1. Worst Offender : Facebook Messenger --> spyware for tracking all your activities even in background
2. WhatsApp : Lost trust in it since Facebook bought it, more so with the new terms and conditions. Data is not safe anymore.
3. Telegram : Trust it's privacy but it's proposed business model is also advertisement based so avoiding it.
4. Signal : Best option, there are some sacrifices to be made with lack of contacts and some features but slowly and surely we can turn the tide. Also it's open source funded by a Non-Profit so that gets it bonus points.
Even better is Wire: no phone number required, doesn't access your contacts, free personal accounts available, you can use it on a desktop machine with nothing more than a web browser, when using an installed app you can be logged into three Wire accounts at the same time, source code is open source and has been audited for security, you can set up your own locally hosted (or in your own cloud)... and more I'm probably forgetting.
The fact that it's a "secure collaboration platform" means it doesn't fill the same niche. I don't need a secure collaboration platform to talk with my family or friends.
I'd just like to mention that Matrix (and its most prominent client "Element") sounds similar:
> Even better is Wire: no phone number required, doesn't access your contacts, free personal accounts available, you can use it on a desktop machine with nothing more than a web browser
Same
> when using an installed app you can be logged into three Wire accounts at the same time
Don't know if that's possible with one of the currently existing Matrix-clients. I guess that maybe in the future that would be possible, respectively, doesn't sound too difficult to implement.
> is open source and has been audited for security, you can set up your own locally hosted (or in your own cloud)
Same for Matrix. Not sure about the official audit, but at least France decided to use it as a base for its own governmental chat ( https://matrix.org/blog/2018/04/26/matrix-and-riot-confirmed... ) so I guess/hope that they audited the original software.
Thank you for mention this! I don't know why Wire is not mentioned in thread like this. It is best without meta data collection (such as phone number). You can register with just an email and it is based on the encryption protocol that Signal uses. On top of that, the server is written in Haskell!!! Yes, Signal server is in Java, btw. Which is not bad. And Wire is based in Switzerland, with GDPR in Europe it has better data privacy jurisdictions.
I like and use Element but it definitely isn't ahead in usability. Getting e2e set up for "average" people isn't trivial. Especially if they have multiple devices.
That being said it is the the best long term option in my opinion and I am donating to the organization. Hopefully they can work on polishing the e2e UX.
Encryption in Matrix is shit, and is making me feel foolish about inviting various friends onto Matrix.
I set up my own server using Synapse, and invited about half a dozen other IRL techie friends to join me in there to continue chatting during Covid times.
Considering we've all worked in tech for decades and run our own servers/services, none of us can really work out how the hell it's supposed to work. I mean, after lots of time consuming verifying of devices it kind of works. Except recently, all of a sudden, one of the people in our main chat room can not see the messages I sent from one of my devices. It tells him to get my keys from another session, he has only every used a single device/session. There is no UI that either of us can find to help fix it. We can chat fine in a different encrypted room, or if I use a different device.
I'm not pulling anyone else into the Matrix ecosystem until encryption stops being just so god damn awful.
Can I ask why you didn't just use email? If you wanted a technical challenge you could have setup your own email server. You could also run your own Teamspeak server for video conferencing.
This is the problem with matrix et al. They have to offer something that is leagues ahead of the current baseline, which I'm not convinced they are.
We aren't using email for this, because we wanted a chat room. We aren't using Teamspeak because we don't want video conferencing.
I've been running my own email server for going on 20 years now.
[edit] To add to the above, I use the same Matrix server to chat in various Matrix, IRC and Gitter rooms, and also to host a couple of self-written bots which I use to control a few aspects of my life. Email isn't really a replacement for the things I use Matrix for.
Same experience here but i feel like Element is slowly getting worse. It is starting to use popups for everything and its becoming so annoying my friends are slowly leaving.
Verify this, is this you that.
I think partly its because i am not always on latest version of Synapse so the self-updating clients expect slightly different backends but uff.
It feels like Moxie is right with his anti federation argument. Call me stupid but i am really trying to keep it together but i still cant tell why some of the popups show up or why some sessions of my friends wont decrypt and they show gibberish.
Do you mean about accessing an encrypted chat from multiple devices?
If yes, I was playing with that just this weekend and I did not understand at all how to trust the other devices by using "text" (which "text"? I didn't get anything to type/check/approve anywhere); on the other hand by using the option to use emoji (compare a series of emoji between devices and then confirm) was very simple.
As well finding the link to a group-chat that I just created was not simple (or at least the place where to find it was not obvious).
> That being said it is the the best long term option in my opinion and I am donating to the organization. Hopefully they can work on polishing the e2e UX.
For me the verify by text worked, but you can click on a lot of very similar places and you get different results. For example if you click verify it forces interactive verification. If you click the sessions and then click a session you can verify individual sessions. Of course you can't non-interactively verify a users main key.
I'm also confused why each device is handled separately. I would rather I just share a key around (and ideally it rotates occasionally) and not share what and how many devices I have and what one I am using at the moment.
> but you can click on a lot of very similar places and you get different results.
Aha, didn't notice that, thx!
> I'm also confused why each device is handled separately.
Well, I can understand it more or less (I guess kind of similar to confirming in Whatsapp your multiple open sessions on different devices, to ensure that nobody is using something that you forgot/left behind?), but doing it this way is quite hardcore - on the other hand it could be that the whole thing is deeply embedded in the software's encryption principles/guidelines => it would probably still be ok, but it needs to be explained better, be more clearly accessible.
I guess that having a rotating key (with the software asking from time to time "do you want to accept key jf8k4d9k?") would probably be confusing for non-technical users and would probably generate uncertainty/anxiety/etc... ?
Losing the device is an interesting point. However I think due to the way that cross signing works they could use that device to sign new sessions anyways. They would also have access to key backups so I don't think that case is supported well right now.
For the rotating key it would be automatically signed by the previous key or master key so no user-visible change would be shown.
> However I think due to the way that cross signing works they could use that device to sign new sessions anyways.
So you don't think that if I cross-sign devices A and B, and then I would cross-sign devices B and C, if I would revoke B then C would automatically become invalid as well?
Kind of similar question about "key backups" (to which keys would device C have access to?).
(I honestly did not ever look into all these details - I was hoping that this would be covered by more clever people)
It would make sense but I'm not sure how it is implemented. I can also just imagine revoking old devices because I don't use them anymore or have reinstalled them. In that case I wouldn't want the things it signed to be revoked. (Really just saying don't trust this key for anything in the future, but past things are fine).
Maybe the best solution would be revocation after a date. So you can say "don't trust anything after {time-i-lost-the-device}" or "don't trust anything after {now}" and it does the right thing. However that could be complex to implement correctly in software. Lots of bookkeeping.
Exactly. Very bad name, too techy for the average folk and it doesn't have the same network effect as Signal or Telegram. I disagree that it is ahead of Signal for usability in fact it is still behind.
Although I do praise it for not requiring and collecting my phone number and being a bit more future-proof and decentralised, unlike Signal and Telegram.
But in terms of getting my friends grandmother over it, it completely loses on usability and its name is so confusing to them you just had to also mention the Matrix protocol, when it is just Element. which even that by itself is very ambiguous.
Matrix feels akin to trying to tell my (non technical) friends that they should use HTTPS as their social media site. I think it's technically more capable but trying to explain what you can do, how to get started, or why it's better is a much higher bar than something like Signal.
Absolutely correct, I just did that this weekend: big effort trying to explain all pros vs cons and the its technical background and future outlook, prepared test chatroom, wrote simple instructions to create account and try it out => got ignored, failed miserably, hehe :)
I wish that they would have chosen a different name when switching from Riot to Element because I am just starting to getting used to it. But it is still my #1 option.
I think Element is way behind Signal in terms of usability. The iOS app is the most confusing chat app I've seen, especially if you are using your own servers.
Consider Jami - https://jami.net/ too - you don't even need to share your phone number or email id to use it.
And it has support for nearly all desktop and mobile platforms (with all the features we expect from a messaging client, and more - it is also a SIP client). It is fully open source, and all data is stored on your device.
Signal may be run by a non-profit, but it a non-profit based in the United States. In the US, a non-profit can also be converted into a for-profit business.
I've played with Jami several times because it sounds good on paper but it just flat out failed to work a lot of the time. Messages sent but never received, no indication of why or what was going on. For my uses anyway, IM needs to be above all reliable - when I send a message I need to know the recipient will get it (and in a timely manner, modulo their availability).
Most of my network is on Telegram at my urging because it was the best option at the time, but I'm constantly looking for something better to replace it (as I'm aware of the downsides to Telegram). Currently I'm trialing Element with one of my contacts and I'd say it might be ready if I can get past the initial setup headaches, but Telegram just works so darn well and is so amazingly fast that it will be very hard to get buy-in for people to switch. Most people are overloaded with IM apps already, adding another one is tough unless it can completely replace and deprecate one they're already using. Jami definitely is not that IMO.
How is Signal going to fund their operations in the future if they grow to anything close to the other three in size? Donations? Even if they're a non-profit they still need to keep the servers running.
The Signal Foundation received a zero-interest loan of $100,000,000 by WhatsApp founder Brian Acton which doesn't need to be paid back until the year 2068 or something.
And according to Telegram's Pavel Durov, "A project of our size needs at least a few hundred million dollars per year to keep going." [0]. So future funding sources will be needed if Signal grows to be a big player. It's fine saying they're owned by a non-profit, but even non-profits have bills to pay.
I don't think a project of that size needs that much money.
Exhibit A: The Signal Foundation's tax reports[0]
Exhibit B: The fact that WhatsApp had a very small team and rather low costs, at least prior to its acquisition by Facebook. (I can't find any numbers right now.)
According to this Wired article [0] from last year, the number of Signal users aren't public, but they've had "more than 10 million downloads on Android" and another 40% on iOS. Lets say 20 million downloads in total. Of course there's more now, but we don't know what kind of costs they have now, and I couldn't be bothered looking for more recent figures.
Telegram has close to 500 million active users each month. So of course Signal is not using as much money. The same Wired article mentions that Signal recently had gone from 3 to 20 full time employees, that adds a lot of cost as well.
My point is that I don't think Telegram have spent lavishly or focused on big profits, so it's unreasonable to assume that Signal will be able to do what Telegram does for much less money, so they will also need a new monetization eventually.
Signal is quite good and I use it for person to person. Hopefully with an influx of new users and with that, funding, it can reach feature parity with WhatsApp which is currently much better for groups. WhatsApp and Uber and Lyft etc, are very well crafted applications on iOS. They feel magical. Signal can get there as well, but it will take funding+effort.
I see the opinion that more users will help make Signal reach feature parity but I don't understand why that follows. Unless there is a massive increase in donations but that is largely covered by the 0% interest rate funding from WA founder.
While not a guarantee, the number of donations is proportional to the number of users. Since they can't extort their current users for more money, the only hope for Signal is to get more users.
How come you trust its privacy? Its privacy guarantees are by far worse than those of WhatsApp as Telegram messages aren't even end-to-end encrypted by default.
Keybase is effectively in maintenance mode after being acquihired by Zoom.
If anything, Signal should adopt some of the crypto identity primitives Keybase was known for [1] for persona management that builds on (but still supports) phone DID identifiers. Would Zoom sell or donate Keybase infra to Signal Foundation? That'd be swank.
Keybase showed a lot of promise, but ever since they were bought by Zoom I’ve been hesitant to depend on it. There’s a good chance it’ll be neglected or cannibalized in the future, not to mention the real or imagined CCP influence. Perhaps failure is a self fulfilling prophecy.
I tried signal, matrix, Riot, Slack, Discord, Messenger, Hangouts, and Keybase is by far the best option.
It is in an uncertain place though since Zoom bought them and moved its developers to work on Zoom. There has only been one small update to Keybase since zoom purchased them.
While it's not getting updated I don't have any worries about the reliability of its existing security. It's not perfect but it's pretty mature and feature-rich.
I've been a Keybase user for a couple years now. I started using Signal when it was TextSecure. From Signal Insights 98% of my conversations are encrypted because I pushed Signal hard on friends, family and colleagues early on. I talk to one person on Keybase that refuses to use Signal (not exactly sure their rationale anymore). For some reason I thought Keybase was going to give me the early experience of Twitter, where I was able to interact with people in the same field without having to know them IRL. And while Keybase does recommend I follow / interact with some of those people it feels less attainable to start up a random conversation or jump into a public thread like I did early on with Twitter. To be clear I'm not saying that's Keybase's fault. As for getting non-technical family and friends using Keybase, well... I find that it's not as approachable. I think it is more convenient in some cases (chat history is probably the #1 item), but it's also clearly geared towards people who likely have an idea what PGP is (re: PGP key identity proof, etc). I wish there was something that mashed up the best of Signal, Keybase and Twitter. But at the end of the day I'd probably still use Signal for the majority of direct person to person messaging because of the time and personal effort I've put into getting my circle to use it. The switching cost is too high a bar now to consider anything unless it's exponentially better (and I don't think that exists). I also really don't like the fact that Zoom owns Keybase and can't see myself recommending it much moving forward over alternatives like Element.
I had a contact show up with a super old name that I wanted to update but it was right in all my other apps. Turns out I still had the old name in one of the read only merged contacts from WhatsApp (contact showed up fine in WhatsApp). I had to remove my WhatsApp account clear the app data for signal and resync everything.
WhatsApp became massive before being bought by Facebook and you had to purchase it for $0.99 (or $2,99 it's been almost a decade so I can't remember the exact price). So no, as long as the network effect is there, costing money is not a no-go.
Except it wasn't really enforced. They kinda made you think you HAD to pay, but extends it to another year even if you didn't pay. So it was actually free.
I rate them differently- I can use Facebook and supply minimal real personal information. WhatsApp by contrast demands full access to all my contacts whether they use WhatsApp or not
That has not been true in forever on either iOS or Android, if it ever was.
It is possible to reply to numbers bot listed in your contacts; and apparently it is possible to initiate chats with numbers by using a web api which triggers a platform specific app action.
But you’d be left with phone numbers as identifiers, and at most the user’s self description which is sometimes they name and sometimes just something like “xxx”
Yeah I went through the document. I'm asking on more of a mobile development perspective. The list makes it sound like when I open up Chrome and go to a site, Facebook knows right away.
All of them: Require your phone number to work, and ask for your full address book.
Asking repeatedly for information that is not necessary is a red flag. It is suspicious, to say the least, that Signal is not censored from Apple’s Appstore.
1. Worst Offender : Facebook Messenger --> spyware for tracking all your activities even in background
2. WhatsApp : Lost trust in it since Facebook bought it, more so with the new terms and conditions. Data is not safe anymore.
3. Telegram : Trust it's privacy but it's proposed business model is also advertisement based so avoiding it.
4. Signal : Best option, there are some sacrifices to be made with lack of contacts and some features but slowly and surely we can turn the tide. Also it's open source funded by a Non-Profit so that gets it bonus points.
Reference: https://9to5mac.com/2021/01/04/app-privacy-labels-messaging-...