• GadgeteerZA@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    3 years ago

    Secure (knowing but not being able to access) being different from privacy (no-one knows who) and of course remembering that the more private especially, the more difficult to locate anyone you actually know as zero e-mail, phone numbers, etc should be used… I’d still say Matrix is the simpler and easier secure messenger for most to use and where they have a good chance of finding others actually using it.

    Can also mention Wickr Me, Wire and Threema. Briar Project would have been a good option except it is only Android which really holds it back from broader use. Another consideration is whether mobile to mobile is satisfactory (peer-to-peer is sometimes an issue with mobile) or whether you would use desktop clients along with mobile, as that then also narrows some choices. From a privacy perspective, specifically metadata is important and why Signal and WhatsApp fall down even though they may have secure E2EE.

    • Lunacy@lemmy.ml
      link
      fedilink
      arrow-up
      4
      ·
      edit-2
      3 years ago

      From a privacy perspective, specifically metadata is important and why Signal and WhatsApp fall down even though they may have secure E2EE.

      Actually, signal minimize metadata. The sealer metadata is encrypted, only the address remains unencrypted. Also, signal received subpoenas in 2016 from from the Eastern District of Virginia and in 2021 from from the United States Attorney’s Office in the Central District of California. Those subpoenas requested a wide variety of information that fell into this nonexistent category, including the addresses of the users, their correspondence, and the name associated with each account. In fact, signal only provided;

      • Unix timestamps for when each account was created
      • Unix timestamps for date that each account last connected to the Signal service.
      • GadgeteerZA@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        3 years ago

        And of course the phone number… I really prefer something that requires zero phone number (like Session as an alternative) but thing is you’ll find most people on Signal (through their phone number)…

        • Lunacy@lemmy.ml
          link
          fedilink
          arrow-up
          4
          ·
          edit-2
          3 years ago

          I’d also prefer services that requires no phone number. However, in the end it’s not really a concern for the vast majority of people. In the context we usually live almost everyone uses privacy invasive services. so if a person ditch services like WhatsApp for Signal it’s a win. It’s highly unlikely that a regular Joe who doesn’t know a squat about privacy and security is going to use more private services like matrix,session, briar etc.

          Signal it’s quite good in this area, the initial setup and GUI it’s quite equal to WhatsApp, E2EE is on by default and doesn’t require any additional user interaction, the metadata collected is minimized etc.