Links 1 and 2 have not had updates in 10 and 8 years respectively, they probably don't even compile anymore. They implement OTRv3 which was published in about 2005 and uses 1536-bits primes. As far as I know, neither the protocol nor the implementations were audited (and especially not audited recently). This is not good encryption at all.
replyAdditionally, OTRv3 does not allow multiple clients per account, which makes it unusable for anyone who wants to chat from two devices.
I use link [1] all the time. It comes pre-compiled for many Linux distributions but not installed by default. And yeah like I said it needs cipher updates like was recently performed in OpenSSH. HN has a handful of cryptographic nerds that could update OTR in their sleep if they so desired maybe even rewrite in Rust but being cryptographic nerds they probably have no need. If the same is true with cryptographers as is with car mechanics and plumbers they probably only use plain text as mechanics have broken down cars in their yards and some plumbers have old leaky pipes due to burn out.
reply