ID has been exposed online, for example with personal data, there is nothing to do but recreate the account in order to remain anonymous.
3. You have to give your ID even to people you do not completely trust and there are different scenarios here too.

The solution has always been around, even though it's used in a proprietary centralized solution, but why no one has replicated it is unclear to me. Telegram has a temporary dynamic nickname that you can change as many times as you like, you can even choose not to create it if you want.

I appeal to you, as one of the most interesting decentralised projects right now, to make one:

1. Disable ID display for contacts (optional)
2. Make IDs replaceable, at least infrequently, in case of compromised data in the network
3. Make a nickname system (@nick) in addition to ID
4. Add contacts by QR and possibly other ways without ID display