Encrypted Messaging Survey

I am interested in your thoughts regarding encrypted messaging apps for the ordinary user. The use case is: typical user who is concerned about their privacy and has a family and social circle of people who use iOS and Android. As such, iMessage and RCS are off the table. Of the following, which would you recommend and why? Are there others that should be considered?

Thanks!

#infosec #privacy #encryptedmessaging #signalapp #whatsapp #threema #telegram #matrix #element #wireapp #wicker

Follow

@rstarman If it’s onboarding new users from your social circle, who aren’t especially tech savvy or privacy minded then Signal is the winner by a mile. You can have someone setup and talking with you over Signal in less then 5 minutes.

@rstarman To add, I get you can setup some of the other apps just as quick but they aren’t as superior (IMO) compared to Signal when it comes to the Privacy and Security combo.

@picrypter I do like signal but the phone number requirement is a put off for me for broad usage. I use it with family and friends but they already have my number.

@rstarman It is definitely their biggest flaw but as you said, the choice was for family members or your social circle so as you mentioned not a problem there. For communicating externally outside of said social circle where one doesn’t want to share any PII, Threema would be my next choice, even though there’s a few technical areas they could improve in, over all the app works great and is great for most threat models.

@picrypter @rstarman I convinced my whole company and all of my family to move to Element/Matrix. Registering a new account and starting to chat was done in a matter of minutes, thanks to Spaces which helps a lot with user discovery.

@x_cli @picrypter @rstarman <Troll> Je suis surpris que tu n'utilises pas Olvid dans ta boîte. Ce super service de messagerie issu de la startup nation french tech...</Troll> 😂​

@qdemouliere @rstarman @picrypter D'un point de vue crypto, Olvid est franchement cool :) Mais on avait besoin d'un client Desktop/web, et au moment du choix, Olvid n'en avait pas encore.

@x_cli @rstarman @picrypter L'hébergement d'une partie de l'infra chez AWS et le code source fermé un peu moins je trouve... Mais oui niveau crypto, cela a l'air top. Ils ont obtenu la certification de l'ANSSI.

@qdemouliere @rstarman @picrypter Les clients sont open source: github.com/olvid-io

Ca n'a pas toujours été le cas. Concernant le serveur, effectivement, pas de code, mais c'est pas bien pire que Signal car on a aucune preuve que le serveur publié est le serveur utilisé...

@picrypter @x_cli I’ve used it too in the past (primarily with a group of infosec practitioners). I’ve had no luck getting “regular” people to use it. Glad you had such success. I’ll need to try again

@rstarman @picrypter Element has evolved into something usable over the last few years. Prior versions (Riot) were pretty terrible, tbh.

@rstarman @x_cli I’ve had this same experience, and also the syncing was/use to be horribly slow or sometimes just not work at all. I might have to look for a community I’m interested in a revisit it sometime soon.

@picrypter @rstarman A friend of mine is using EMS to host a homeserver for their own domain and federation is working quite well, according to them. I cannot say it is perfect, but quite frankly, it is working as well as you could expect from a federated service, now.

Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.