trash
27
poVoq
link
fedilink
12
edit-2
2Y

People consider way to little under what jurisdiction the developers and servers are. Even if Signal was fine right now, them being under US law, is a total no-go for anyone not living there (zero rights for non-citizen) and it would be trivial for the NSA to force Signal to intercept more meta data etc. even with a gag order.

Matrix.org is AFAIK based in the UK, which is nearly as bad, especially now with Brexit. And self-hosting while avoiding any connections with the main instance is nearly impossible.

If you insist on a centralized platform and are a EU citizen, then Threema is probably the best option, now that they open-sourced their clients. For non-EU & non-US, I guess Telegram (Doha based, but servers on US cloud providers AFAIK). I think for east Asia (other than China), LINE would do (Japan/South Korea based).

But IMHO, by far the best option is to selfhost XMPP or sign up with a local community run XMPP server.

@je_vv
link
fedilink
2
edit-2
1Y

deleted by creator

@marmulak
banned
link
fedilink
82Y

If you use Android then Conversations is probably your best choice. Some people won’t use it because it requires them to create an XMPP account on some server, which apparently is too much trouble. Signal is more appropriate for normies who just want to open an app and have it work like WhatsApp out of the box. (It supports iOS as well.)

poVoq
link
fedilink
5
edit-2
2Y

There is blabber.im, which uses a fork of Conversations and also runs a federating XMPP server: https://blabber.im/ Or if you want phone number linking there is: https://quicksy.im/ from the original Conversations developer.

@Lowey
link
fedilink
62Y

Short answer Signal: https://signal.org/download

poVoq
link
fedilink
6
edit-2
2Y

It really isn’t, just read the below messages.

Switching from WhatsApp to Signal, while being an improvement in the short term, is in the end the same story. You are still stuck in a centralized walled garden that falls under US jurisdiction and has clients that are controlled externally (and thus it is trivial for US intelligence services to force the Signal Foundation to push an update that kills all the privacy features without you ever knowing).

Edit: Probably FUD, but I wouldn’t be surprised if Signal is used as a honeypot by the NSA already. They did a similar game with a Swiss encryption product company for decades. And as much as I like Snowden, he is still very much a US intellgence service insider and can’t be fully trusted when it comes to recommendations for non-US citizens.

@Lowey
link
fedilink
12Y

Android builds are reproducible builds(download from website). As such I can be sure I get what it says, as for US jurisdiction I think it has been published extensively that they were only able to give account creation and deletion date.

@gorugorugo
link
fedilink
2
edit-2
6M

deleted by creator

poVoq
link
fedilink
2
edit-2
2Y

that they are aggressive against alternative clients using their backend (which I am somewhat understandable on, servers ain’t cheap)

This argument is very weak IMHO, as Signal is a free app and anyone using it with a 3rd party client puts the same load on the servers as someone signing up for free. They do also say that having only a first party client allows them to quickly and easily change and innovate, but then why are they hostile to 3rd parties compiling and distributing the first party app?

If you think about it a bit more closely, then it becomes apparent that by forcing everyone to only use the 1st party client and distribution channel, they can keep control of the app and change it freely without most people noticing, especially if a modified version is only pushed to certain individual devices. And maybe I am a bit paranoid, but that is exactly how an intelligence service would operate in order to compromise the communication of selected individuals.

PS.: You should rather compare it to XMPP with the Conversations client (or the fork blabber.im). Works great, is fully e2ee and has a UI and functionality very similar to WhatsApp or Signal. And you can easily get it from Fdroid or compile it yourself, so the risk of the developers messing with the binaries is minimal.

they can keep control of the app and change it freely without most people noticing, especially if a modified version is only pushed to certain individual devices.

Is it possible though? like Google Play updates the modified app only for certain individual devices

poVoq
link
fedilink
12Y

Sure that is easily possible. They can also push an update to everyone and a slightly modified version the same time only to certain devices.

In fact if this is still true then Google could even dynamically push a exploit into Signal without an update to the app itself.

@gorugorugo
link
fedilink
1
edit-2
6M

deleted by creator

​@
link
fedilink
32Y

Seems like https://www.privacytools.io/software/real-time-communication/ recommends only Signal if you want a centralized service.

Signal seems to be the ideal replacement for WhatsApp at the moment. It would be fairly simple to get someone to install it if they want to switch. I am going to attempt to get my mother to switch in the coming weeks.

Element/Matrix would be my choice but I would bet my life savings and first born son that I would never be able to get more than one person to switch.

Just as a side note/side question: RE: the upcoming changes to WhatsApp, what will be the deal in Europe? I did see that the changes won’t be the same, will there be any changes made at all for European users?

Element/Matrix would be my choice but I would bet my life savings and first born son that I would never be able to get more than one person to switch.

That was my exact experience. I got two people. Both left.

One person asked me this on reddit in comments. Read comments here https://teddit.net/r/privatelife/comments/krr7gf/writeup_dissecting_massive_whatsapp_privacy/

@soloninja
link
fedilink
22Y

element / matrix is usually a good one. it is similar to discord in a way

@TheAnonymouseJoker
mod
link
fedilink
2
edit-2
2Y

Favourite answer: Signal for personal chats and Telegram for public groups and public chat boards

Honest answer: keep WhatsApp to have an open presence in social public sphere, devoid of permissions except contacts, but use Signal for personal and sensitive chats

If you want to read more, read conclusion part in my writeup: https://lemmy.ml/post/46726

@e44nbe4
link
fedilink
3
edit-2
2Y

deleted by creator

@TheAnonymouseJoker
mod
link
fedilink
-2
edit-2
2Y

WhatsApp for some people can be integral to participation in academia (schools or colleges) or businesses. For them getting rid of WhatsApp is work suicide, hence the advice.

@e44nbe4
link
fedilink
1
edit-2
2Y

deleted by creator

@AgreeableLandscape
admin
link
fedilink
1
edit-2
2Y

I’m a student, ALL my friends use WhatsApp, you want to talk with me? Signal.

I wish I could do this. Facebook Messenger group chat is the platform of choice for organizing group projects at my university, and obviously I can’t refuse to communicate with classmates for assignments. I tried suggesting other platforms but practically no one is interested. Other communication, I direct them to email or Matrix.

Personal chats is surely fine on other secure messengers, which is what my own OPSEC is. What I meant was that universities and schools have their groups for notes and announcements on WhatsApp, and one would not like to miss out on that essential information.

QuentinCallaghan
link
fedilink
2
edit-2
2Y

I like Telegram mainly because of the many features and larger userbase.

The only thing that Signal seems to ask for is the phone number. But, in terms of privacy, do they collect any other metadata and can the phone number be linked back to device or the user externally?

@kitsunekun
link
fedilink
-22Y

I’d suggest you try Threema or Telegram. I personally use both but have more trust in Threema overall.

https://threema.ch/en/blog/posts/messenger-comparison-2021

Telegram works very well but is a nightmare from privacy perspective since they store everything* unencrypted as long as they want. They even call themselfes “cloud messenger”.

(*) everything but the e2e chats you can set up but are barely used since they can’t be accessed on desktop and there’s no e2e for groups

@kitsunekun
link
fedilink
22Y

My favorite telegram feature is that you can nuke entire chats with a couple of clicks. I wish more texting apps had that type of design because it gives you ownership of your messages/discourse.

@awa
creator
link
fedilink
13
edit-2
2Y

deleted by creator

@ksynwa
link
fedilink
42Y

Element gets a “good” on ease of use but IME using multiple clients is a pain in butt with the way encryption keys are handled. Lots of people complain about not being able to read some messages in an encrypted room I am in. I understand if it’s a limitation of them not storing your keys on a centralised server (unless you opt for it I think) but it makes it very difficult for normie friends.

@nutomic
admin
link
fedilink
3
edit-2
2Y

Where does Telegram have ads? I’ve certainly never seen any.

@dreeg_ocedam
link
fedilink
6
edit-2
1Y

deleted by creator

@nutomic
admin
link
fedilink
72Y

Okay but thats only for public channels, so anyone who uses it as an instant messenger will never see those.

@kitsunekun
link
fedilink
22Y

Your post says that Threema doesn’t have voice and video calls, that’s wrong. https://threema.ch/en/blog Feature-wise Threema is very, very solid, and they will soon be adding even more features now that people are in a frenzy about not being spied upon 24/7.

@federico3
link
fedilink
1
edit-2
2Y

This comparison ignores the leaking of metadata: for that, the only viable option is Briar.

It also ignores ease of use: Signal is still reasonable, Element is too fiddly and buggy for non-technical users.

@dreeg_ocedam
link
fedilink
4
edit-2
1Y

deleted by creator

@tskaalgard
link
fedilink
11
edit-2
5M

deleted by creator

@Nevar
link
fedilink
1
edit-2
1Y

deleted by creator

@cruon
link
fedilink
13
edit-2
8M

deleted by creator

@onlooker
link
fedilink
42Y

Yeah, it’s not great. It’s also an electron app, which gobbles up more memory than I’m comfortable with AND last I used Wire, it wouldn’t detect my mic unless I was using the web version. Just no thanks.

@Nevar
link
fedilink
0
edit-2
1Y

deleted by creator

@Echedenyan
admin
link
fedilink
52Y

As far I see, Threema only became FLOSS in the client side and few things in the server side, the rest is still propietary software.

poVoq
link
fedilink
32Y

Yes, similar to Telegram. Still that opens a lot of possibilities for reproducible builds and bridging etc. and they are also not hostile to 3rd party clients: https://www.openmittsu.de/ Servers located in Germany/Switzerland afaik. Recently got a larger cash investment from a large German investor.

@Echedenyan
admin
link
fedilink
12Y

Yes, my point was only that and I apply the same to Telegram. It is a disadvantage for me and a major one.

@Nevar
link
fedilink
-1
edit-2
1Y

deleted by creator

Telegram is okay only as a public board/group messenger service, nothing more. They take time in open sourcing their client code, around 3-4 months.

poVoq
link
fedilink
-12Y

That’s not that relevant, as long as older versions compiled from source still work.

@TheAnonymouseJoker
mod
link
fedilink
2
edit-2
2Y

Older versions work, but would also have security flaws. So Telegram is open source depending on what definition of security or feature updates you are okay with.

Most (spoiler: nearly all) people have no clue about this in privacy community.

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 1 user / day
  • 16 users / week
  • 58 users / month
  • 393 users / 6 months
  • 5.13K subscribers
  • 1.95K Posts
  • 7.79K Comments
  • Modlog