-
-
Notifications
You must be signed in to change notification settings - Fork 79
To Encrypt or Not to Encrypt
As of release 1.19.2-v1.13.0 No Chat Report offers new client-sided feature - chat encryption. You can encrypt messages you exchange with other people using a secret key, preventing eavesdropping and effectively alleviating the danger of chat reporting.
Encryption can be configured by right-clicking on the button No Chat Reports adds in the right corner of the chat screen:
When you do so for the first time, you will be greeted by a screen like this:
Clicking "Proceed" will bring you to the configuration screen itself:
Let's break down what each element of it does:
- This is the field where you would enter encryption key. It has to fit particular format dependent on chosen algorithm. If no key is provided, default one supplied by the mod itself will be used and displayed here;
- Validation status of the key. Green checkmark lets you know that key you have entered is valid, red crossmark will indicate that it is not;
- This button can be used to generate random key, which will fit the format of selected algorithm;
- If you're not happy with generating and passing around random keys, you can opt to use a passphrase instead. Unlike the key - there are no particular restrictions on passphrase format. Same passphrase will always produce the same key for a given algorithm;
- Checkmark that controls whether your public chat messages should be encrypted. If this is unchecked - only messages sent via commands will be affected (which commands is decided by the config, more on that further);
- This button allows you cycle through different supported encryption algorithms. You can hover the button anytime to read short description of currently selected algorithm:
- Saves the changes and exits the screen. To exit without saving changes you can press Esc.
For starters it is recommended that you leave encryption algorithm at default and generate a random key to encrypt your messages. Once you're happy with your configuration, you can press "Done" and be put back into chat screen. Now you can left-click on encryption button to actually enable encryption. When encryption is enabled it will look like this:
You can left-click it again at any time to turn encryption on and off. Configuration you have set up will persist until you change it, even across game restarts; you won't need to reconfigure things every time you enable the feature.
Now that encryption is active - let's try to actually send the message into the chat:
Upon being sent it will display like this:
That might not look particularly encrypted, but rest assured - it is. You can hover the lock icon to see what people without the No Chat Reports installed and encryption enabled with appropriate secret key will see:
This is also exactly how the message will appear in server console:
[12:59:54] [Server thread/INFO] (Minecraft) <Player588> gwZnkzO5aBmUcY0BpIz/ApCNNkzp7g==
Obviously, it would be no fun if only public messages could be encrypted. What if instead you want to secure your private correspondence with someone on the server? Be unafraid, for that is easily achievable.
Let's try to use vanilla's /msg
command with encryption enabled:
In this case we message ourselves, but it will not work much differently with messaging someone else. As soon as command is sent we observe this:
It worked! But what if you wanted to use some custom command from a plugin? How did the mod decide to encrypt this command, and only "Super secret message" part of it, not touching "Player10"?
As was briefly mentioned above, command encryption is controlled by config. Let's navigate to .minecraft/config/NoChatReports/
and open NCR-Encryption.json
with normal average text editor:
Most of this is a reflection of what we have already touched with GUIs in game (and yes, you can do configuration here if you prefer). We are interested in encryptableCommands
list, which declares all commands contents of which No Chat Reports is supposed to encrypt when encryption is enabled.
Each entry in the list should contain command name, such as msg
, and an integer value that tells the mod how many command arguments should be excluded from encryption, such as 1
; those two are separated by a colon. That argument number is exactly why msg
command doesn't end up having player name encrypted along with the message itself.
You can add whatever commands you like here, vanilla or otherwise. For example, if you wanted to add /say
command, you would add say:0
to the list. Commands you add don't necessarily have to exist on all servers you log into.
Besides compelling your friends to actually install No Chat Reports and enable encryption, final step in getting them on board of privacy boat is to tell them your newly generated encryption key, such that they can insert it themselves into approapriate field of encryption settings and be able to exchange encrypted messages with you.
To not screw this step up - it is highly advised that you only communicate encryption keys via secure channels, of which Minecraft chat where you actually plan to encrypt things is not one. Basically use anything that you trust will not lead to someone eavesdropping on the chat finding out what the encryption key is and thus being able to easily decrypt the messages themselves, be it Discord, Telegram, Signal, or whatever people use these days. Your channel of choice need not to be super private, only sufficiently isolated from adversaries.
All of this equally applies to passphrases.
Because it really isn't a secret to anyone. Of course, it all depends on your threat model. Do you expect that attacker will simply lack the knowledge, skill or motivation to decrypt your messages, or will they be all out to break through your defenses with wide variety of means available to them? In the former case it indeed doesn't really matter how secret your key is.
Encryption can be desirable in wide variety of cases. Let's list some of them:
One great consequence of using encryption is that it effectively makes your messages unreportable, even if server you play on forces you to sign your chat messages. The trick is that messages are encrypted before signature is generated, so you are not signing plain text. Server will let your message through as any other properly signed message. However, when someone tries to report it - what will end up in the report will be unreadable encrypted message, not the plain text that went into producing it.
Even if someone who has secret key and can decrypt the message tries to report it - same thing will happen. They could try to modify their client to decrypt the messages before they are submitted into the report, but since message signatures were generated against encrypted messages - decrypting them will render signatures invalid in the context of report, meaning the report will not even be accepted by Mojang.
Probably the biggest use-case for encryption as of yet. It was directly confirmed by Mojang that all Realms chats are automatically monitored to identify "online harms", which can be escalated for human review (see Our Commitment to Player Safety - Proactive Moderation). In that regard the system is fully identical to chat reporting, except it does not require anyone to manually submit a report and there is no way to disable it, even with mods. If you are found to violate Minecraft's community guidelines - you will be banned, temporarily or permanently, from all multiplayer services and not just Realms. Whether the realm is private and all participants are fine with language used is not considered relevant, as evidenced by one of ban cases.
In that light Realms chat is inherently non-private and insecure. Encryption can be an effective tool in alleviating the risk of using it, as efficiency of automated monitoring will be heavily reduced, and no human reviewer will be able to decode the contents of your chat messages if they ever see them.
Even if chat reports are disabled where you play, you might still not want server admins to see the contents of your private messages. As discussed above, you can set up encryption such that it only affects private messages sent via particular commands, without touching public chat.
It might seem like a good idea to enable encryption wherever possible, but it really isn't. People in charge of moderating chat on third-party servers can simply mute or ban you if you send encrypted messages in public chat, be it for spam or specifically for trying to use encryption in case server owner wants to enforce chat reports. To assess the risk of such occurence is upon you, as it will differ from case to case.
© 2023 Aizistral. All contents of this wiki are available under WTFPL license.