I am a firm believer that there are many privacy techniques you should focus on before encrypted messaging because they will offer you much more “bang for your buck,” things like good passwords, two-factor authentication, and even encrypted email. That said, I still believe that encrypted messaging is a critical part of a well-rounded privacy and security strategy. While the vast majority of our day-to-day conversations may be benign, it can still offer a lot of insight into who we are as people – our routines, likes, and personal thoughts. This information – mundane or not – is worth protecting.

  • poVoq@slrpnk.net
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    XMPP, for example, does not enable end-to-end encryption by default

    Why always these false myths? The most popular XMPP mobile clients do enable it by default.

    • toastal@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      Right? It is a generic protocol for all sorts off communications, some of which don’t require encryption. Yet every modern chat client for human-to-human communication has OMEMO, OTR, & PGP encryption options.

      • matlag@sh.itjust.works
        link
        fedilink
        arrow-up
        0
        ·
        3 months ago

        XMPP is so bad it was the baseline for Whatsapp. You know: that minor platform that feels like IRC and never took off. A lot of the techno around you are old stuff that evolved, “new” techno usually comes with new unexpected issues. Then they mature, get better and… old?

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          0
          ·
          3 months ago

          It isn’t easy to setup and the core protocol is dated. You can add all sorts of extensions but at the end of the day the core system is old. It feels weird to push it over Matrix. If you want something simple use IRC as you can setup encryption.

          • EngineerGaming@feddit.nl
            link
            fedilink
            arrow-up
            0
            ·
            3 months ago

            Encryption support in IRC clients is WAY behind XMPP. The one I have seen consistently is OTR in form of an add-on, and even that people rarely install. Although IRC is indeed what I prefer for public groupchats.

            Matrix seems to be doing the same thing but consumes more resources. And as for setup - I have done that, it is indeed pretty easy, easier than Matrix.

        • 0x0@programming.dev
          link
          fedilink
          arrow-up
          0
          ·
          3 months ago

          And fully open-source and relying on standards from the get go.

          Gee i guess it ain’t cool, that’s why…

    • The Cuuuuube@beehaw.org
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      I immediately had my suspicions this article might contain some bullshit when I saw it was published by the new oil…

      • poVoq@slrpnk.net
        link
        fedilink
        arrow-up
        0
        ·
        3 months ago

        The article you linked is a highly misleading nothing burger. And enforcing e2ee at protocol level is a bad idea for many reasons.

          • The Cuuuuube@beehaw.org
            link
            fedilink
            English
            arrow-up
            0
            ·
            3 months ago

            Messengers are not protocols. They use protocols. Most XMPP clients use the same encryption scheme Signal does only without being dependent on a single specific server, allowing users to spread out. I recommend reading about the differences between targeting developing a platform and developing protocols. Once you do, you’ll see XMPP+Encryption in a better light than anything like Signal. The main problem in the current moment with XMPP+Encryption us that it isn’t where the people are. Us tech weirdos can start the push into that space a little bit, but we need “Normies” to adopt to, and for that we need to be clear on what were talking about. Comparing XMPP to signal doesn’t make sense. Comparing Cheogram to Signal does. And in the latter, cheogram frankly blows Signal out of the water for real privacy and security considerations

  • tmpod@lemmy.ptM
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    encrypted email

    Besides being a form of messaging (so the text somewhat contradicts itself), typical email is a deeply insecure protocol.
    In my opinion, it’s probably impossible to secure without making a new protocol or making such drastic changes that it might as well be considered one.

    Here are some key concerns regarding the usual PGP-powered encrypted email:

    • Email, at a simple level, works much akin to physical email — there’s an “envelope” containing important info regarding the communicating parties, which can’t be encrypted, otherwise the mailing servers wouldn’t know where to forward the messages. This essentially leaks a lot of metadata that can be almost as valuable as the message body itself.
    • There’s no forward secrecy — one of the best cryptography features that has become pretty much a commodity in modern systems is forward secrecy, which prevents attackers from decrypting older messages after gaining access to one of the keys.
    • While not an issue with the protocol itself, it’s the sad reality and we need to consider — most people use GMail, Outlook and the like, which ultimately need to read your emails in plaintext, for better or worse reasons (search is incredibly useful, but some big players don’t stop there of course :p).
    • Another thing is the fact that it’s incredibly easy to have an imbalance of encryption, i.e. someone is encrypting their messages, but others aren’t. With the very popular email culture of quoting (be it top or bottom posting), an unencrypted party in the the conversation can leak important information.
    • PGP is… peculiar, so to speak. I has a lot of issues, mostly stemming from its age (which could also be a source of robustness and security, due to being very battle-tested, but I don’t think that’s quite the case with PGP/GPG), tries to do too much and typically has a clunky UI, which impedes wider and proper adoption by less technically people.

    This isn’t to say people should definitely stop using and promoting encrypted email, since it can be useful.
    It’s just it gives, more often than not, a false sense of security and can lead less proficient users to send sensitive data through this medium which isn’t nearly secure enough for such use cases. Preferably, people with such threat models should opt for better alternatives, most suggested in that article (such as, but definitely not limited to, Signal, SimpleX, Matrix+Olm, XMPP+OTR/OMEMO, sharing files via MagicWormhole, encrypting with tools like age).

    On a slightly tangential note, I think someone should make a Matrix client with an email client interface. I started working on a new traditional chat client (completely nonfunctional still, very much in-dev), but I’ve been honestly thinking more and more about making one looking like an e-mail client, where there isn’t much focus on instant room-based chats, but rather on longer-lived 1-to-1 and list-like exchange of messages.

  • Jeena@piefed.jeena.net
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    What I like about Matrix so much is that it can be run fully on your own infrastructure, even the TURN server for VOIP, and you can build the clients from source yourself too.

    But I agree that it’s quite difficult to use. And until now only my dad and my spouse use it with me because they love me and trust me. But they both always have problems with their clients. It randomly logs out and then they have to login with the password and with the encryption key again. For a long time calling didn’t work because I misconfigured the server. Then videos were for the longest time uploaded in full size and anything longer than a few seconds would be rejected. The whole spaces thing is implemented very weirdly so it confuses them. And then the threads are even worse so we can’t use them because nobody gets how to do it.

    • ryannathans@aussie.zone
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      3 months ago

      Signal ux is much better fyi, though I accept it’s hard to roll your own. Trade offs are generally worth

      • Jeena@piefed.jeena.net
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        As far as I know you can’t host your own signal server which connects to their servers.

        I’m using Signal with the rest of the family and most friends.

        • ryannathans@aussie.zone
          link
          fedilink
          arrow-up
          0
          ·
          3 months ago

          Yeah they killed federation, though I can’t disagree with the reason. Thankfully you don’t need to trust the server

        • JustMarkov@lemmy.ml
          link
          fedilink
          English
          arrow-up
          0
          ·
          3 months ago

          As far as I know you can’t host your own signal server which connects to their servers.

          That’s right, Signal is not federated.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      3 months ago

      Use Simplex Chat instead

      The downside with Simplex Chat is that there is no server side accounts

  • hswolf@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    3 months ago

    As always, the problem isnt using a new service or super secure app, the problem is making everyone else I talk to use said app, not happening anytime soon sadly.

  • kitnaht@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    Another basic thing – If your messenger is throwing your messages in a notification; it’s being logged. Google was found to be logging almost all notification content. Make sure your message app isn’t putting the content of messages into notifications.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      3 months ago

      Unless you don’t have Google or Apple services.

      Also I don’t think they log the normal Android notification mechanism. (Not push)

      • kitnaht@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        3 months ago

        Yeah, if it’s a local notification, they’re not logging that – so far as I’m aware at this point in time.

    • themadcodger@kbin.earth
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      Do they also log everything that comes through a private ntfy server? Or just what goes through their notifications?

      • kitnaht@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        3 months ago

        NTFY uses the same mechanic that they do for push notifications; it keeps an open socket and then just communicates across the socket. So they shouldn’t be keeping track of that, so far as I understand the AOSP codebase.

    • GustavoFring@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      If the app implements their own notification system and doesn’t rely on GCM then Google isn’t able to log them as far as I know.

        • JustMarkov@lemmy.ml
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          3 months ago

          I can throw a few examples:

          • SimpleX
          • Threema Libre
          • Briar (afaik)
          • Conversations (XMPP client)
          • FluffyChat (matrix client), probably some others too
          • Telegram FOSS (Telegram fork), Mercurygram (Telegram FOSS fork)
          • Molly (Signal fork)
          • Session F-Droid (Session fork)

          So, the answer is — almost every of them.

          • BrikoX@lemmy.zipOP
            link
            fedilink
            English
            arrow-up
            0
            ·
            3 months ago

            Element X (Matrix client). Basically anything that offers F-Droid or open source release will have builds without built-in notifications. Play Store/App Store builds requires using native notification systems.

              • Possibly linux@lemmy.zip
                link
                fedilink
                English
                arrow-up
                0
                ·
                3 months ago

                I just run it in the background. It pulls almost no battery so it is a non issue.

                Also getting it to work with Unified push requires extra effort.

            • Possibly linux@lemmy.zip
              link
              fedilink
              English
              arrow-up
              0
              ·
              3 months ago

              Signal has a ton of the dependence on proprietary software. You won’t find Signal on F-droid.

              Best option is Molly foss

      • xh3ynd@fedia.io
        link
        fedilink
        arrow-up
        0
        ·
        3 months ago

        UnifiedPush instead of their own implantation would be better for power consumption ig.

        Overall a choice between which Notifier you want to choose would be nice.

        Between the apps own notifier and UnifiedPush (also has a Fallback to GCM if wanted)

    • 🏝Skoob🏝@sh.itjust.works
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      Now this is why I read comments. You’re absolutely right and I knew this info and just hadn’t put the two together. Thank you. Settings changed.

    • communism@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      You can also just use a degoogled os which won’t be logging your notification content. But in any case you shouldn’t have notifications as notifications are exclusive with at-rest encryption (or I guess you could have at-rest encryption but just have the db constantly decrypted whenever your phone is on? Seems to defeat the point then)

    • MigratingtoLemmy@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      That’s if they use Google’s push notification backend on firebase. FOSS apps from F-droid usually don’t.

      Tl;Dr install F-droid damnit

    • /home/pineapplelover@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      Molly uses UnifiedPush, so definitely try that. Also, Google may log notifications but they can’t read the messages iirc. Maybe they get some metadata idk.

      • kitnaht@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        3 months ago

        If you put the notification in unencrypted form, across google’s push notification system, it is logged in puretext. I, and everyone else knows, that messages can be encrypted. This was a warning about a very specific thing.

        Law enforcement has been doing this to signal users for a while now. The default is to not show the message in a notification, but users keep turning it on, and it uses Google’s notification servers. So law enforcement, got access to people’s signal messages, by going through Google to get the notification history/logs.

  • Treasure@feddit.org
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    TLDR: Avoid Telegram and WhatsApp. Recommended messengers are Session, Signal, SimpleX and Threema. Honorable mention: Briar.

  • Lemmchen@feddit.org
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    As a long time user of Session, it is hard to believe someone would describe it as “user-friendly”.

    • fira959@lemmy.ml
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      Matrix is the worst option when it comes to avoiding metadata. A group chat with users on 10 different servers will create ten different places to store the metadata with no way for any user to delete or edit this metadata. Its a privacy nightmare.

        • fira959@lemmy.ml
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          3 months ago

          All decentralized protocols have this issue. The servers need to handle metadata for chat groups, like who is part of which group. If the servers are under individual control, nobody can force them to delete this data. The question is, do you trust a non profit organisation like signal to minimize and delete metadata (which court orders have proven they do) or do you trust all individuals of a group chat to do the same when you manually ask them to.

  • JustMarkov@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    3 months ago

    SimpleX is currently my favourite. Yeah, there are some small concerns, but where aren’t they? I hope SimpleX can grow more popular and I’m also waiting for a full-featured desktop client, so it’ll be easier to convince people to switch.

  • ramenu@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    Why do people like Matrix? It’s really slow. Even most of the non-Electron clients consume a ton of resources (even more than Electron apps usually do).

    Especially Gomuks, by far the worst offender. It consumes nearly a gigabyte of memory and it’s a TUI.

    • BrikoX@lemmy.zipOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      I think it more comes down to it not being Discord than people liking it.

      • ramenu@lemmy.ml
        link
        fedilink
        English
        arrow-up
        0
        ·
        3 months ago

        Well, it’s not privacy-focused… but I do like Revolt for this purpose. It’s performant, looks very similar to Discord, and I think they’re adding E2EE eventually.

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          0
          ·
          3 months ago

          It is centralized and the moderation suck. They banned people for being homophobic because they said they were Christian. You can find more information online.

          • moonpiedumplings@programming.dev
            link
            fedilink
            arrow-up
            0
            ·
            edit-2
            3 months ago

            I attempted to find evidence to support this.

            I found one reddit post claiming this, but they themselves did not provide any evidence.

            freedom of religion is a human right bruh i did not say anything but i believe in god the banned me and claimed i was being homophobic 1. i said nothing about it 2. stfu even if i was

            ​Not exactly the most compelling piece of evidence, and this was all I could find.

            • Possibly linux@lemmy.zip
              link
              fedilink
              English
              arrow-up
              0
              ·
              3 months ago

              I can’t find it now but there was a person who was banned for saying the were Christian. They didn’t say anything more and the could as well been LGBQ+. There were a few other instances that I am forgetting of bad moderation.

              Anyway the centralized nature of Revolt Chat makes it no very appealing for me.

          • EngineerGaming@feddit.nl
            link
            fedilink
            arrow-up
            0
            ·
            3 months ago

            It is selfhostable though, so moderation would be an issue of individual servers rather than the whole thing.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      The issue has historically been with the server. (It was buggy as hell) These days it is much more stable and less prone to collapse.

      I don’t like Matrix because it gives a option to not encrypt communications. Encryption should be enforced and transparent

  • Wildly_Utilize@infosec.pub
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    3 months ago

    We’ve been on simplex for a few months, I like it quite a bit. We made diff accounts for each device and added them all to a group.

    Notifications arrive reliably on graphene (no google services), and KDE connect.

    I don’t love the desktop client and wish I could change text size and scaling. I was able to message the dev about it in simplex and got replies which was cool

  • sverit@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    3 months ago

    I like Signal, but I really miss multi device support. Same issue with Threema.

    • tmpod@lemmy.ptM
      link
      fedilink
      arrow-up
      0
      ·
      3 months ago

      Yeah that’s a bummer. Signal has multi device support but only for desktop and iPad (yeah, not Android tablets), but you always need to have a master phone device.

      It’s been an issue for so long, but this is Signal, they do whatever the f they want.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      It is not like they couldn’t support it. Simplex Chat has early support and Session has supported it for a long time.

    • sapporo@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      the fact that you like it doesn’t make best or even decent in terms of privacy