What encrypted messenger do you use most that isn’t Zucking Meta’s Whatsapp and Signal?
Edit Also, besides iMessage and RCS. Sorry thanks
iMessage and Threema
I use Jami and Session. Interested to check out SimpleX Chat though.
What do I use the most or what do people use the most? I use Matrix the most as most of my friends are on it (+ have it bridged with some chats that aren’t on Matrix). Then after that SimpleX. I don’t know what the most popular encrypted messengers among the general population, except for the ones you listed, are.
Out of curiosity, what’s wrong with signal?
aside from the dogshit UX and the uber reliance on Evilcorp’s infra, having more than two devices (I know, shocker in this day and age!), the arduous migration process to a new device, the limited chat history (I think it’s 40ish days) and many more.
same way Telegram adamantly refuses to implement E2EE, and not only that, it actively prevents 3rd party devs (a number of clients are FOSS) from implementing it on their own.
both PJ Harvey and durov respond the same way when asked about any of them things - smokescreens, FUD, whataboutisms, etc.
any of them things woulda been acceptable in 2015, here’s a PoC looking for funding, limited devs and resources; remember TextSecure and RedPhone? nowadays, they are nothing short of malicious.
For example, some people don’t like that it’s centralized. It’s not like e-mail, where you can register with any provider and then cross-communicate. Moxie wrote more about this here
Understood. Thank you. It’d been some time since I’ve scrutinized Signal. It was a set-it and forget-it type situation.
- Requires a phone number
- Depends on Big Tech’s servers
- Got founded by the US government
- Seems to absolutely love Big Tech because they hide the APK download page quite well[1]
- It’s centralized
I use my own Snikket server to communicate with people using OMEMO (Signal Protocol). No phone number requirements, no centralized server, no Big Tech, just you and the people you write with, with your privacy fully intact. Just like in the good old days (as it should be to this days, greedy f*****s).
[1]: signal.org/download > Android redirects you to Google Play Store. signal.org/download/android > Download for Android redirects you to Google Play Store. signal.org/install redirects you to Google Play Store. You’ll search “forever” to find the “download APK file” link until you give up and using a search engine: “signal apk”.
Not until then you’ll find signal.org/android/apk. And when you visit that page, a link to Google Play Store is listed on top, and below it, in the “danger zone”, you’ll find the APK download button. Yes, exactly, the Signal team wants you to be on the “safe zone” by downloading the app through Google Play Store.
“focus on privacy” my ass. Close to forcing someone to use Big Tech shitty stuff is NOT focus on privacy.
Sorry, rant is over. Now breakfast time.
Thanks for the info! All good points. I’ll keep snikket bookmarked for when I’m more competent in my server/self-hosting abilities and revisit how I chat.
What is the difference with xmmp , conversations , prosody?
XMPP is the universal standard when it comes to chat servers. WhatsApp is using it, just to name 1 example.
Conversations is a client for XMPP servers.
how’s the chat history with snikket? I had issues with prosody, namely multiple devices coming and going and maintaining the same chat history between all of them, as well when there’s a disconnect (device gone forever, new device connects)
just skimmed their confusing web site, it’s free for selfhosting, right?
The chat history is there until you change client/device and got a new set of keys. New encryption keys can’t decrypt messages and files sent with a previous keys.
Snikket is FOSS, so yes, it’s free when self-hosting :)
sorry for reiterating, so cross-device sync is totally impossible? or just something you don’t use?
If you login to your account on your Snikket server on all the devices you have at home, and you remain logged in for all the time you use your Snikket server, everything will be synced over all these devices.
Let me explain it further. You login to your Snikket server on 3 devices (desktop, laptop, and smartphone) and you use only these 3 with no re-installing the operating system and not factory resetting the smartphone, you will keep getting the history on these 3 devices - synced.
But you decide to try out a new XMPP client, let say monocles chat. Since that client is new for your account, that client will get its own encryption key. Because of this, monocles chat can not read anything you and the contacts you have communicated with. This also applies when you re-installing the OS or do a factory reset.
End-to-end encryption 101.
Let say this would not be the case and monocles chat do see the history of all of your chats, that data must remain on the server and can be decrypted by the new client with maybe a master encryption key of some sort. This is not end-to-end encryption 101. That would be a security breach.
However, letting you export the chat history from the other clients and importing the chat history to monocles chat, that would be much better. Because then it is you who decides if you want to keep the chat history or not. You will be in control over your own data. This is a feature I miss in XMPP clients.
appreciate the effort, but kinda went overboard with the deets :) I run several prosody XMPP servers so I’m familiar with the underlying tech. what you describe should be feasible with it as well, but there are constant issues with devices not being able to access history, so I was wondering if things were better on your end.
so, based on this, I’ll spin up a snikker docker and try it out for a coupla weeks, see what’s what. many thanks.
edit: turns out this snikket thing is conversations (standard XMPP client) and prosody (XMPP server) with different branding.
And to add to all of that the user experience is bad.
Threema, also has public groups sort of like Telegram
session and jami
deleted by creator
Just “encrypted”? Probably iMessage.
I use SimpleX most often. I use Matrix fairly often, too, but none of the rooms I frequent are encrypted.
Besides your list? Matrix via element or elementX. I’ve been test driving arcane chat, which is decent enough, but too new to be widely used enough to really say much.
XMPP with OMEMO?
Concersations.im. It’s my backup because it supports OMEMO and OpenPGP.
Besides that, Element (Matrix). I use it for its public rooms.
Kind of ironic to use a private messenger that requires a Google account.
Huh? Which messenger requires a Google account? I’ve been using both Element and Conversations on Google-free Android devices with accounts not connected to Google for years.
Conversations is only available via Play Store and costs $8.
I got it from F-Droid for free.
I see how the website gives that impression, which I assume is an attempt to push non-technical users toward an install method that does not lead to support requests and helps fund the project.
The site also mentions that you can build it from source for free, so it’s not technically claiming that it’s only available from the Play store. If you follow that link, you’ll see that availability on F-Droid is prominently displayed on the README.
SimpleX
None of these are verifiably private. SimpleX, Matrix and PGP encrypted messages (you can use any messenger here) are some truly private options.
I believe matrix can leak metadata.
No forward secrecy with PGP.
