Very interesting! Thank you!
1 Like
Hi, is it still working in China? I am also looking for a solution, now that Signal is blocked.
2 Likes
@nocturrne, I’m not in China so I cannot vouch foe certain, but I can say that
- There is no central connection server for Jami : it is intentionally designed so as to avoid this, so nobody can block the server as there is just no server
- If we want to be VERY pessimistic, on the other hand, the first time you start Jami, the app indeed tries to connect to some neighbors, to start the larger-scale connection. I think these ‘initial neighbors’ are standard and preset in Jam when you start it the first time (only), so I imagine it may be possible to block them.
The way to do then is to connect a first time BEFORE, from a place where more connections are allowed.
Then, when you have connected once successfully, your local database of ‘neighbors’ is updated, larger, and unique (it depends on your neigbors at the time of initial connection), so from then on there is no way to block. Even blocking specifically Jami’s ‘initial neighbors’ doesn’t prevent anything.
1 Like
Yes it works in China. But not perfectly, let me explain.
-
None of the Jami’s central servers (bootstrap, dhtproxy, name server, TURN) are blocked as of yet, so using Jami in China is not much different than using it anywhere else in the world.
-
That being said, once enough people starts using it, those aforementioned servers could easily be blocked, keep that in mind.
-
If you use Jami on mobile devices, you need to know that google’s GCM does not work inside China, so notification would be a huge problem. Apple’s APN works fine.
-
In the end, even without the firewall of China, people aren’t having the best experience with Jami, because messages are transmitted p2p strictly, if you cannot establish direct connection, you can’t use it.
To sum it up, if you are using it on iphones and desktop computers, AND one of your devices is behind a router with public IP address, and have UPNP enabled, OR you know how to build your own TURN server, then it should work fine.
2 Likes
@terrytw , isn’t this TURN discussion only needed for video? I expect the main goal of communicating from really afar would be simple text messaging ; does the TURN issue still happen then?
1 Like
From my understanding, it does not matter if it is messaging or video/audio call, Jami will try to establish p2p direct connection, if direct connection fails, it will fall back to TURN server relay.
If you cannot establish direct connection, and you do not use TURN server, how can your messages be transmitted?
1 Like
I’m no specialist at this, but I thought the main difference between Jami and, say, Signal, was precisely that Jami doesn’t depend on servers that some ISP or countries can cut. What I hear here is that seems wrong?
What is then the advantage of Jami? Just the fact that an user isn’t associated to a phone # but just an anonymous signature? If that signature can be traced to its IP the anonymity is very light…
I thought Jami was using some Tor-like wrapping at least, or connections ike Briar does?
1 Like
They have a quite informative article explaining the concept, I will attach it in the end.
From my understanding, the main difference is that for signal users, for example if I were to send a message to you, that message is first encrypted on my end, then sent to signal server, the signal server then send that message to you, signal server cannot decrypt that message, only you can decrypt it.
As for Jami, it will try to reach you directly via a number of ways, try to send the message directly to you, but it does not always work, especially when you use mobile devices, that is when you need a server, it works as a relay. Plus some other user cases, the article has it explained clearly.
Also, when using Jami, you can have your own server, that is a significant difference here.
article: Why is Jami truly distributed?
2 Likes
Most Chinese users are behind NAT, which means that once the TURN.jami.net server is blocked, most Chinese users cannot use Jami.
And the GFW can not only block this TURN server, but also the entire TURN protocol to block all overseas TURN servers. Just as they have banned all the overseas proxy servers by blocking the protocols.
Available IPv4 is scarce, and it is difficult for personal use to apply to the ISPs.
When IPv6 becomes popular in a few years, NAT may not be needed.
2 Likes
@CrazyBoyFeng , I think not all services in Jami require TURN, and also (see earlier in this post) I understand that once you “initialized” once your Jami instance, connecting to a neighbor for instance, then you don’t necessarily need TURN. But I must say I didn’t test this…
1 Like
Not all services in Jami require TURN, but as I said, Most Chinese users are behind NAT.
This post and official blog both claim that two users behind NAT need to communicate through TURN.
As much as we like to say that Jami is completely without server, sometimes it is not exactly right as we have seen. However, TURN is the perfect compromise for situations where a fully peer-to-peer connection is not possible
And terrytw also raised the issue.
In my own test, if the two clients behind NAT are set to no TURN, they cannot communicate. However, maybe my test is wrong. Hope to be verified by others.
1 Like
Briar works well via bluetooth and wlan. But when chatting remotely, it connects via tor. Almost all public nodes and bridges of tor are blocked. If there are nodes that are not blocked, it must be because they are too new. So it is often difficult to chat remotely with Briar. It is more suitable for use when crowds gather.
With the popularity of IPv6, software such as jami and tox will become more usable.
3 Likes
Thanks @CrazyBoyFeng -that’s the first time I see a meaningfule argument in favor of IPv6!
Don’t you fear that in the same ‘constrained’ environment, also IPv6 could be just blocked too?
1 Like
Maybe blocking bootstrap.jami.net will cause a little trouble. However, everyone can run their own bootstrap nodes if they have public IP(v6).
In extreme cases, ISPs may also block ports and even protocols, making it impossible for everyone to connect. But I think this is not something Jami should deal with. Software like Jami is not originally used to resist censorship. It only needs to achieve its original design purpose, decentralization, which is enough to do a lot of things.
2 Likes
If ipv6 addresses are randomised will Jami users still be able to connect to each other?
1 Like
The DHT network is used to query the IP of the ID. As long as it is connected to the DHT network and can exchange data between nodes, then there is no need to worry about IP changes.
Unless your node is used as a bootstrap node, others must connect to you before they can connect to the DHT network. If your IP changes and you are not using DDNS, then others will not be able to connect to the DHT network. They either change to another bootstrap node, or need you to tell them the current IP in other ways.
1 Like
I am a Jami user in China and I’ve read some of your replies.
First, maybe because of its feature of ‘no server’, Jami’s network connection is NOT stable in China, just now I sent messages to my classmate, at first he could recieve my message but several minutes later wo lost connection. This makes Jami even impossible to become a widely used communication tool in China, even though Jami has a very attractive feature - end-to-end encryption. I think the troublesome using experience is serious than I use RSA to encrypt my message and send the msg through QQ and the other side received my message and then he copied the message and the RSA-pub key to a program to get the real message.
Second, I think it is predictable that the network ecosystem in China will be more blocked. Chinese goverment and the law doesn’t allow a end-to-end encryped communication tool, in case that some msgs are passed, so QQ, Wechat and other communication tools in China all don’t encrypt msgs end-to-endly. Nowadays even the network connection to Github and Steam is not stable because GFW randomly bans connetions to Github using SNI, Pixiv is globally banned using sni. GFW baned ALL ESNI connetion; and In my opinion Jami will be baned one day.
BTW, I use China Mobile and China Telecom.
I saw all your replies are earlier than 2021 May, and I’d REALLY appreciate it if the developer of the software Jami could see me and give me reply.
1 Like
Jami’s bootstrap server has been blocked by some ISPs in China.
In these places, if you want to use Jami stably, I recommend setting up a bootstrap server and TURN server by yourself. If you need push service for mobile devices, you may need to setup DHT proxy.
The setup solution can be obtained from here: Use Jami on a LAN — Jami documentation
Of course, all of this requires you to have a public IP.
In today’s China, public IPv6 is relatively easy to get. However, if you only have public IPv6, then you will not be able to communicate with clients using IPv4.
1 Like