Conversations?

I guess we could make one using newer FHE-RAM techniques and some edge case handling.

DeltaChat. I don’t use it myself because it’s built on electron (which basically excludes 99% of modern chat clients); but as it’s technically an email client turned into a chat client, we can assume you’re protected by PGP when writing to most users, and with the added effect of not needing to convince anyone to install anything since from their end it’s just an email.

After looking at the article about why not to use Signal it sounds like you’re looking for any excuse no matter how small to not use something. If that’s the case you might as well not communicate with anyone at all.

XMPP clients are fine albeit it all, as many as they are, slightly different as is the nature of the protocol. This just means there is value in contributing to existing clients, creating new clients, or embracing progressive enhancement (which most do for example with emoji reactions just being a quoted text reply & so on) & complete feature parity is a fool’s errand if you want an exensible protocol with diversity & experimentation in the community. With the broad exception of the Conversations Compliance, there isn’t a flagship client & instead the best ideas come to the most used or most innovative clients. I use Cheogram, Profanity, Gajim, Dino, Movim at different times (& would love to create my own). The protocol is stable, healthy, & ready for proposals for improvement.

If I compare this to the more-expensive-by-all-metrics-to-run Matrix, if it ain’t Element, you gotta problem since a vast majority of users are on it & using all of its features & no other client has anything near parity but are expected to have parity instead of allowing things to sometimes be gracefully missed or shown in a less than ideal manner as acceptable. This hurts experimentation. Good luck trying anything similar to GDPR when all nodes are design & required to duplicate all messages & attachments for all users to every server anyone in it comes from.

The only real gotcha is the same gotcha as Matrix when using multiple clients with double-ratchet encryption (ala Signal) is that clients will expire keys that haven’t been seen in a while & is hard to get both devices retrusting one another. Turning it off & on again rarely works & requires fiddling on both ends sometimes. I really should just use PGP for encryption more often…

@JustMarkov “Good” by what standard?
How anonymous do you really need to be? How much convenience are you willing to sacrifice in the name of secrecy?
I’m not an activist or journalist, I don’t live in a very authoritarian country (although I’m a bit cautious about sharing my political views)
So, for me sharing a phone number is not a big deal. But for others it might mean more.

The SimpleX battery drain issue does not affect everyone. At least for me, it has been perfectly fine.

Just out of curiosity: why is nobody recommending Tox?

good messenger for what?

if you want a solution for you and a bunch of your henchmen to coordinate and discuss totally-not-crimes with ephemeral comms, practically any E2EE solution will work; once the not-crimen is done, burn your accounts and toss the devices for good measure and you’re scot free.

if you want a secure messenger that’s part of a widely used communication platform where you can also do normal people shit and also convert normal people to actually use it (think getting contact deets from cute boy/girl at a bar or giving yours to a business correspondent without an elaborate powerpoint presentation on how to use it) and you want to enjoy the fruits of 20+ years of continuous IM development, like having top-notch UX, battery efficiency, network resiliency, quality voice/video calls, etc., without being spied on then such a thing doesn’t exist.

how come? meredith baxter recently stated that it costs signal $50MM/yr to run their infra. that money has to come from somewhere. if there are no advertising dolts dumping cash on spying on your social graph and convos, the remaining avenues for financing are few and far between.

in closing, there aren’t any super awesome messengers you weren’t aware of, everything is shit.

Kind of limited due to there not being an iOS version, but Briar is pretty decent. It was made to be usable in repressive areas by press and other groups, as well as in areas where bad weather has taken out cell and regular wifi. Can be used with phone data, but also offline via ad-hoc wifi and bluetooth. But stuff like Signal and SimpleX are more overall useful to more people (and I think SimpleX also supports offline local immediate area of each other like wifi and bluetooth but I don’t remember atm).

You will always find problems associated with every thing but here’s some recommandations :

For a good start, Signal and his forks (molly…)

For daily basis and better than Signal, choose SimpleX (SimpleX is only feature incomplete for the mainstream app, but in it you can send texts, voices, photos, videos, live messages, have a PP, a alias for your contacts…)

Important stuff and activism, use Briar

There are a few that do a good job of protecting our messages with end-to-end encryption, but no single one fits all use cases beyond that, so we have to prioritize our needs.

Signal is pretty decent at meta-data protection (at the application level), but has a single point of failure/monitoring, requires linking a phone number to your account, can’t be self-hosted in any useful way, and is (practically speaking) bound to services run by privacy invaders like Google.

Matrix is decentralized, self-hostable, anonymous, and has good multi-device support, but hasn’t yet moved certain meta-data into the encrypted channel.

SimpleX makes it relatively easy to avoid revealing a single user ID to multiple contacts (queue IDs are user IDs despite the misleading marketing) and plans to implement multi-hop routing to protect meta-data better than Signal can (is this implemented yet?), but lacks multi-device support, drops messages if they’re not retrieved within 3 weeks, lacks group calls, and has an unclear future because it depends on venture capital to operate and to continue development.

I use Matrix because it has the features that I and my contacts expect, and can route around system failures, attacks, and government interference. This means it will still operate even if political and financial landscapes change, so I can count on at least some of my social network remaining intact for a long time to come, rather than having to ask everyone to adopt a new messenger again at some point. For my use case, these things are more important than hiding who is talking to whom, so it’s a tradeoff that makes sense for me. (Also, Matrix has acknowledged the meta-data problem and indicated that they want to fix it eventually.)

Some people have different use cases, though. Notably, whistleblowers and journalists whose safety might depend on hiding who they’re talking to should prioritize meta-data protection over things like multi-device support and long-term network resilience.

https://tox.chat/

It has no central servers, is completely open source and all messages are E2E encrypted. It also has video calls and file sharing which are E2E encrypted as well.

Wire is the best for security (it literally won’t let you send messages unencrypted), cost (its free), privacy (no phone number required), and usability for the masses (Foss client on all the platforms, messages sync between each client like you’d expect)

I haven’t found anything that checks all those boxes other than Wire (though I do wish we had other options that came close)

https://Wire.com

reasons not to use signal

Has this been updated in awhile?