Encrypted Messaging Survey
I am interested in your thoughts regarding encrypted messaging apps for the ordinary user. The use case is: typical user who is concerned about their privacy and has a family and social circle of people who use iOS and Android. As such, iMessage and RCS are off the table. Of the following, which would you recommend and why? Are there others that should be considered?
Thanks!
#infosec #privacy #encryptedmessaging #signalapp #whatsapp #threema #telegram #matrix #element #wireapp #wicker
@picrypter I do like signal but the phone number requirement is a put off for me for broad usage. I use it with family and friends but they already have my number.
@rstarman It is definitely their biggest flaw but as you said, the choice was for family members or your social circle so as you mentioned not a problem there. For communicating externally outside of said social circle where one doesn’t want to share any PII, Threema would be my next choice, even though there’s a few technical areas they could improve in, over all the app works great and is great for most threat models.
@picrypter @rstarman I convinced my whole company and all of my family to move to Element/Matrix. Registering a new account and starting to chat was done in a matter of minutes, thanks to Spaces which helps a lot with user discovery.
@qdemouliere @rstarman @picrypter D'un point de vue crypto, Olvid est franchement cool :) Mais on avait besoin d'un client Desktop/web, et au moment du choix, Olvid n'en avait pas encore.
@x_cli @qdemouliere @picrypter Thanks! I was unaware of Olvid. I will research it futher.
@qdemouliere @x_cli @picrypter That is noteworthy.
@qdemouliere @rstarman @picrypter Les clients sont open source: https://github.com/olvid-io
Ca n'a pas toujours été le cas. Concernant le serveur, effectivement, pas de code, mais c'est pas bien pire que Signal car on a aucune preuve que le serveur publié est le serveur utilisé...
@x_cli @qdemouliere @picrypter Exactly You make an interesting point.
@picrypter @x_cli I’ve used it too in the past (primarily with a group of infosec practitioners). I’ve had no luck getting “regular” people to use it. Glad you had such success. I’ll need to try again
@rstarman @picrypter Element has evolved into something usable over the last few years. Prior versions (Riot) were pretty terrible, tbh.
@picrypter @rstarman A friend of mine is using EMS to host a homeserver for their own domain and federation is working quite well, according to them. I cannot say it is perfect, but quite frankly, it is working as well as you could expect from a federated service, now.
@rstarman To add, I get you can setup some of the other apps just as quick but they aren’t as superior (IMO) compared to Signal when it comes to the Privacy and Security combo.