Secure (knowing but not being able to access) being different from privacy (no-one knows who) and of course remembering that the more private especially, the more difficult to locate anyone you actually know as zero e-mail, phone numbers, etc should be used… I’d still say Matrix is the simpler and easier secure messenger for most to use and where they have a good chance of finding others actually using it.
Can also mention Wickr Me, Wire and Threema. Briar Project would have been a good option except it is only Android which really holds it back from broader use. Another consideration is whether mobile to mobile is satisfactory (peer-to-peer is sometimes an issue with mobile) or whether you would use desktop clients along with mobile, as that then also narrows some choices. From a privacy perspective, specifically metadata is important and why Signal and WhatsApp fall down even though they may have secure E2EE.
From a privacy perspective, specifically metadata is important and why Signal and WhatsApp fall down even though they may have secure E2EE.
Actually, signal minimize metadata. The sealer metadata is encrypted, only the address remains unencrypted. Also, signal received subpoenas in 2016 from from the Eastern District of Virginia and in 2021 from from the United States Attorney’s Office in the Central District of California. Those subpoenas requested a wide variety of information that fell into this nonexistent category, including the addresses of the users, their correspondence, and the name associated with each account. In fact, signal only provided;
Unix timestamps for when each account was created
Unix timestamps for date that each account last connected to the Signal service.
And of course the phone number… I really prefer something that requires zero phone number (like Session as an alternative) but thing is you’ll find most people on Signal (through their phone number)…
I’d also prefer services that requires no phone number. However, in the end it’s not really a concern for the vast majority of people. In the context we usually live almost everyone uses privacy invasive services. so if a person ditch services like WhatsApp for Signal it’s a win. It’s highly unlikely that a regular Joe who doesn’t know a squat about privacy and security is going to use more private services like matrix,session, briar etc.
Signal it’s quite good in this area, the initial setup and GUI it’s quite equal to WhatsApp, E2EE is on by default and doesn’t require any additional user interaction, the metadata collected is minimized etc.
Secure (knowing but not being able to access) being different from privacy (no-one knows who) and of course remembering that the more private especially, the more difficult to locate anyone you actually know as zero e-mail, phone numbers, etc should be used… I’d still say Matrix is the simpler and easier secure messenger for most to use and where they have a good chance of finding others actually using it.
Can also mention Wickr Me, Wire and Threema. Briar Project would have been a good option except it is only Android which really holds it back from broader use. Another consideration is whether mobile to mobile is satisfactory (peer-to-peer is sometimes an issue with mobile) or whether you would use desktop clients along with mobile, as that then also narrows some choices. From a privacy perspective, specifically metadata is important and why Signal and WhatsApp fall down even though they may have secure E2EE.
Actually, signal minimize metadata. The sealer metadata is encrypted, only the address remains unencrypted. Also, signal received subpoenas in 2016 from from the Eastern District of Virginia and in 2021 from from the United States Attorney’s Office in the Central District of California. Those subpoenas requested a wide variety of information that fell into this nonexistent category, including the addresses of the users, their correspondence, and the name associated with each account. In fact, signal only provided;
And of course the phone number… I really prefer something that requires zero phone number (like Session as an alternative) but thing is you’ll find most people on Signal (through their phone number)…
I’d also prefer services that requires no phone number. However, in the end it’s not really a concern for the vast majority of people. In the context we usually live almost everyone uses privacy invasive services. so if a person ditch services like WhatsApp for Signal it’s a win. It’s highly unlikely that a regular Joe who doesn’t know a squat about privacy and security is going to use more private services like matrix,session, briar etc.
Signal it’s quite good in this area, the initial setup and GUI it’s quite equal to WhatsApp, E2EE is on by default and doesn’t require any additional user interaction, the metadata collected is minimized etc.