Manu

Best apps for private messaging

https://lemmy.world/post/42893685

Best apps for private messaging - Lemmy.World

Hello. I am looking for an alternative to Telegram and I prefer an application that uses decentralised servers. My question is: why is the xmpp+omemo protocol not recommended on websites when it is open source and decentralised? The privacyguides.org [http://privacyguides.org] website does not list xmpp+omemo as a recommended messaging service. Nor does this website include it in its comparison of private messaging services. https://www.privacyguides.org/en/assets/img/cover/real-time-communication.webp [https://www.privacyguides.org/en/assets/img/cover/real-time-communication.webp] Why do you think xmpp and its messaging clients such as Conversations, Movim, Gajim, etc. do not appear in these guides?

Feb 9 at 6:09amWeb
Show threadtastemyglaiveFeb 9
Signal at #1 and #2 spots 😭 only 4 options 😭 100% of options funded by western governments 😭 yup it’s a .world user’s post
Show threadVictorFeb 9

Could you elaborate on why Signal is a bad choice?

Are SimpleX and Briar also poor choices? Delta Chat?

And maybe why being funded by western governments is a bad thing as opposed to other governments?

Thanks 🙇‍♂️

Show threadtheherkFeb 9
It isn’t. But I see this same post over and over. Really feels like there is a campaign against signal. Also tor developed by US Naval Research, so I guess it’s bad too.
Show threadtastemyglaiveFeb 9

good to know leaking phone numbers and being the main Discord alternative used by congress and Jeff Bezos on a centralized server isn’t a problem on .world

TOR nodes are mostly run by the US government and independent cryptocurrency entrepreneurs (Jeffrey Epstein email chain inhabitants)

if you had half a brain you would use i2p

Show threadtheherkFeb 9
Cool strawmen; I didn’t say any of that. Signal protocol is awesome for privacy, not anonymity. Maybe I don’t have half a brain, but I happen to think the double ratchet implementation is an impressive piece of tech. Maybe I’m as dumb as your fever dream, but compromised exits doesn’t make tor any less of an achievement. Though i2p is also superb. I guess my brain is too weak to understand why those statements are mutually exclusive.
Show threadtastemyglaiveFeb 9
What a smug way to confirm everything I said is true. Your low standards are indeed none of my business. Take care :)
Show threadtheherkFeb 9
You’re the one making insults and I’m smug? Care to actually dispute anything said with reason?
Show threadArthur BesseFeb 9

Signal protocol is awesome for privacy, not anonymity

The “privacy, not anonymity” dichotomy is some weird meme that I’ve seen spreading in privacy discourse in the last few years. Why would you not care about metadata privacy if you care about privacy?

Signal is not awesome for metadata privacy, and metadata is the most valuable data for governments and corporations alike. Why do you think Facebook enabled e2ee after they bought WhatsApp? They bought it for the metadata, not the message content.

Signal pretends to mitigate the problem it created by using phone numbers and centralizing everyone’s metadata on AWS, but if you think about it for just a moment (see linked comment) the cryptography they use for that doesn’t actually negate its users’ total reliance on the server being honest and following their stated policies.

Signal is a treasure-trove of metadata of activists and other privacy-seeking people, and the fact that they invented and advertise their “sealed-sender” nonsense to pretend to blind themselves to it is an indicator that this data is actually being exploited: Signal doth protest too much, so to speak.

Why does Signal want a phone number to register if it's supposedly privacy first? - Lemmy

I remember a time when visiting a website that opens a javacript dialog box asking for your name so the message “hi <name entered>” could be displayed was baulked at. Why does signal want a phone number to register? Is there a better alternative?

Show threadToTheGraveMyLoveFeb 9
I Facebook said they enabled E2EE, theres zero evidence and zero way to verify that. Facebook has been caught in lie after lie. They most likely lied about that too.
Show threadArthur BesseFeb 9
Many people have reverse-engineered and analyzed whatsapp; it’s clear that they are actually doing e2ee. It is not certain that they don’t have ways to bypass it for targeted users, and there is currently a lawsuit alleging that they do, but afaik no evidence has been presented yet.
Show threadToTheGraveMyLoveFeb 9
I personally wouldn’t consider it E2EE if they can easily bypass it, which all logic would dictate they can. Your message isn’t going to be picked up by a 3rd party, but if a techno-fascist corporation in league with a rouge fascist state can read it, then its not secure at all.
Show threadArthur BesseFeb 9

In case it wasn’t clear, I’m certainly not advocating for using WhatsApp or any other proprietary, centralized, or Facebook-operated communication systems 😂

But I do think Facebook probably really actually isn’t exploiting the content of the vast majority of whatsapp traffic (even if they do turn out to be able to exploit it for any specific users at any time, which i wouldn’t be surprised by).

Show threadToTheGraveMyLoveFeb 9
Like I said, Facebook is actively in cahoots with Trumps fascist agenda. I fully believe if you live in America at least they are using your chat history to build a profile on you for Palantir’s surveillance system. Like you said, there is no hard evidence for it, but based on their history, their lack of morals, their zero ethical standards, and the lack of legal repercussions for anything big tech does, you’d have to be a fool to trust any software they’ve developed.
Show threadorc girlyFeb 10
Rouge fascist?
Show threadToTheGraveMyLoveFeb 10
That’s not a sentence. What are you asking?
Show threadorc girlyFeb 10
Wanted to know if it’s a typo or wdym by that
Show threadToTheGraveMyLoveFeb 10
I think one could have reasonably assumed I meant to type rogue. Fat thumbs and all that.
Show threadtheherkFeb 9

It isn’t a meme. It is a fact of modern cryptography in many settings. For example TLS, which is a huge bulk of the traffic, guarantees again privacy not anonymity. I’m not saying one shouldn’t care about metadata privacy. Every communication one engages in requires risk benefit analysis. If your threat modeling shows that for a given message, anonymity is required, then signal, and nearly every single other protocol out there is insufficient.

That doesn’t mean TLS or lib signal, or any other cryptographic tool is not useful, especially in conjunction with other tools.

There are many cases where I want my messages to be private and the cost of entry for the message receiver to be low. Signal is great for that. But I’m not saying no other tools should be considered, just that signal is good at what it does.

Show threadArthur BesseFeb 9

“Anonymity” is a vague term which you introduced to this discussion; I’m talking about metadata privacy which is a much clearer concept.

TLS cannot prevent an observer from seeing the source and destination IPs, but it does include some actually-useful metadata mitigations such as Encrypted Client Hello, which encrypts (among other things) the Server Name Indicator. ECH a very mild mitigation, since the source and destination IPs are intrinsically out of scope for protection by TLS, but unlike Sealed Sender it is not an entirely theatrical use of cryptography: it does actually prevent an on-path observer from learning the server hostname (at least, if used alongside some DNS privacy system).

The on path part is also an important detail here: the entire world’s encrypted TLS traffic is not observable from a single choke point the way that the entire world’s Signal traffic is.

Show threadtheherkFeb 9

Don’t mistake me for saying you’re wrong. I agree with you, mostly. But sealed sender isn’t theater, in my view. It is a best effort attempt to mitigate one potential threat. I think everybody would like that solved but actually solving it isn’t easy as I understand it. Maybe not intractable, but if you have a solution, you can implement it. That is one of the things I like about free software.

In any case, I’m only saying Signal is good for a subset of privacy concerns. Certainly not that it is the best solution in all cases.

Show threadArthur BesseFeb 9

sealed sender isn’t theater, in my view. It is a best effort attempt to mitigate one potential threat

But, what is the potential threat which is mitigated by sealed sender? Can you describe a specific attack scenario (eg, what are the attacker’s goals, and what capabilities do you assume the attacker has) which would be possible if Signal didn’t have sealed sender but which is no longer possible because sealed sender exists?

Show threadtheherkFeb 9

Sure. If a state serves a subpoena to gather logs for metadata analysis, sealed sender will prevent associating senders to receivers, making this task very difficult.

On the other hand, what it doesn’t address is if the host itself is compromised where sealed sender can be disabled allowing such analysis (not posthoc though). This is also probably sensitive to strong actors with sufficient resources via a timing attack.

But still, as long as the server is accepting sealed sender messages the mitigation is useful.

Show threadArthur BesseFeb 9

Sure. If a state serves a subpoena to gather logs for metadata analysis, sealed sender will prevent associating senders to receivers, making this task very difficult.

Pre sealed-sender they already claimed not to keep metadata logs, so, complying with such a subpoena^[it would more likely be an NSL or some other legal instrument rather than a subpoena] should already have required them to change the behavior of their server software.

If a state wanted to order them to add metadata logging in a non-sealed-sender world, wouldn’t they also probably ask them to log IPs for all client-server interactions (which would enable breaking sealed-sender through a trivial correlation)?

Note that defeating sealed sender doesn’t require any kind of high-resolution timing or costly analysis; with an adversary-controlled server (eg, one where a state adversary has compelled the operator to alter the server’s behavior via a National Security Letter or something) it is easy to simply record the IP which sent each “sealed” message and also record which account(s) are checked from which IPs at all times.

Show threadtheherkFeb 9

Yes, subpoena was poorly worded. NSL is more likely. But still it is a time-forward threat, which means there is value while the server is or was accepting sealed sender.

And I wasn’t suggesting timing attack is required to defeat sealed sender. I was, on the contrary, pointing out that was a threat even with sealed sender. Though that is non-trivial, especially with CGNAT.

So in summary. You’re right. Sealed sender is not a great solution. But it is a mitigation for the period where those messages are being accepted. A better solution is probably out there. I hope somebody implements it. In the meantime, for somebody who needs that level of metadata privacy, Signal isn’t the solution; maybe cwtch or briar.

Show threadArthur BesseFeb 10

So in summary. You’re right. Sealed sender is not a great solution. But

Thanks :)

But, I still maintain it is entirely useless - its only actual use is to give users the false impression that the server is unable to learn the social graph. It is 100% snake oil.

it is a mitigation for the period where those messages are being accepted.

It sounds like you’re assuming that, prior to sealed sender, they were actually storing the server-visible sender information rather than immediately discarding it after using it to authenticate the sender? They’ve always said that they weren’t doing that, but, if they were, they could have simply stopped storing that information rather than inventing their “sealed sender” cryptographic construction.

To recap: Sealed sender ostensibly exists specifically to allow the server to verify the sender’s permission to send without needing to know the sender identity. It isn’t about what is being stored (as they could simply not store the sender information), it is about what is being sent. As far as I can tell it only makes any sense if one imagines that a malicious server somehow would not simply infer the senders’ identities from their (obviously already identified) receiver connections from the same IPs.

Snake oil (cryptography) - Wikipedia

Show threadIgnoranceisnotablissFeb 10

They bought it for the metadata, not the message content.

I doubt that, the app very likely has a backdoor

Show threaddexternemrodFeb 9

@tastemyglaive

@theherk

Bold claim. Any reliable sources about your statements?

Show threadtastemyglaiveFeb 9
not concerned with your data security, just clowning on OP. best of luck
Show threadIgnoranceisnotablissFeb 10
kitklarenberg.com/…/signal-facing-collapse-after-…
Signal Facing Collapse After CIA Cuts Funding

All my investigations are free to access, thanks to the generosity of my readers.

Global Delinquents
Show threadVictorFeb 10

Kind of similar to how horrendous experiments in humans in the past have provided a lot of insight in the field of medicine, to benefit us all.

Is that the takeaway? Maybe I’m missing something big right on my nose.

Show threadHelloRootFeb 9
And no mention of threema even though it fulfills all their listed criteria
Show threadSips'Feb 9
discuss.privacyguides.net/t/…/2
Threema (Instant Messenger)

I have not heard of any technical problems with Threema, but we do not recommend paid messengers because overcoming the “network effect” is difficult enough for capable free alternatives like Signal and Matrix as it is. As far as Wire, there are a number of reasons for this which you can read here: Delisting Wire from PrivacyTools.io

Privacy Guides Community
Show threadHelloRootFeb 9
Interesting discussion, the opinions go both ways but the official ones seem to disregard the facts, which I find quite biased.
Show threadtastemyglaiveFeb 9
the hell is threema
Show threadHelloRootFeb 9
Guess from the context: another privacy focused messenger app
Show threadArthur BesseFeb 9

100% of options funded by western governments

One of their four, SimpleX, is not funded by western governments (…but it instead has some venture capital 🤡)

Show threadDeepSpace9mmFeb 10

Not just .world. I saw people from all over recommending matrix by element, and element works with the police and nato

I’m not even a tech knower and found that connection

Show threadtastemyglaiveFeb 11
yeah it’s more about whether you’re capable of making connections yourself instead of google searching “how do i hide texts from government 🥺” than being a tech knower so you will go far #XMPP
Show threadShimitarFeb 9
Self host your matrix server, use Continuwuity not Synapse, and do not enable federation.
Show threadonlookerFeb 9
Why not Synapse?
Show threadSonalderFeb 9
It runs like shit, at least when I tried it. Never heard of Continuwuity, will looks into it thanks.
Show threadShimitarFeb 9
Its the rebirth of Conduit -> Conduwuit -> Continuwuity. Built with rust, it’s a community project that is pretty stable and finally free of drama.
Show threadonlookerFeb 10
Wait a sec, I run Conduit on my test machine and seems fine so far. What drama did I miss?
Show threadShimitarFeb 10

Conduit has been dead in development for years now. Conduwuit was the successor, then some drama got it shut down and reborn (new maintainers) as Continuwuity.

Conduit saw no up grades in years IIRC and its basically abandoned I guess.

Show threadonlookerFeb 10
Thanks for explaining. But unless I’m missing something, Conduit doesn’t seem to be quite dead just yet. I got upgrade notifications throughout 2025, the latest two being in December; one for v0.10.10 and the other for v0.10.11.
Show threadShimitarFeb 10
Good to know!
Show threadShimitarFeb 9
Super heavy, and overkill unless you need to run matrix.org itself.
Show threadu_tamtamFeb 9
Then why bother with Matrix at all if that’s not for the federation? You give yourself the trouble and inefficiencies of an over-engineered protocol you won’t even use.
Show threadShimitarFeb 10
Because matrix has the bet bridges so I can centralize all other protocols on my matrix server (Continuwuity) and have whatsapp, telegram, Signal all accessible from one single app.
Show threadu_tamtamFeb 10
All those bridges rely on some community-made libraries developed by few individuals unrelated to Matrix, so, not only there isn’t much Matrix-specific to them, but it’s reproduced for other protocols, JFYI: slidge.im
slidge.im — Gateways from XMPP to Other Networks

Slidge is a chat gateway library for XMPP built in Python, and a set of gateways for other networks.

Show threadShimitarFeb 10
Good to know… Well I am on matrix now, so no need to switch, but will keep in mind.
Show threadu_tamtamFeb 10
At least you are on the continuwuity side of it, which is much more sane than hosting synapse (but you are missing out on many features I guess. If you get tired of this eventually, give ejabberd a shot, it’s self-contained with all features, including VoIP/AV calls.
Show threadIgnoranceisnotablissFeb 10
No. forum.hackliberty.org/t/…/224
Why We Abandoned Matrix: The Dark Truth About User Security and Safety

WE HAVE MOVED TO SIMPLEX Anyone that agrees to our Code of Conduct is welcome to join our Simplex Hack Liberty Community Room and our Simplex server, a decentralized, metadata resistant alternative to Matrix! Incognito profiles welcome! Hack Liberty SMP Server smp://esPsfRFGZd2TRyKijJDorCMo3Ld-QD8Cq8ASx8qrY_Q=@simplex.hackliberty.org,gstc5w42xawazcr4txrcyhitmkhiyu2vkkwy2xhwovbhlapzrccjeyad.onion Hack Liberty XFTP Server xftp://[email protected]...

Hack Liberty
Show threadShimitarFeb 10
I share your concerns with the matrix organization. Most of the other concerns on that article don’t apply to a private instance with only just less than a handful of users who anyway live together or share more than an online existence.
Show threadmyszkaFeb 10
Conduct is also pretty neat as a server
Show threadshuva_metaFeb 9
You should check out “keet” or “Jami” for privacy message app.
Show threadtoothbrushFeb 9

Jami is nice in theory, but it was very buggy for me when I tried it and Jami calls had no noise cancelling at all. Other than that, it does work.

I cant find the “keet” git repo, I think its proprietary. So thats a no go for privacy.

Show threadshuva_metaFeb 9

github.com/holepunchto/keet-appling-next

Here is the github link, note that, this is the “shell” of the desktop. There is another repo specifically for android app.

keet.io is the official website

Developer is holepunch and uses “pear” peer-to-peer protocol.

GitHub - holepunchto/keet-appling-next: Keet application shell

Keet application shell. Contribute to holepunchto/keet-appling-next development by creating an account on GitHub.

GitHub
Show threadtoothbrushFeb 9

Yeah, I saw that too, that not the full source code. I found another repository for the android releases: github.com/holepunchto/keet-mobile-releases

Again, no source code, just binaries. Rather shady I think…

Show threadSonalderFeb 9
Yeah Keet (and Pear in general) are doing some open washing, branding their apps as open source while using very restrictive licences, at least that’s how I feel about them. It’s closer to source available to my eyes.