I’ve been inspecting this topic quite a lot and I’m a little confused now. So, we have reasons not to use Signal, reasons not to use Matrix, there were also some claims about Session being a fraught. Briar is mostly activists related (not very suitable for daily use), XMPP lacks good clients and suffers from fragmentation of protocol standards implementation, SimpleX is too feature-incomplete (no UnifiedPush support, big battery drain on Android, very decent desktop client without any message sync). I can’t say a lot about Threema or Wire, as I’m not very familiar with them.

So, my question is — is there any good private messenger at all? What do you think is the most acceptable option?

EDIT: In addition to my post:

All messengers have their flaws, I’m well aware of that. I was interested in hearing users’ opinions regarding these shortcomings, not in finding the perfect messenger. I may have worded my thoughts incorrectly, sorry for that.

  • mipadaitu@lemmy.world
    link
    fedilink
    English
    arrow-up
    114
    arrow-down
    13
    ·
    3 months ago

    That article in Signal is bogus. It is entirely based on speculation from how funding comes in, and also either ignores, or misunderstands how Signal fundamentally works.

    The EFF recommends Signal, and it’s one of the most secure ways to communicate.

    https://ssd.eff.org/module/how-to-use-signal

    You can make your own decisions, but if you just grab any random arguments, you’ll find a reason to doubt everything.

    • FeelzGoodMan420@eviltoast.org
      link
      fedilink
      English
      arrow-up
      44
      arrow-down
      12
      ·
      3 months ago

      Lemmy has some sort of slander campaign going against Signal. Can’t tell if it’s just misinformed idiots or a paid shill smear campaign being run here (likely the former, Lemmy is too small for companies to give a shit about.) It’s really annoying. Same with Mozilla and Firefox. Not sure Lemmy likes anything?

        • Cenotaph@mander.xyz
          link
          fedilink
          English
          arrow-up
          33
          arrow-down
          5
          ·
          3 months ago

          Signal has usernames (must be enabled) and you can have your phone number hidden from public view & prevent it from being used to search up your acc

          • Dessalines@lemmy.ml
            link
            fedilink
            arrow-up
            35
            arrow-down
            9
            ·
            3 months ago

            That got added recently, but you still need a phone number to sign up. A phone number is tied to your identity, meaning that signal’s database has the names and addresses of everyone who uses it. And since signal is US-based, its subject to US national security letters, meaning its illegal for signal to tell anyone that the US government has requested information about who they’re talking to.

            Under the Obama administration, an average of 60 NSLs were issued every single day.

            • Sparkega@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              3 months ago

              It’s not too difficult to establish a Signal account from a burner number from a prepaid sim card. I currently have a Signal account tied to a sim not in my name. Getting a burner with cash is an option. Or, if you’re lucky enough to live near a payphone and can gain access to the number, you can activate a signal with a phone call.

              • Dessalines@lemmy.ml
                link
                fedilink
                arrow-up
                4
                ·
                edit-2
                3 months ago

                There is no reason to do any of that. No one forced signal to use phone numbers as their primary identifier, and plenty of privacy oriented chat programs don’t require that.

              • Dessalines@lemmy.ml
                link
                fedilink
                arrow-up
                5
                ·
                3 months ago

                I’m sot trusting anything from signal themselves, just like I wouldn’t trust anything apple, microsoft, google, or any other US-based company with centralized services says about themselves.

          • toastal@lemmy.ml
            link
            fedilink
            arrow-up
            2
            ·
            3 months ago

            Let me message you without having an Android or iOS primary device then. Can’t do it.

    • Dessalines@lemmy.ml
      link
      fedilink
      arrow-up
      12
      arrow-down
      7
      ·
      3 months ago

      The US-state-department funding is important sure, but you also ignored every other point in that article.

        • Dessalines@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          3 months ago

          That rabbit hole goes very deep, but I’m not knowledgeable enough to speak on it. It could very well be a crypto AG style honey-pot, or already cracked tech, that we might not know about for years to come.

    • s38b35M5@lemmy.world
      link
      fedilink
      English
      arrow-up
      18
      arrow-down
      15
      ·
      3 months ago

      You can make your own decisions, but if you just grab any random arguments, you’ll find a reason to doubt everything.

      Agreed. Especially if your source is Dessalines. 🙄

  • Dessalines@lemmy.ml
    link
    fedilink
    arrow-up
    35
    arrow-down
    6
    ·
    3 months ago

    Almost all those can be self-hosted, and built from source, so matrix, xmpp, simplex, are fine. Don’t use anything that’s uses a centralized server in a five eyes country, like signal or threema.

    • MonkderVierte@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      3 months ago

      How is Threema in a five eyes country?

      I mean, sure, only the clients are open source. Don’t use it for that.

  • schnurrito@discuss.tchncs.de
    link
    fedilink
    arrow-up
    32
    arrow-down
    3
    ·
    3 months ago

    So, we have reasons not to use Signal, reasons not to use Matrix

    yes, nearly all possible things in the world have been argued by someone somewhere already

    • Boomkop3@reddthat.com
      link
      fedilink
      arrow-up
      7
      ·
      3 months ago

      From what I’ve seen there’s a lot of very bad security advice out there with even tech journalists and such just straight up repeating stuff they don’t understand

      • JubilantJaguar@lemmy.world
        link
        fedilink
        arrow-up
        15
        ·
        3 months ago

        This whole subject is such a chestnut here. No messaging option is perfect, you will need to compromise. If a perfect option existed you would have heard of it already. And if you haven’t heard of it, then by definition it must be small with few users and even fewer maintainers to keep an eye on its codebase and security, which is risky in itself.

  • MalReynolds@slrpnk.net
    link
    fedilink
    English
    arrow-up
    23
    ·
    3 months ago

    Depends a lot on who you’re talking to, and your, and their threat models. For many, signal provides pretty good protection, which brings us to a salient point, anything that actually provides good security will attract plenty of negativity, often from state level actors who feel (are) threatened. If you’re playing at that level, adam_y is right, dead drops and one time pads. Presuming lesser threat, signal beats telegram and FB etc. Email is plaintext unless proton to proton, encrypted email is fine (look at PGP) and indeed if you encrypt at home before sending it’s pretty much a dead drop anyway, as long as the other party has a key, and I’m wandering off the beaten path.

    Seems you want a secure messenger that works and are scared by random crap because you don’t have the relevant knowledge to decide (spoiler, very few do, and it’s insider knowledge, the world is imperfect), fair enough, but don’t let perfect be the enemy of good. As long as you’re willing to give up your phone number, Signal is well regarded (exchange privacy for security, you decide). But yeah, no perfects, world imperfect, trust hard, deal ;)

  • jherazob@beehaw.org
    link
    fedilink
    English
    arrow-up
    23
    ·
    3 months ago

    Snikket is an attempt to solve the XMPP issues, or at least to reduce them, single all-in-one XMPP server distro and clients across platforms, and since it’s self-hosted no one should get their hands on your data (in normal circumstances).

    That said, the saying goes “Perfect is the enemy of Good”. Just because a solution is not perfect doesn’t make it unusable, any of those options you mention full of problems are a helluva better than FB Messenger or plain SMS for example. Depending on your threat model they might be more than enough.

  • adam_y@lemmy.world
    link
    fedilink
    English
    arrow-up
    20
    ·
    3 months ago

    Dead drops and one time pads.

    Set up a numbers station if you can afford it.

  • rcbrk@lemmy.ml
    link
    fedilink
    English
    arrow-up
    19
    ·
    edit-2
    3 months ago

    XMPP lacks good clients and suffers from fragmentation of protocol standards implementation

    • For Android: Conversations is excellent, also on F-Droid if you don’t want to use the Google store.
    • For iOS/MacOS: Siskin or iOS/MacOS: Monal.
    • For Linux/Windows: Gajim or Linux: Dino.

    “Protocol fragmentation” is not a valid complaint about XMPP – it’s like complaining that ActivityPub is fragmented; but that’s not a problem: you use the services (Mastodon, Lemmy, Kbin, etc) built with it which suit your needs, mostly interacting with that sector of the federation (eg, Lemmy+Kbin), but get a little interoperability with other sectors as a bonus (eg, Lemmy+Mastodon).

  • troed@fedia.io
    link
    fedilink
    arrow-up
    19
    arrow-down
    1
    ·
    3 months ago

    I don’t consider those comments regarding Matrix as problematic. Don’t use someone else’s server if you don’t trust them - including a third party lookup server.

    /selfhosting Matrix

    • AlphaAutist@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      3 months ago

      The article he linked specifically mentioned that the data is sent to matrix’s servers even when using a self hosted server though

    • toastal@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      3 months ago

      There’s a 90% chance the other end of your conversation will be with someone on Matrix dot org or a server they host for a organization. Like email, your other end is likely still using Google or Microsoft so the metadata & anything else unencrypted is going to be synced back to the centralized server.

  • OneMeaningManyNames@lemmy.ml
    link
    fedilink
    English
    arrow-up
    17
    ·
    3 months ago

    People say this over and over “depends on your threat model” and yet people seem to have a hard time understanding that. Your threat model is “who is your adversary and what he is willing/able to do”. Your security goal is what do you want to keep from your adversary.

    As others said, if you are an activist or sth important, perhaps you might want to build a working knowledge of cryptography yourself. If you just want META not being able to see your NSFW chat with your romantic partner Signal might be more than enough. In fact, people way more relevant than me also suggest that Signal is good even for bounty hunter vulnerability reporting.

    Having said that, what bugs me most is that people think the instant messaging format as suitable for everything: activism, jobs, crimes, broadcasting 1970’s prog rock for extraterestrials , whatever lmao. Do you really want to use your phone for all that? Like, just carrying the phone around in the first place nullifies your other precautions, for all advanced threat models beyond privacy of non-critical social messaging.

    Persistent/resourceful adversaries can eventually get to you, using a set of penetration and intelligence techniques, which means, if you are involved, the convenience of messaging your partners in crime from the phone in your pocket while waiting for a bus is a convenience you probably can’t afford.

    • haroldfinch@lemmy.ml
      link
      fedilink
      English
      arrow-up
      1
      ·
      3 months ago

      It’s impossible to escape the surveillance of those three letter agencies. We only got a brief glimpse into the other side of the curtain back in 2013, and there is no idea how advanced their surveillance technologies are, so why bother for a normie?

      It’s also painstaking if not impossible to wipe all your metadata from the internet, which can later be mined to infer personal data and sold by data brokers. Not to mention that people have jobs and use their credit cards, no way even to hide the most important personal identifying information.

      So using Signal, despite being centralized, is not too bad at all. Very few people can totally sacrifice convenience for privacy.

      • OneMeaningManyNames@lemmy.ml
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 months ago

        Not to mention that people have jobs and use their credit cards, no way even to hide the most important personal identifying information.

        Exactly, this is a lost cause. If you participate in society your essential data are simply out there. For most people the task is to minimize their footprint. If we are talking about evading mass surveillance, then we should take for granted that the person will be to one or another degree marginalized, or lead a fringe lifestyle.

  • Im_old@lemmy.world
    link
    fedilink
    arrow-up
    16
    ·
    edit-2
    3 months ago

    Simplex.chat

    No identifiers, pfp, FOSS, can route through tor.

    Or host your own matrix or xmpp server.

  • Cheradenine@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    16
    ·
    3 months ago

    For me SimpleX does everything I need. Unified push would be nice, and would address battery usage. I don’t need or want message sync, so that’s not an issue.

    They all have tradeoffs, so it’s just a matter of your priorities. For instance I’m OK with the higher battery drain because it’s not using Google.

  • Possibly linux@lemmy.zip
    link
    fedilink
    English
    arrow-up
    15
    arrow-down
    2
    ·
    3 months ago

    Use Signal or Simplex.

    Signal does require a phone number. However, as long as you understand what that means you are fine.

    • foremanguy@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      3 months ago

      Would recommended SimpleX over Signal if you want the “best”, but for users that are pretty new to this maybe Signal

  • 84skynet@discuss.online
    link
    fedilink
    arrow-up
    13
    arrow-down
    1
    ·
    3 months ago

    It really just depends on your threat model.

    Think it in this way: What is the most secure way to walk in the city? You’ll need a team of armed bodyguards and wear a full bulletproof vest. Do you REALLY need this level of security? Who are you protecting from? If the answer is a criminal organization or law enforcement, then yes, probably. But if the answer is a random thief, then you’ll probably need to just carry a gun, pepper spray, knife etc.

    Same goes for privacy online and messenger in this case. Are you an activist or a drug dealer? Then you’ll probably need Tails + something like SimpleX via TOR. Otherwise, if you are just concerned of typical surveillance capitalism (and don’t want the government to scan your chats like it probably will in the EU after Chat Control), in my opinion, Signal is the best compromise of privacy, security and convenience.