out of the loop, what's the problem with signal?
from Nuvalon@lemmy.ml to privacy@lemmy.ml on 20 Mar 22:16
https://lemmy.ml/post/44783431
from Nuvalon@lemmy.ml to privacy@lemmy.ml on 20 Mar 22:16
https://lemmy.ml/post/44783431
i’ve just seen a comment in a post, in this very community, saying people trust signal because of missinformation (from what i could undertand).
if this is true, then i have a few questions:
-what menssaging app should i use for secure communications? i need an app that balances simplicity and security.
-how to explain it to my friends who use signal because i recomended?
-what this means for other apps in general?
threaded - newest
The only secure communication involves a dead drop and one time pad. Everything else is Mossad.
Signal is alright IMO.
There is no perfect service. Thats why smarter people than me analyze this and talk about it: www.messenger-matrix.de/messenger-matrix-en.html
I think deltachat is pretty cool. Decentralised, open source and quite easy to use and setup.For me it is something for friends willing to try out new stuff and as a fallback when signal fails.
Delta chat is the best. Especially with webxdc’s.
webxdc.org
I hadn’t heard that sure but you should install:
Maybe you should reply to that comment you’ve mentioned and ask them to explain why they’re spreading FUD.
The usual conspiracy theory is that Signal is funded by the CIA and therefore a honey pot.
Signal. I can do almost everything that i.e. WhatsApp or Telegram offer, is as easy to use as those and the client is verifiably encrypted and secure.
Explain what exactly? Why they should use it?
Please clarify the question.
The epstein files have proven that conspiracy theories are true. Of course powerful gangsters conspire. We already knew that since forever.
Ok, because the thing, that everybody knew turned out to be true, every conspiracy theory is valid now?
I guess you should go visit the Nazis in New Swabia and discuss this revelation with them.
So the Earth really is flat and run by lizard people?
Be careful with your wording. Yes, some conspiracy theories are true to some degree. But there’s also ones that are complete bunk.
the part of the “conspiracy theory” about CIA funding is completely true: signal proudly say they get funding from the OTF, which at the time signal started was a subsidiary of Radio Free Asia, which started out as an open CIA project (before being relaunched as clearly still a CIA project but without the official acknowledgement).
I’m 50:50 on whether signal is a literal honeypot, but even if not it seems pretty likely that the US government wouldn’t have funded an app that could be used by people breaking its laws - let alone people actively organizing against it (foreign spies, domestic revolutionaries and insurrectionists) unless they were getting something pretty big in return.
In return they get an actually secure messing app they can use without having to support it themselves. Which is pretty big.
why are you making a post instead of replying to a comment?
So i can open a discussion on this question (specificaly)
The problem is that you didn’t bring much, and it sounds like you’re trying to spread FUD yourself:
Sorry if that’s the case, i’m just shocked to hear this, and i want help to clarify this question.
This is long, but answers your questions: Why Not Signal?
Okay it doesn’t answer that one. But also, whether they should use Signal or not depends on their threat models. Many people don’t see the US police state as a threat.
Best answer/link and cause…
Given what you’ve said, Signal is still what you want and is good for it.
There are two main issues people have with Signal:
First is that it requires a phone number to sign up. That makes some people who want it to be truly anonymous unhappy. It’s not meant to be anonymous, though. It’s meant to be private. Those aren’t the same thing.
Second is that it runs on AWS. This isn’t a problem in the sense that it’s possible for it to still retain privacy while running on AWS. Some people don’t like it because they view the dependence on the infrastructure of an American company to be a risk to availability. They also believe that it would exacerbate a security flaw if one were found.
Personally, I know these risks and still find it to be the best balance between privacy, security, and ease of use.
Let’s not pretend the hypervisor doesn’t have full access to the VMs memory and execution. The only thing protecting the Signal server is Intel SGX.
I don’t think Signal trusts the AWS server either, that’s the point of E2EE encryption.
I’m not claiming the contents of the messages are at risk here. You’re social graph and metadata though is another story.
The only data they store are account creation time and last connection time.
signal.org/bigbrother/district-of-columbia/
The thing if someone has memory access Signal doesn’t need to store anything, transiting data is now available. For example all of your contacts when doing contact discovery. It used to be a simple hash, something for which you could build a rainbow table in a few hours, at the worst. It’s lightly better now, but still.
Don’t take it from me, take it from Moxie:
signal.org/blog/private-contact-discovery/
It also doesn’t really matter if the software itself can easily be tampered with in memory by the hypervisor. Like I said, they are putting a lot of trust in Intel SGX.
And let’s not even get into the digital sovereignty issues, and financing of right wing billionaires. Yes, running on AWS is an issue. It’s multiple issues even.
signal.org/blog/private-contact-discovery/
… Providing you trust Intel SGX (and AWS for giving them access to actual SGX and not just emulating a compromised instruction set)
😃
conspiracy begins…
What conspiracy? CPU bugs aren’t a conspiracy, they are just a fact. Amazon’s involvement with American three letter agencies isn’t a conspiracy, it’s a fact.
Yea but if you worry about CPU bugs there is no such thing as trust, no matter who owns the infrastructure. Any software can have critical bugs and any system that can be accessed remotely can be compromised. Personally I’d trust the people at Signal that they have made a reasonable architecture section to balance availability and privacy
I don’t take anything from someone I don’t trust that also explicitly doesn’t use warrant canaries because he says they don’t work in contradiction to every legal authority.
It’s also an issue that they run the signal server on one single AWS region.
It isn’t hard or even all that expensive to run on multiple regions.
It’s not me you need to tell this though.
And what about suspicion of intrusions in some accounts of european imlrtznts poeple by the FSB recently ?
I don’t know if it’s a social ingeneering
But now, i think “good enough” attitude is not the good idéal, we are not in 2000’ it’s finish….
Another app exists :
Session
simpleX
Anonymous messenger
Briar
Twinme
But it’ always better to use a verified and audited app, need to have a safe team
https://fr.euronews.com/2026/03/12/des-pirates-informatiques-lies-a-la-russie-ciblent-les-applications-de-messagerie-de-respo
Nothing, it’s good. There’s FUD to get you not robust it
There was one instance of the white house using signal on the down low to evade records retention and then got caught because they accidentally invited a journalist to the houthi bombing group chat, bit that’s a user error
And they didn’t use a trusted Signal app, it was an Israeli clone app IIRC
It’s not. Can be closed
It’s fine as long as you don’t do something silly like invite a journalist to your top secret government group chat.
Or use a third party client that doesn’t have as much scrutiny on the source code and will Leak your message s
man imagine trusting in an israeli signal fork lmao
Would you say Molly is big/trustworthy enough for this to be negligible, or is it a huge risk?
Molly basically is a fork of the signal client that switches out some notification based things (such as your notifications going through fcm and such) and instead lets you use unifiedpush and/or a molly websocket. Apart from this they’re both the same. Molly uses signal’s codebase.
Molly also supports full database encryption and replaces all proprietary blobs in signal iirc
Its not what I would use while communicating with someone else who values anonymity, but, its probably the best out there for communicating with people that dont care about any of that and just want something easy that works. Its easier to onboard people on to it.
I’m put off by the centralized server. I’d want to self host without having to build a special client, something like nextcloud. That the company chose to prevent that gives me a bad impression. So I haven’t been using it so far.
I’ve played with GNU Jami a little but it was flaky when I tried it last year. Maybe it’s better now.
You can’t have it both ways. It’s hard enough to get people to switch to signal, or least also use it next to other messengers. Now imagine they’d have to connect to multiple servers to talk to multiple people. Possibly everyone connection details. Even if that’s done in the background, you have to somehow get the connection registered once, discovered if you will.
Anything and everything you send through their server is end-to-end encrypted. Some people hate on the phone number being required to create an account, but it’s also the reason it works at all: anyone in your contacts who also has signal you can talk to. Phone numbers are an international standard. If course this also has downsides…
Finally what you’re asking for exists. NextCloud has “talk”. Which is essentially a messenger app, it’s built in. Go use it. I have a NextCloud instance and I don’t use it either. What’s the point of having an app I can only use to talk with people so close to me that they’re in my NextCloud with an account already?
Of course I can. Jitsi Meet lets you do it both ways. I don’t know if Nextcloud has an official hosted server but they could if they wanted. I use it self-hosted and it works, the Talk app is just not very good. Jami uses a DHT instead of a centralized server which is another approach, though it might be part of its flakiness. Linphone (a regular VOIP client, not a secure chat thing) is set up by default to point to Linphone’s own SIP servers but you can change that in Settings. No reason Signal can’t do similar. Heck, even Lemmy works that way (you choose your server).
Signal is simply being evil and your defending them is unconvincing. I could opt to self-host Signal and build a special client for my users, at the cost of hassle for everyone but no serious technical drawbacks. Signal chooses to create that hassle because they want to funnel users through their servers, not incidentally collecting metadata about ALL the user conversations.
There’s actually a configurable Signal client called Amanda or something like that, though I haven’t tried it. Someone here mentioned it last time this came up.
Also, Signal’s own client isn’t on F-droid, which raises more potential questions. I haven’t cared enough to look into it.
Added: oh re Nextcloud, I see what you mean, account creation is an obstacle, though that could be handled like Hipchat used to. You could generate a randomized URL to invite someone to your private chat without their needing an account. Nextcloud has that too, though just for file access, not for chat for some reason. Come to think of it, Signal could also work that way: it shouldn’t need accounts at all.
When I’ve invited people to my Nextcloud I’ve just enrolled the account for them myself and told them “please log in with username X password Y”.
No one can break the encryption, so even though it routes through AWS sometimes it’s still completely E2EE with quantum resistant encryption that not even the feds could break
the only way it can be “hacked” is with phishing
Define “secure communications”.
Do you just not want to have all of your conversations to go into the pool of training data for LLMs? Signal is probably fine for that. You can also consider Matrix, although that has a LOT of caveats.
Do you want to commit crimes? Are they the “everyone does them” kind? Or are they the kind that can get you executed like “speaking out against the regime”? If the former? Signal is, again, probably fine. If the latter?
This is where you need to learn: The moment you rely on someone else to handle your privacy for you, you have none. What does that mean in this context? That means that if some company is exchanging keys for you then they inherently have those keys. And you can only trust them as far as they have been audited… and how recent that audit is.
So take a lesson from journalists. Exchange your keys ahead of time. This might be a proper public/private key pair or it could be as simple as a cipher (I suggest avoiding hotel bibles, but you do you). And then you communicate using that encryption/cipher. At which point it doesn’t matter what you use (but maybe avoid google and facebook for obvious reasons…).
I guess i want privacy, not anonimity. i’m not like a activist, but i have opinions that would get me in trouble, nothing too crazy, just something like “x government did something bad”
Signal is what you’re looking for
Collecting your phone number on sign up is literally the opposite of anonymity. Perhaps you don’t understand what this word means?
He asked for privacy, not anonymity. Re-read what you replied to.
Perfect is the enemy of good. Moving to Signal would be way better than getting analysis paralysis and staying with Whatsapp.
.
Source?
https://en.wikipedia.org/wiki/Perfect_is_the_enemy_of_good
They don’t allow third party clients.
They are open source, and you can run your own, but it won’t ever be allowed to connect to the standard signal server.
Signal has a piece they say is for fighting spam so they can’t release the code to it. So you just have to trust them.
https://signal.org/blog/keeping-spam-off-signal/
“We build Signal in the open, with publicly available source code for our applications and servers. To keep Signal a free global communication service without spam, we must depart from our totally-open posture and develop one piece of the server in private: a system for detecting and disrupting spam campaigns”
Signal is not perfect. It’s better than most.
I personally use Matrix as I can go to another server or run my own. I run multiple clients. It is NOT perfect and has it’s own issues.
github.com/exquo/signal-soft/wiki/Software-list
That’s a third party software list created by someone not Signal and basically tells you it’s a work around to Signal:
“Signal does not have an official API, and the published code requires additional effort to be used outside of the official signal clients.”
So I’m not certain the point of the link. There are still clients for Reddit and YouTube and others that are third party and aren’t official. Signal doesn’t support those.
The point is this statement is pointless because they exist anyway.
And signal can decide to break them if they want. You think it’s pointless, but yet you’re spending energy fighting a point that is pointless to you?
Was providing additional information because other people could read what you wrote and misunderstand it as being blocked via technical means rather than merely unsupported. What is with people in this community being upset when people challenge their misinformation??? It’s a really alarming attribute for something like a privacy community tbh
I’m not upset. So maybe a good question to ask yourself?
And I didn’t give misinformation. Signal doesn’t allow it. Yes, they exist, and can break at any time.
I personally have Signal. I use Matrix more, but in wouldn’t turn away Signal.
OP asked for information on what gives people pause about Signal. I have gave it. Where is my misinformation? I’d like to know so I can learn as well.
What you personally view as pointless, matters to some people.
That’s for each to decide. If this is a community focused on privacy, as you said, shouldn’t we give everyone the information they asked and not make decisions on what is or is not pointless to them?
It is a fact that Signal is a centralized service. They do not allow federation. They do not allow third party clients. They could decide in the future to turn people accounts off for using third party clients.
I have lived through this numerous times. I don’t trust a centralized service as much as one I can run myself. That’s for each to decide.
Your mom uses Matrix? You could set up something with random people you just met? Because we’re at that stage with Signal. It’s private and convenient. If I want to have some soort of anonimity I’ll use different platforms, indeed.
Yes. My whole family uses Matrix. Including my parents. And no, they’re not technical at all. Father, step mother, sister, wife.
And yes I can give someone a link to join me on matrix.
Installing Element has become super easy IMO.
And are you selfhosting and have them join you or how and where do they get their accounts? When the encryption keys don’t sync, who’s doing tech support?
I mean, my mother is 78. It’s all kind of challenging.
At the moment I’m happily on matrix.org and donating monthly to them. Most of my community is on their own Matrix servers. Outages happen, but most of the time it’s matrix.org that has an issue and the self-hosters are still able to chat and make fun of me. :) In a friendly way.
Encryption keys not syncing also happens. But it seems to be getting less and less. There are different steps for different devices and platforms. Normally leaving a room and rejoining works to resolve. Sucks, but the Matrix group are ACTIVELY trying to hunt these down.
My father is 71. The Element phone install basically walks you through the process. Including which server to connect to. You’d give them yours if you want them on just yours.
Everyone’s situation is different. if you’re interested, try it. See if it works. Maybe it doesn’t. Then stick with Signal. Signal is awesome, but it is far from perfect.
Matrix is awesome, and it’s nowhere near perfect.
Use the tool that works best for you. Some security and encryption is worth it than 0 security and encryption.
There is no problem
I’ll start by saying that i don’t use signal.
There are some concerns that other people in the comments explained. It’s up to you to decide if the trade off is good enough for you. There’s no silver bullet for this.
Signal is ok. Same as matrix, delta chat, xmpp, simplex. Avoid telegram, messenger, whatsapp, instagram, snapshat, max…
Most people mess up the concepts of anonymity with privacy.
There’s no silver bullet. All the apps have ups and downs. Most people don’t realize that if a state actor (I’m not talking about police but for example NSA, CIA, mossad, mi6) is after you, they will get you. Usually from a side channel, or from some stupid mistake you made years ago.
You, yes you, scrolling.
Here.
XMPP
I see you.
Signal is the best “easy” alternative. And DIY leaves many holes for rookie errors.
Do explain what makes it better than SimpleX Chat?
It’s an easy alternative. It took me a decade to get my friends to download a second app
Would love to use SimpleX too, but the plan fell apart while trying to use it with family. Surprisingly many people fail to grasp the concept of anything other than a phone number, social media profile, or email address. It fell apart among my more tech-savvy friends because we missed calls and had delayed notifications despite SimpleX eating through the battery like no other messaging app.
No doubt, SimpleX is the concept of a messaging app done right and could be better than any other. It’s just the implementation that needs work. But I’d be happy to hear if there’s any optimizations I could try and revisit it.
My contact coulds find me by phone number. I changes my status on WhatsApp and half of the regular contacts decided to use Signal. If I want to use SimpleX I would have to invite them all and just hope they’ll adopt.
I don’t need my phone number to be private. I want my communication to be private.
You deciding to invite your contacts to Signal isn’t really Signal being better though.
Better at connecting with the people in my life, the people that I want to stay in touch with on a regular basis.
The problem is it isn’t Telegram, Whatsapp, or some other insecure platform that nefarious actors would rather privacy minded individuals use.
No, privacy minded individuals do not use a platform designed to harvest phone numbers lmfao.
I got around it by registering a new number with phreeli.
granted, this is not something most people can go and do, phone numbers are hard to separate from. however, you might agree that privacy minded individuals are more likely to find that workaround acceptable.
I do like Dessalines post regarding alternatives, I’ll have to do more research.
dessalines.github.io/essays/why_not_signal.html
i agree with everything you said about signal, but i’m uncomfortable with a lot of the alternatives. a cryptographer i follow has written about a couple of these: xmpp, matrix three or four times (linked in the introduction to the post), others
Look at Delta chat.
I checkedout the SimpleX website and the webdesign looks like “crypto rugpull”
<img alt="" src="https://lemmy.world/pictrs/image/54b26488-f90d-43f0-9cfe-8339e0d15f64.jpeg">
Not to mention the owner of simplex is a horrible person.
Don’t let the perfect be the enemy of the good. Signal is easy to use, and that is what really protects millions of people. Otherwise, they would never use a complex or decentralized alternative.
Something being easy to use has nothing to do with privacy or security. Apple, just like signal, also sold it’s products as secure, yet they also were forwarding all communications to the US government as part of the prism program.
Signal is not a stepping stone, it’s a honey pot. Best to avoid US services that require your identity entirely.
The difference between Apple and Signal is that Signal is open source, making the code available for anyone to audit and verify uts claims.
You have no idea what code their server is running, and its impossible to host your own signal since its a centralized service.
They went a whole year without publishing server code updates also, until they got a lot of backlash for it. Still, even publishing those is moot since its a centralized service.
SimpleX Chat is an actual privacy focused app that’s easy to use and doesn’t harvest your phone number like Signal does simplex.chat
Any concerns around the fact that SimpleX Chat is Made in the UK?
It is also vc backed and they don’t have a direct plan to sustainability
It’s open source, and it’s not tied to a single server the way Signal is. If the original people developing it started doing problematic things, it’s easy to fork. One of the worst parts about Signal is how it’s designed to lock you into using their official app and server making it effectively impossible to have a compatible fork.
Using phone numbers is the only real criticism imo any service that uses phone numbers is fundamentally compromised.
They offer encrypted messaging, not anonimity. They offer a way to keep your conversations private. It’s not an opsec tool, it’s not a tool to be used by the military. It’s a platform for regular people that don’t want to get spyed on or don’t want their conversations to be used agains them when legislation changes.
"Nullum crimen sine lege, nulla poena sine lege’’
Still phone numbers are just really really bad. Like the worst thing you could possibly choose when it comes to verification.
Why?
Could you suggest alternative verification methods?
Signal does have your phone number, which is a problem.
On the other hand, the only information linked to that phone number is, “the person with this phone number uses signal”. AFAIK your phone number is not linked to your contacts, your message content, etc.
So in practice, the fact that Signal has your phone number is probably only a problem insofar as you don’t want anybody to know that you use Signal.
But to be fair, why have that issue if you don’t have to. Signal is actually good, still, but there are even better alternatives.
Well, it’s 100% linked to your contacts in one way or another because when you install it Signal will happily alert you to which ones of your contacts are already using Signal. I can’t see how they could manage that without slurping up your contact information.
AFAIK the client slurps up your contacts, but the E2E encryption ensures that the Signal server cannot actually see those.
signal.org/blog/private-contact-discovery/
… Would you care to list some of these alternatives and how they are better?
Every alternative I’ve looked at has some major drawbacks that would prevent me from getting any of my friends to move. Having to selfhost my own chat service isn’t really a positive in my mind due to the maintenance required and the higher possibility of outages.
Probably the ones you’re already thinking of (SimpleX, Session, XMPP).
They’re better in terms of privacy. When I said they’re better, I mean specifically in terms of privacy.
Of course they’re less convenient, as you’re alluding to.
Signal gets me all the privacy I need. I don’t care if they know my phone number uses Signal, I don’t use it as anonymous chat, I use it with friends and family.
As others in this post have said, Signal handles privacy perfectly fine, it does not provide anonymity.
Unlike several other users here, I actually view Signal’s contact discoverability as a feature, not a security flaw. All it means is if someone I know installs Signal, they can easily send me a message without a complicated back and forth through some other medium.
I myself said “Signal is actually good”, so there’s no need to argue with me about it.
Nevertheless:
Of course it can be both. Many things are both features in one domain, and flaws in another domain. Obviously it’s a feature or else they wouldn’t have purposely developed it.
.
There is none. Theres like 0.1% of people who complain about it who have a valid point.
And those points are always meaningless in light of the alternative’s drawbacks.
Being tied to US infrastructure isn’t a valid concern?
What then is the difference between it and Whatsapp? Both claim to use the Signal secure protocol but you can never confirm that since their codebases are closed source and proprietary.
One is run by an advertising company that has been proven in court to be a bad actor and a strong motive to log and track anything they can
The other is a non-profit without any real motive to sell you out, or any history of doing so
Thats good enough for me and most others unless you’re an extreme “trust no one” level of paranoia
Its in usa, and its big. The chance that its compromised by cia is 100%.
Considering that all other alternatives are either
I consider Signal to be the best option out there. It’s not perfect, but nothing is. It simply is the best general option out there, by far, for a general audience.
Yes, you can be totally secure, untraceable, and ultimately unfindable. But being cut into pieces, with each separate piece entombed in its own barrel of concrete, and each barrel dropped into a different oceanic trench, tends to be a bit beyond what I consider to be reasonable to achieve that.
everyone around here talking about the CIA and nation states as part of their threat model…
bro… you’re worried about the CIA and mossad, and you think spinning up your own chat servers (simplex, matrix, etc.) as an amateur sysadmin is going to be MORE secure?
XD you think the CIA can’t crack your closet server? Bruh, get real.
Signal is open source. GitHub
Agreed. I would add that most detractors don’t understand what a threat model is and want a perfect solution, for no cost, and easy to use. Something which is impossible.
Even the alternatives like Briar acknowledge that Signal has pros
It was on the leaked Paragon Solutions selfie (containing the Graphite surveillance tool), indicating there are actively exploited zero days? Just a guess.
Edit: open.substack.com/…/the-israeli-spyware-firm-that…
Those reports do NOT show active zero days in signal. The pieces of spyware talked about in those are capable of reading messages once already having compromised a device which isn’t insane as if you have access to read storage from a device arbitrarily, of course you can just read the messages. If you want to solve this, A: Use GrapheneOS or an iPhone on lockdown mode with data over USB disabled or B: Use Molly with local encryption.
Did you ask the commenter what the issue was? Seems like the logical place to start.
You’d think so, but sometimes they just angrily rant with no clear point or references.
But that would mean that you shouldnt accept their claim, regardless of how conceivable the claim might appear to be. Otherwise, we loose our minds to common sense.
not to shit on you specifically but I see this over and over, folks asking how to be “secure”. secure against what?
if you’re into this, you need to set up a “threat model” i.e. what are your threat vectors and then you build your defenses against that model. a defense against blanket surveillance doesn’t handle targeted threats. a successful defense against your government doesn’t preclude other nation-state actors getting at you.
like, if your threat vector is e.g. your SO “inspecting” your phone, you set up a passcode and you’re safe against that threat. but, if there’s a toddler going around smashing stuff, your defense isn’t valid. defense against that vector is placing your phone high up. but that defense isn’t effective against SO.
I am sure any messenger recommended here can be successfully red-teamed, be it design flaws, operator error, the famous wrench comic, or whathaveyou. but that doesn’t mean it’s ineffective in your specific case.
Yes, i hate this in these kinds of discussions. It so often devolves into how you’ll be safe from surveillance by world governments (spoiler: you won’t be, if they really care).
And here I am, just not wanting to hand data over to giant corporations that have been proven to use it for no good.
Heck, even if there was no good actor/solution, not giving all your data to the same bad actor is already a step up.
i’m concerned that they require phone numbers and host on AWS, and don’t have a clear monetization scheme. but for now it seems reasonably secure.
The signal protocol is end-to-end encrypted, not even signal themselves knows what is being sent to what.
en.wikipedia.org/wiki/Signal_(software)?wprov=sfl…
As I understand it, while they can’t see the contents, the Metadata is still exposed.
Isnt the metadata also encrypted?
Your phone number is the biggest metadata you could possibly give (it means your real identity, including your current address), and signal has it.
phone number, IP, time of connection, duration of the chat, size of the encrypted chatlog, etc. might be useful for feds
Yes
Signal no longer requires phone numbers.you no longer need to share your phone number to chat at least (sorry)Not true at all, you still need a phone number to sign up.
It’s always gonna be a moving target. Wife and I started using Telegram because it wasn’t monitored like Facebook Messenger (which I don’t have an account for) or WhatsApp. Now people are saying Telegram isn’t good enough, use Signal. It’s still good enough for us. I also have Signal. No one I know uses it, but I have it in case they wanna start using it.
Honestly though, iMessage is secure enough for most people. Basically texting through Apple servers.
But any security or privacy expert will tell you that you need to determine your own threat model. No one else can tell you what that is.
telegram doesnt encrypt by default, its a hidden feature. i wouldnt be too sure about iMessage, i believe E2EE is a bare minimum for everyone.
Messages in iCloud are E2EE protected only if iCloud Backup is disabled or if iCloud Backup is enabled with Advanced Data Protection (ADP). Otherwise, Apple stores a copy of the encryption key, allowing Apple (or authorities with a court order) to access your messages.
Probably obvious, but messages sent over SMS (green bubbles) are not E2EE.
Telegram uses a proprietary encryption protocol called MTProto, so who knows if it can be trusted.
That is an interesting statement regarding the fact its centralized and deletes accounts / channel all the time.
Telegram is a social network masquerading as a messaging app, not a “secure messaging” app.
Just because you made one mistake doesn’t mean “It’s always gonna be a moving target”.
What’s the one mistake? Telegram? Or Signal?
The way I see it, the goalposts keep moving because Telegram was the private alternative to FB Messenger and WhatsApp. Then Signal was the private alternative to those, and Telegram. Now people are saying Signal is a problem (I’m guessing because of the cock up the US government had last year?). The goalposts keep moving, but Telegram is still fine for what I need. I keep both as alternatives to texting for people who want to reach me however they’re comfortable doing. I also have one called Session. I don’t use Twitter/X, Facebook/Instagram/WhatsApp, or Reddit. I have a Discord because I have a couple things that are only available up there, but it’s not a good way to reach me as I have notifications disabled on it.
Telegram never was the private alternative to anything, unless you took their advertisement at face value. It was always known to not use e2ee by default.
Signal is not a problem, the US gov things were very dumb users issues. It was not caused by Signal itself.
So the goalpost has not moved in years, Signal was and is still good, Telegram is only fine if you do not care about privacy.
Signal is great, but it is centralized. Session messenger is a great example of decentralizes e2ee messaging.
I used Session for a couple of years, but switched back to Signal because it did a poor job with media sharing.
It’s been a while since I switched back, so maybe it’s fixed now?
Signal is closest to WhatsApp but in a open source format.
Is there anything else as close?
Signal is fine for normal/social chatting. It is centralised which makes it much harder to obscure identifying conversation metadata, and I wouldn’t recommend it for comms with a state threat model. I like SimpleX for addressing those issues.
If you just want to chat to friends and nothing else, I probably would recommend Signal for the most polished experience and most widely adopted open-source private messenger.
I moved some chats to Threema and im satisfied… they have family options so paying for one license is for 6 people
Like many said, signal is centralised and requires a phone number.
Meaning it’s not anonymous and the server owners can technically sell your metadata, not the content of the messages but who talks to who, what time, the length of the chat/call etc.
Either-way having to use a phone number to register an account, for me is not acceptable for several reasons besides privacy and metadata.
On top of that, the server side of signal isn’t free software (as in freedom), which means that the whole program requires non-free (as in freedom not beer) network services in order to work. Which isn’t acceptable for free software advocates.
Alternatives:
Simplex: If you don’t require voice calls there are more options available there are many text messages, but very few support calls, which for me is a critical feature.
In theory Simplex is the best, it’s e2ee, quantum resistant, each chat (message queue) is it’s own “account”, each “account” is just a private key, and you can switch servers with the tap of a bottom, it also supports private routing, which from what I understand is like some sort of onion routing between simplex servers.
Hosting your own server is also extremely easy, (tho note that running your own server can actually be detrimental to privacy depending on your threat model), supports calls, group chats and all the features I would ever need.
Unfortunately at least for me and my contacts, SimpleX it’s terribly buggy, specially on phone, literally tonight I missed the opportunity to be with a friend because I only saw the message one hour late.
Very often messages just stop being received until the app is restarted, usually I have my friend send me a message via other (centralised) app in order to warn me that he messaged me, I also do the same for him. After restarting the app it usually works fine for a while until it does it again. And needs restarting again.
On top of it, it’s taking more and more time to get the first message when in background even during normal operation, tho I blame Samsung for this one and not Simplex, and understand that Simplex doesn’t use push notifications for improved privacy, but it has become a real problem, what used to take 5 minutes now sometimes takes more than half an hour. Maybe my phone is overloaded, idk.
Calls could be improved too, takes several tries for it to actually work, and it doesn’t help when the other person calls me back and I call them at the same time.
On top of it, the volume of a call seems very quiet compared to a normal phone call and it’s very hard to hear the other person, I’m guessing a simple compressor DSP could fix this.
Unfortunately also has been news of Simplex planning to enshittify the app with cryptocurrency, something that I politically and morally oppose.
Session:
I’ve used it for a month years ago, before I knew about SimpleX, whatever technical merits it may or may not have, (and from what I understand it’s privacy is still below SimpleX) it relies on some cryptocurrency network in the background, so I won’t use it. Self-hosting it also seemed to me no easy task, but I could be wrong.
Jami:
Never got it to work.
Matrix:
I haven’t tried Matrix yet, I think I read long ago that calls aren’t e2ee tho that may have changed now. I also read that Matrix leaks a lot of metadata which can be a problem. Maybe not if you self-host, but self-hosting comes with it’s own privacy problems. Maybe I should research it again and try to self-host it and see how it goes.
So as bad as Signal is, I can’t give you a working alternative, I put all with Simplex despite all the bugs but I don’t think most people are willing to go though it, however if you (and your contacts) have a high end phones maybe it works better. But it’s not something I can recommend.
What about Delta Chat?
Delta Chat doesn’t support calls, same with Briar so I haven’t tried them since calls are as important as messages for me.
They do support it (Settings -> Advanced ->enable Debug calls or wait a few days for the latest release). Also chatmail servers provide turn/stun for calls if they couldn’t established as p2p.
Interesting, didn’t know this, nice, may be a gamechanger, but I couldn’t find information on either calls are e2ee or not.
Yes, p2p or via turn server, always encrypted the same way as messages.
Full topic is here: support.delta.chat/t/…/4220
The latest version also got much nicer calls interface: deltachat.github.io/…/CHANGELOG.html#v2460
In regards to Signal, this is largely not true. Sealed sender has been signal’s metadata hiding protection for like 6 years or something. The only information signal has is your phone number, your account creation time, and the last time you contacted their servers.
They also have a server implementation on github, so it seems to be open source to me. (I could be missing something though)
You are right though, that it uses centralized servers and requires a phone number, which are sticking points for a lot of people.
Give me ssh access to their centralized server so I can verify this “sealed sender” idea is working.
Otherwise this is a “trust me bro” claim.
This doesn’t really make sense to me, what do you mean? Client-side you do different computation for sealed sender delivery/receipt. What’s your normal standard of trust that a hosted, open source project is running the same code that they’ve made public?
I think if they store any metadata that we don’t know about, the lie runs very very deep, like to conspiracy theory levels that don’t really make sense for a registered nonprofit: signal.org/bigbrother/
Its a centralized service, you have no idea what code they’re running. You can’t host your own.
Also they went a whole year one time without publishing any server code updates until they got a lot of backlash for it. Still, since its centralized, it can’t be trusted to be running what they say they are.
Just looked at Session, and holy shit is that a massive downside…
From their own whitepaper:
So you have to pay to self-host, and that’s somehow an upside???
Which is a fine explanation in a world where everyone has a relatively equal amount of wealth. This is the epitome of dunning-kruger economics: a little knowledge is a dangerous thing.
So the more nodes a single entity holds, the harder it becomes for other entities to buy nodes and break the monopoly? Did you take 3 seconds to think this through???
“Assuming every user is a perfectly rational actor, malicious actors would be shunned. This is somehow due to the economic incentive, and not just how humans operate when they’re assumed to be perfectly rational.”
Also: malicious actors when they find out they might lose their money if they get caught: “welp, I better not do that then. Thanks laissez-faire capitalism!”
Jesus christ fucked on a pike, these dipshits really drank the crypto kool-aid, huh?
Matrix very recently has had e2ee calling since at least last april
I don’t host a server currently, so I can’t fully recommend it without knowledge of the backend, but i’m liking the experience as a user
I am under the impression that Signal encrypts metadata so that is useless to sell. The only thing they can turn over to law enforcement after a lawful warrant is the phone number an account was opened with (and maybe the date that happened) and the date of the last time the account was used. That is all.
Don’t they also need to store who to send your messages? From a technical point of view?
They store where to deliver the message, but not from who that message came.
signal’s “sealed sender” feature has an incoherent threat model
Didnt know abput that.
PRODUCT PITCH: Hey everyone, I have a great idea for a secure / private messaging service.
It’s hosted in the US, subject to its pervasive spying laws including national security letters.
Also I need all your phone numbers.
Also no you can’t host this yourself, I run the only server.
Everyone who uses signal and supports it, is falling for this pitch.
I have managed to get all my friendship group on signal and we use it daily. While it does have its flaws (mainly being centralised and US based), I try in life to not let perfect be the enemy of good. Until there’s a stable and easy to use alternative I can point my friends to, I imagine we’ll stay on Signal.
Requires you to use a phone number, your phone app needs to be online 24/7 to be connected, and hosted in a questionable jurisdiction with questionable human rights. Try Matrix. It’s selfhostable, doesn’t need a phone number to sign up and the foundation is British, which while this country from what I know has gone down the water, they still have some niceities from time they were in the EU, like GDPR.
I don’t know what the current reputation is but Matrix wasn’t always perfectly trustworthy either: hackea.org/notas/matrix.html
The 5 eyes CCTV GCHQ British? The rabid USSA, Shitrael bootlickers?
No thanks
Among other problems, Matrix is not a replacement for a messaging app. It’s more of a community message board with 1:1 private messages with the possibility of encryption. It is way more than most want or need.
I’ve also run a Matrix server in the past, and it’s not simple. The vast majority of people do not have the technical acumen, hardware infrastructure, or time necessary to even begin this endeavor.
Joining a public server where they don’t have control of the data requires a lot of trust in that instance and their owners. To expect them to vet those owners first, verify the servers are in a trusted country, … 10 more steps, before they begin is asinine.
Matrix is not an alternative to any messaging apps mainly intended for 1:1 communication.