Ricochet or Ricochet IM is an open source, multi-platform, instant messaging software project originally developed by John Brooks and later adopted as the official instant messaging client project of the Invisible.im group. A goal of the Invisible.im group is to help people maintain privacy by developing a "metadata free" instant messaging client.
Originally called Torsion IM, Ricochet was renamed in June 2014. Ricochet is a modern alternative to TorChat, which hasn't been updated in several years, and to Tor Messenger, which is still in beta. On September 17, 2014, it was announced that the Invisible.im group would be working with Brooks on further development of Ricochet in a Wired article by Kim Zetter.
In February 2016, Ricochet's developers made public a security audit that had been sponsored by the Open Technology Fund and carried out by the NCC Group in November 2015. The results of the audit were "reasonably positive". The audit identified "multiple areas of improvement" and one vulnerability that could be used to deanonymize users.
Ricochet is a decentralized instant messenger, meaning there is no server to connect to and share metadata with.<ref name="Hacker10-1"/> Further, using Tor, Ricochet starts a Tor hidden service locally on a person's computer and can communicate only with other Ricochet users who are also running their own Ricochet-created Tor hidden services. This way, Ricochet communication never leaves the Tor network. A user screen name (example: ) is auto-generated upon first starting Ricochet; the first half of the screen name is the word "ricochet", with the second half being the address of the Tor hidden service. Before two Ricochet users can talk, at least one of them must privately or publicly share their unique screen name in some way.
- Ricochet does not reveal user IP addresses or physical locations because it uses Tor.<ref name="WIRED-1"/>
- Message content is cryptographically authenticated and private.<ref name="NCC-Group-2016-01"/>
- There is no need to register anywhere in order to use Ricochet, particularly with a fixed server.<ref name="Hacker10-1"/>
- Contact list information is stored locally, and it would be very difficult for passive surveillance techniques to determine whom the user is chatting with.<ref name="WIRED-1"/>
- Ricochet does not save chat history. When the user closes a conversation, the chat log is not recoverable.
- The use of Tor hidden services prevents network traffic from ever leaving the Tor network, thereby preserving anonymity and complicating passive network surveillance.<ref name="WIRED-1"/><ref name="Hacker10-1"/>
- Ricochet is a portable application, users do not need to install any software to use Ricochet. Ricochet connects to the Tor network automatically.<ref name="Hacker10-1"/>
- An already-compromised computer system will typically defeat the privacy protections that Ricochet offers, such as a keystroke logging malware.
- Even though Ricochet uses Tor, other applications will not be using Tor unless the user has independently set up additional Tor services on their computer.
- Active and passive surveillance techniques can still tell if the user is using the Internet, and when, but not necessarily what they are doing on the Internet.<ref name="WIRED-1"/>
- Since a Ricochet user does not register or log in anywhere to use Ricochet,<ref name="Hacker10-1"/> not even with a password, it is important to implement layered physical security, including disk encryption, to protect Ricochet. No encryption is present on inactive data.<ref name="NCC-Group-2016-01"/>
- Tails Linux users, and other live operating systems users, can optionally backup Ricochet to zero-knowledge cloud services such as SpiderOak, or on a personally owned USB drive (ideally encrypted).