527
All I'll say is Threema. You pay once for a licence, so there's less bullshit people on it and they are based in Switzerland with it's privacy laws.
Proprietary?
Not sure, but probably. But looking at their history I think they have a good track record and it's used by the government as well in certain cases.
I can't imagine any messenger is private if you invite random people into a group chat 🤦♂️
Layer 8 security issue
error: problem between keyboard and chair
but nowadays maybe it works better with screen
PEBCAK Problem Exists Between Chair And Keyboard!
Knew of an IT help desk employee who used this as a resolution in a ticket. Yeah, he got fired as soon as the customer looked up what it meant.
load more comments
(1 replies)
The actual military grade (xmpp based) messengers implement security lables, meaning messages are tagged with the required security clearance and if you invite random people to a chat they can't see the messages.
EVERYONE SHOULD DOWNLOAD SIGNAL for PHONE-NUMBER-based communication, tho. Proper RCS is not here yet (and won't be in a long while), so let's try to mobilize people to Signal.
DeltaChat is cooler for non-phone based communications, IMO, and decentralization makes it way sexier and worth this tradeoff.
Actually RCS has encryption in the new spec now, and we could see encrypted RCS messages implemented on iOS and Android within a year.
But even so, use Signal.
RCS still leaks metadata like a sieve. Encryption, considering the platforms that exist today (Signal and SimpleX), should not be the minimum requirement. Plain-text messaging should not even be possible in modern secure messaging platforms. The platform should be open source and be engineered to mitigate the collection of metadata - like Signal and SimpleX.
load more comments
(3 replies)
I think they mean that it'll take time for everyone to get it. My carrier still doesn't even have RCS at all.
Isn't DeltaChat just PGP encrypted email? Could be wrong
Kinda, but that's the gist of it.
load more comments
(1 replies)
I use signal myself but I also use simple X. I can't use delta chat because I use proton for my email and therefore can't use delta.
Delta Chat is not associated with your email account, as far as I can tell. Am I wrong?
load more comments
(4 replies)
load more comments
(2 replies)
Signal is the place for top secret communications, but not for any government business, top secret or not (at least not when using a public instance - they could fork the project to keep decryptable records on gov servers where the official gov instance would run).
at least not when using a public instance - they could fork the project to keep decryptable records on gov servers where the official gov instance would run
All the people in the chat were high enough that the government for free provided them with secure rooms in their homes so everything would be done through government hardware and encryption programs.
Yes, ofc, using Signal was intentional to not keep any records/evidence.
load more comments
(1 replies)
load more comments
(5 replies)
Considering the US government now owns Meta and thus WhatsApp, it’s an interesting case… why did they use signal?
because "they" don't trust the people they "represent" and they want to avoid federal archives
they must know something about WhatsApp that we don't
There's nothing to know; facebook is facebook, and nobody trusts facebook for data security. Whatsapp is not, nor will it ever be, true end to end encryption, when facebook owns the locks and keys.
load more comments
(1 replies)
Disappearing messages
load more comments
(1 replies)
I personally use carrier pigeons with caesar cipher. I know I can't out tech google, so I will go medieval.
load more comments
(1 replies)
What kind of private communication can we talk about if you must have a valid phone number to use Signal?! Lol
Signal recently implemented "usernames" instead of phone numbers
Pretty sure you still need a phone number for an account, though - the usernames are just for sharing your contact with other people.
Most peoples' phone numbers are easily linked to their identity. Which means the government knows who's using Signal.
Usernames are definitely an improvement, but this is a fundamental limitation in Signal's design.
load more comments
(3 replies)
But still, to use it, you need a phone number, which in many countries can only be purchased with a passport. That's the main rule. If privacy is really needed, personal identification should be excluded so that it's basically impossible to determine who owns the account.
load more comments
(1 replies)
The exact reason why it's bad for top secret communications is why individuals should use it or something like it. That is government auditability.
Signal is great, that's why I'm suspicious that this recent story is to not only target journalism, but also secure app communication. I wouldn't be surprised if it's used as an excuse to remove signal from the app stores.
Hopefully I'm just being too paranoid.
Immediately had that thought as well.
Don't blame the barn for not holding the horses when you leave the fucking door open.
I don’t think that’s the case, I just think it is old people not know how to use technology.
Additionally, all these people in power are using signal, how is that not a loud endorsement that everyone should be on it.
Sadly, my contact list remains mostly on WhatsApp and Facebook messenger only.
load more comments
(3 replies)
load more comments
(3 replies)
Wherever Signal is mentioned, I shall mention SimpleX-Chat.
Zero user ID needed to use. No phone numbers and no username.
SimpleX-Chat!!!
Out of band key exchange is great -as long as people can physically meet and exchange QR codes. In reality, they are often sent via less secure means. As always, the humans are the weakest security link.
load more comments
(2 replies)
load more comments
(8 replies)
Consider Briar.
Uses Tor. Works directly over Bluetooth/WiFi if the internet is censored or shut down. Decentralized, no accounts. No phone number required.
Of all the options available, I feel like this one is the best suited to current threats (oppressive governments with all-encompassing surveillance, and the willingness to destroy critical institutions and infrastructure).
The app is super barebones right now - feels like SMS - but it works. Main downside is that both participants have to be online at the same time (maybe group chats can work around this?), since there's no servers.
load more comments
(5 replies)
Regarding the trick of an adversary gaining access by emailing or SMS'ing a QR code for adding another device...
Why does the new device not demand the PIN before being added?
load more comments
(2 replies)
view more: next ›
this post was submitted on 27 Mar 2025
527 points (96.8% liked)
Privacy
36501 readers
410 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS