Is anyone here aware of some alternatives to mentioned instant messaging applications ? Alot of people keep mentioning Signal , however since it is US based I am not going to entertain it as a possibility.
You must log in or # to comment.
take a look at ArcaneChat https://arcanechat.me/
Wait, what’s wrong with signal?
well … US based.
It is a us based non profit that doesn’t store any information about you, your contacts, or any of your metadata, and encrypts all of your data in transit and at rest, using a strong open source encryption protocol. Signals privacy is so strong that when delivering a message, they cannot tell who the sender is. It is developed out in the open and has been independently audited like four times.
Also you don’t need to purchase the app so boycotting it really only harms you since every other messaging app (that isnt self-hosted) is objectively worse in all of these measures, or has no network effect.
Don’t punish orgs who are doing things right.
It is a us based non profit that doesn’t store any information about you
still it runs in AWS, Microsoft, etc servers, and as any centralized service policy and interests can change at any time in the future, which would be pretty bad when you have several countries fully depending on them, just look the current situation with whatsapp, you can not be resilient/sovereign like that
has been independently audited like four times.
could you provide source pointing to the security audits?
That is a good take. However I could instead support European company with european people which is not to be neglected
That is completely reasonable and in every other instance I would encourage this, but there really isn’t a secure, private (those are two different things; WhatsApp is (probably) secure, but definitely not private) alternative to Signal at the moment. Even if one did exist, it likely isn’t compatible with Signal and would only serve to fragment messaging even further until it has more users than Signal already does.
I guess, I just want to encourage you to make changes where it really matters. Absolutely dump Microsoft, Amazon, Google, and other for-profit American manufacturing and services. But boycotting Signal doesn’t really help the way you want it to.
Ultimately you have to decide what is best for you and I obviously can’t and won’t force you to use something, but I hope I can at least provide some perspective.
It’s serverless though, right? The messages aren’t stored in any of signal’s servers? Or am I mistaken?
It’s also open source, so it would be possible just to fork and use a “European” version of it. Also, since it’s open source, it’s free to use, so no money actually goes to on American company by using it.
It’s serverless though, right?
no, and in fact the cost of running it is really high because the server infrastructure they need to pay, they even say it themselves “Signal is expensive” https://signal.org/blog/signal-is-expensive/
it would be possible just to fork and use a “European” version of it
in theory yes, in practice no one has done it, and then you should not use Signal but the european fork which will not be compatible/federated with signal
I think they are also non-profit company
The big inconvenience with the EU alternatives, is that I don’t know a single soul who use them.
I think schildichat on matrix is a good alternative the app is developed by a German guy and matrix is decentralized as the fediverse you can have your own server or join a mass server.
Here is a nice overview of the most common messenger:
Why does it matter that Signal is US based? They don’t get any of your data. And you don’t have to donate if you don’t want to.
I keep donating. As I do for the FSF, the EFF etc.
Everything not-nonprofit? Boycotted.
I agree, in all for buying European, but you don’t have to buy signal
I agree. If anything, Signal was made to circumvent government spying. So it’s ANTI-US Gov.
Try out the either Element or Fluffychat. Both based on decentralized, privacy, and security. Both based on Matrix. I like Fluffychat for ease of use and it’s on all devices. Plus you have to verify every device that signs in or that new device can not see previous chats as they stay encrypted.
It’s not just “based on”. Element and Fluffychat are two clients that use Matrix and are fully interoperable.
(I’m sure you know, but I’m not sure it’s obvious for potential newcomers)
Tue. Sorry, bit sleepy while responding doesn’t help.
I also use Fluffychat and I’m pretty satisfied. But it has its own “quirks”. I would say it’s slightly more buggy than I would expect. And I’m mostly missing the function for pasting of images from mobile device’s clipboard. It’s still doable, but in a somehow convoluted way. But once I got familiar with it, I’m liking it.
One of the latest updates allow you to use the Share button to directly post to Fluffychat. But I do agree with quirks.
Yep, that’s what I meant by convoluted. It’s: Share -> Fluffychat -> Click on Post
Then Fluffychat opens with a popup where you select the respective chat and click on Forward. And then click on Send in new popup. It’s not a catastrophe, but I can definitely imagine less steps for that :)
Matrix is terrible for privacy. It shares more metadata with the servers than any other messenger.
From which year is that claim?
Today. Matrix does not encrypt your metadata like Signal does. The server can easily build a social tree.
The Signal server and a Matrix server, of course, have the same metadata visibility.
No they don’t. Signal does not get any metadata. Matrix servers get everything and more than any other messenger. Not even the profile is encrypt with Matrix.
Flat put lie anyone reading this thread can easily disprove by searching online.
Sealed sender does depend on some degree on trust, but with the architecture being designed for multi-server cloud and message passing with minimal logging, no single server knows both the sender and receiver when sealed sender is used, which also makes it harder for anybody trying to compromise the servers to collect that kind of metadata because you have to compromise a lot of them to have a good chance of deanonymizing your target. That’s likely to be noisy.
Matrix also expects you to trust the server to a degree.
Got to go fully Tor/I2P secured P2P to avoid that.
Well then search and share it. I feel like you’re some kind of shill that’s payed to say these things. You have no technical understanding of how this works and you also won’t share any sources whatsoever.
Yeah no, that’s not how it works. The closed source Signal server by definition gets the meta data on your chats. It’s simply needed for it to do its job. When receiving the encrypted message contents the Signal server, at the moment of the IP connection, knows the identity of the sending party. It also must know the identity of the receiving party, else it would be very difficult to make sure the message reaches them.
That’s the user graph right there. Now Signal says they don’t log it, and I’m sure they don’t (here’s where you look up what a National Security Letter is btw). If I run my own Matrix server for me and my friends, I can prove that it doesn’t log.
deleted by creator
https://signal.org/blog/sealed-sender/
https://signal.org/blog/signal-profiles-beta/
I’m not aware of any equivalent implementation on Matrix.
Before making an uneducated comment you should at least read the source I shared and read the corresponding whitepaper explaining it. Your comment is a bit embarressing.
If you use a VPN (hiding your IP), Signal cannot build a social tree.
If you have any questions in particular feel free to ask.
I highly suggest getting third party reviews instead of competitor reviews which are ALWAYS SLANTED. Not to mention Matrix based like Element and Fluffychat are Open Source. Unlike Signal. Not to mention Signal provided info to US authorities fairly recently.
Signal is open-source. Signal did not provide info to the US. They don’t have any info to share anyways. And you can confirm that as their code is open-source. Them sharing data is mathematically impossible.
What are you on about? You seem to have no idea what you’re talking about. Stop spreading unreferenced misinformation. If you have something that we don’t know about share a source or prove it!
Sounds great, thanks for the tip
You are most welcome. I tried a lot of various messengers and these were the only ones that seemed to fit the extreme security we need in age of fascism.
Exactly … Element looks really good … Now is the time to bully everyone around me to ditch the US shite and join me over there haha
Threema is swiss
Element.io is a great option if you can get your circle to sign up
I’d say Simplex, but check this comparison:
I do like the idea behind it. However, it is extremely buggy and freezes on iOS. It is extremely convoluted to add multiple devices as for now they can’t be on same profile. And to top it oof, it does not seem to have a working export database feature for now.
When they fix those issues I do feel it has a great chance to take over.
The truth is I havent had much experience with it (well, didnt convince anyone to try it with😆), especially with iphones.
May I ask, does the export not work on iphone? It seemed to be working on my android.
It gets stuck on create passphrase to export. Even after re-install and an attempt with a new profile on the iPad.
That is great Comparison… thanks alot.
Threema.
I’ve heard about https://docs.cwtch.im/, but haven’t tried it. It does seem to take privacy very seriously.
Why is there no mention of TeleGuard?
Never even heard of that one.
The only thing the site says is it’s using Salsa20 (a stream cipher) but says literally nothing about key exchanges, key validation, etc.
Teleguard is closed source and the encryption protocol is not public or audited.
I’ve been using SimpleX, and I like it a lot. Very polished and reliable. The company is registered in the UK.
maybe jami?
