If you're just using a secure messenger on general principles, it doesn't matter much which one you use. Probably WhatsApp is your best choice.

But if you actually need secure messaging, you should be using the safest secure messenger. Since we don't know who's reading these recommendations and what they're doing with them, we should employ the precautionary principle, and be clear with people that systems like Telegram, while probably fine for keeping messages out of the hands of jealous ex-partners, are simply not up to the task of protecting messages from serious, well-funded adversaries.

I said that for me they are basically equivalent. And for now I pick Telegram as the best compromise I'm going to get (still using my mobile number, still a silo, crappy encryption vs usability and cross-platform/multi-device support).

You seem to say that people should cheer for Signal so that people that NEED the secure messaging features aren't lured into the wrong direction. That makes sense. But if someone reads HN for secure messaging recommendations .. I kinda expect them to read more than a single comment and do a bit of research.

People are pointing out that Signal doesn't satisfy some requirements for their individual needs. It's not a "You shouldn't use Signal" (which would be bad), it's a "You might not like Signal, if .. " listing reasons like federation and identity. In this setting here I think that's fair and reasonable. No harm done, no danger for a random person stumbling upon these discussions and dismissing Signal because a random person online said that it doesn't support federation.

Signal is a nice project, I'd recommend it for everyone that has hard requirements for their secure messaging solution. I still don't want to use it myself and feel that it's fair to point out why Signal cannot cater to everyone. That doesn't harm Signal or its global perception, I think.

But please remember the article we're actually commenting on starts like this:

One of the things I do is cryptography and infosec training for investigative journalists who have a need to keep either their sources and communications confidential so they can more safely do their work in the public interest.

Wishing that Signal would do things differently? Fair. Not recommending Signal to these users if it is your job to train them? Not a good idea.

How can Signal be considered secure if Google has the metadata?

Edit: OK, I get that maybe these are non-issues.

As long as Telegram isn't compromised by USA-allied countries (Iran is somewhat allied with Russia), it might be a safer choice than Signal for US journalists. The reason is that USA can easily send a letter to Google that would reveal a lot about that person + they have root on the device.

Just like the safest place for Snowden right now is in Russia.

Google definitely has root on your phone, but is that automatically an implication that Signal is compromised?

I just wanted to add some details: someone checked the Iranian phone numbers range at Telegram servers and learned which of them are registred with Telegram. Message contents or contact lists were not obtained.

I guess this attack could be done with other apps that use phone numbers and phone contact lists for identification.

As usual, security threads consist of ancient beliefs, non-users and stories of low-conscious people using high-tech software. And there is always someone who mentions whatsapp as an alternative. Things like wickr are not even mentioned here.

Yes, the phone number thing is a policy decision by the Signal people. As I write in my article, it's maybe marginally easier to get connected using phone numbers, but I may want to communicate via Signal with someone I don't want to give my phone number to. Handing out personal phone numbers on the willy nilly is not something I'm comfortable with. There's no reason why we couldn't have some other identifier, possibly easy to remember to connect us to via Signal. So this was a policy decision by the Signal people.

Federation is indeed hard to get right, but I think with proper versioning, and various teams keeping their software up-to-date and close to the reference paper/the Signal protocol, I see no reason why it cannot be overcome. For XMPP/Jabber it also works quite well.

Your answer to all that is "I heard it's hard but really, versioning/XMPP and also, it's not hard". How well has 'proper versioning' worked out for SSL/TLS? Federation hasn't really 'worked out' for XMPP. Never mind anything substantial in response to Moxie's writing. People calling your piece 'hipsterism' are being very, very polite.

However, we very strongly feel that the resulting freedom and choice from the resulting open ecosystem is worth the additional complexity.

Users can choose any service provider without compromising interoperability. They can run their own servers. They can write their own clients. They can write their own servers. They can choose precisely who they trust with their data. They can contribute to the spec and help define the ecosystem. They aren't forced into trusting a provider who may be trustworthy today, but who knows in future.

I believe Moxie's viewpoint is that privacy is paramount, and any complexity which could introduce bugs which could undermine security/privacy is anathema. From a cryptography dev perspective, this makes perfect sense.

On the other hand, Matrix believes that there is more to life than just privacy, though (as critical as privacy is, of course) - and it is possible to have both privacy and freedom.

Yes, it slows down the rate of development a bit. Yes, it means you have to think much more carefully about layering the protocol to allow the different layers to evolve as independently and efficiently as possible, with the necessary mechanisms (both technical and organisational) to upgrade and lock out obsolete clients and servers. Yes, it means there's more complexity, where bugs could hide. Yes, it means that you may not be able to force the world to upgrade as rapidly as a silo might in the face of a critical security issue.

However, we think it's worth it.

IMHO Signal is only usable on smartphones. I don't want to link my desktop client with the phone, so I use Wire on the desktop.

Oh and Wire is a Swiss company. I see you run your blog off the .ch TLD.

You can 'block' people, but simply removing them? Nope.

Why do I care? Because at one point the 'upload all contacts to Wire to help you find them on Wire' wasn't optional (I understand it is now) and now I'm stuck with entries on my contact list that I just don't care about. Very weird..

Whether you are a journalist or an abused individual hiding from the ex spouse/parents/whomever that abused you, if your life and/or the lives of other people are on the line, this detail (and perhaps others, as I am not super technically literate) is a serious deal breaker.

It has nothing whatsoever to do with some kind of vague, hand-wavy preference, like preferring red phones over blue ones because you like the color red. It has to do with "If I use this, will I or others end up dead, maimed, in jail for a lot of years or otherwise basically have one's life utterly ruined?" Like that movie scene where they blow up everything "because you made a phone call" (Enemy of the State, IIRC).

I mean, I think I wrote[1] that I really dislike the connection between identity and phone numbers. I happen to use Telegram at the moment (I have exactly 5 contacts, one of those is the Telegram 'we updated the software' bot, another one is a random 'Sticker' bot), but I'm an xmpp guy deep down. Matrix looks promising, I just need to find the time/energy to make the switch (and convert the 3 'real' Telegram contacts).

If you look at the thread with tptacek I do have to agree that the safest bet probably is Signal right now - if it leaks the phone number or not. I don't have to like it though...

1: If you look at my comments it seems that I repeat that in every other one, but English isn't my native language. Please blame the language barrier first, then blame the human behind the message.

To me, remarks like this one read as "Eh, if Signal is not to your tastes, no big, but no reason to trash it either." But the article and I and others here are saying, "Yeah, no. This is not the same thing as picking a phone because you like red more than blue. This is more like refusing the blue one because it explodes sometimes when you answer it."

For people for whom lives are on the line, this goes a lot deeper than personal preference.

Yes, you (and I, let's not forget that we kinda agree that this is bad design) might not want to share your private phone number just to contact someone via Signal. But I feel you're painting this a bit too black or white.

If lives are at stake or not, Signal might or might not be the right solution. If people feel that their life is at risk, I hope they know how to evaluate the trade-offs - or have someone around that can explain it.

We both don't like Signal. I don't agree that it should be dismissed and emotional appeals are ~questionable~, can probably be turned around (see first paragraph). Individual decisions need to be made and if Signal is a good fit or not for a specific scenario isn't an good indicator about the general fitness of Signal in general imo.

While you may hope that they know how to evaluate the trade-offs or have someone around that can explain it, many people live life under very risky circumstances and an uninformed choice can be the last choice they make.

No, I am not painting this a bit too black and white. Alive or dead is a pretty black or white thing and many people live lives where death dogs their steps. This is not an appeal to emotion or hyperbole. This is a fact.

If it isn't that big of a deal for you, cool. Glad to hear your life is fairly comfortable. But I do think it matters that informed, knowledgeable people discussing it on a forum with a strong reputation for being a good source of technical information (as well as other kinds of information) is a place where someone needs to make it very clear what the potential consequences are for people who live in dangerous circumstances and don't have the technical background or connections needed to figure this out.

Yes, I'm living a comfortable life (if we define that as "Not worried about dying"). I seriously cannot imagine what people in those situations might go through.

But regardless of one's technical skills, I believe that someone cautious about giving up their phone number would stop and reconsider when Signal wants you to provide your phone number? I also really hope (for the sake of the people you stand up for) that getting a random / anonymous SIM card, a 'just for close friends and family' phone number is something that is well-known and good practice?

I .. don't want to dismiss your opinion. Honestly, I'm _still_ convinced that we feel the same about Signal. Let's turn this around: What would you _hope_ for here? What do you expect or wish for? What do you criticize exactly?

I am not trying to argue with you. But I think this is a distinction worth making. We don't know who all is reading. People in real trouble often cannot ask questions. They may only be able to read. In which case, it matters if someone points out such a detail.

Thank you for engaging me.

[1] https://whispersystems.org/blog/the-ecosystem-is-moving/