Man
Professional
- Messages
- 2,943
- Reaction score
- 471
- Points
- 83
I think you don’t need to be reminded once again why the secrecy of correspondence should remain a secret by default. There are many messengers now, each of which offers some protection against data interception. But not all of them are designed the same, and each has unique features. In this article, we will go over the most private messengers.
To keep the review from ballooning to cosmic proportions, we will immediately discard all the pop like WhatsApp, Telegram and Facebook Messenger. To register in them, you need a phone, and security is entirely on the conscience of the developers. We will focus primarily on complete anonymity, well-designed encryption, as well as the absence of backdoors - that is, open and third-party audited source code.
But there are also serious disadvantages:
As you can see, the disadvantages are significant, and it would be a good idea to familiarize yourself with Signal alternatives just in case. What if you can find a program with a comparable list of advantages and without the listed disadvantages? Well, let's look!
When registering, a unique user ID and a secret phrase are generated, which is used to restore the account on a new device. All the necessary features of modern messengers are supported: calls, disappearing messages, file transfer, group chats, etc. Google infrastructure can be used to receive notifications (fast delivery mode), but the most paranoid users can disable this function.
Without Google servers, messages will continue to arrive, but with some delay. However, during testing, even "fast delivery" did not work instantly.
The main disadvantage of this messenger is that the developers chose controversial solutions in terms of security: they refused to use Perfect Forward Secrecy and the plausible deniability mode.
Plausible deniability is a feature in encryption and data protection systems that allows a user to deny the existence of certain data, even under duress. The idea is that a user can keep sensitive information encrypted and only grant access to certain data that appears innocuous, while more sensitive information remains hidden and protected. For example, in some encryption systems, multiple passwords can be configured: one for accessing regular data and another for accessing more sensitive data. If the user is under pressure, he can provide a password to harmless data, pretending that this is all he has, and the truly important information remains hidden.
And another strange solution: to raise your service node, you need to freeze the OXEN currency on your account for about 15 thousand US dollars. This is explained as protection against spamming by untrustworthy nodes.
Pros:
Cons:
To protect data, the SMP (SimpleX Messaging Protocol) is used, which is wrapped in TLS to communicate with relay servers. The developers regularly release updates and fix bugs, so the application works stably. Of course, the entire source code is open.
SimpleX uses strong cryptography, including post-quantum algorithms. In general, in terms of the thoughtfulness of the architecture and available client settings, SimpleX compares favorably with most messengers. The ability to deploy your own servers is another important plus.
Nevertheless, personally, I am still wary of SimpleX. The project does not make money, but its level of support is no worse than that of commercial ones. Suspicious! In addition, SimpleX is registered in the UK, and the government of this country every now and then encroaches on the right of citizens to reliably encrypt correspondence. An audit of the source codes was carried out, but at the request of DARPA, that is, the US Department of Defense. However, the source code is open, and the noble lords have not yet banned encryption, so perhaps it is too early to worry.
It is also worth noting that the developers have chosen an unusual programming language for the project - Haskell. Functionality lovers will appreciate it, but such a choice automatically narrows the number of people who can understand the source code.
Pros:
Cons:
There is even the ability to connect plugins, and an SDK is available for writing them. For example, through a plugin, you can change the background during a video call.
An interesting feature: when registering, you are asked to create a nickname, which is then stored on the NameServer (NS) of the Jami network. If you lose your profile (for example, forget your password), you will not be able to restore it and use your old name either, because the nameserver already knows you. However, this provides protection against identity forgery. It is clear that the nameserver does not store anything except the name, but even this is a small, but still a metadata leak.
Another interesting observation: when an account is migrated to another device, it is briefly completely loaded into the Jami network, however, under a password generated by the program. Question: how good is this password and is it really impossible to predict? I do not have a clear answer, so this is a topic for a separate study.
Pros:
Cons:
Previously, bootstrap servers were used during messenger loading, which allowed to obtain service information, but after the network has grown, such servers are not used by default. However, if something goes wrong, you can enable them in the settings.
The application automatically connects to the nearest nodes, but you can also select a node manually. And if you want, you can create your own and connect only to it (which, in my opinion, is a good option). And in general, the number of settings is impressive.
The legal entity is registered in Switzerland, where strict privacy laws are in effect.
When testing Status, I encountered minor bugs. For example, when you first launch the application, you need to agree to the privacy and terms of use, but when you click on the hyperlink, it sends you to the main page of the site.
By the way, I found the necessary documents by scrolling the page to the very end, but they related to the site itself, not to the messenger.
Pros:
Cons:
In general, the ability to work without the Internet at all is a kind of killer feature. It is clear that the radius will be small, but still, if a man-made apocalypse happens, this may come in handy!
Moreover, on Android, this messenger can also be distributed without the Internet. To do this, select “Share this app offline” in the settings, after which a Wi-Fi access point will be created to which you can connect. Briar will provide the address and port itself. Connect, and you can install the application on a new device.
As for privacy, everything is sensible here: the messenger uses the user's metadata to a minimum, so you don't have to worry too much about it leaking somewhere.
Of the minuses - there is no synchronization between devices. If you log into your account from a new phone, you will not be able to access past correspondence. Well, if you lose the password to your account, you will lose the account itself.
There are no other familiar functions: audio and video calls and even full-fledged file transfer! You can only attach pictures to messages. It must be admitted that in the modern world, these shortcomings can be decisive. But there is a built-in blogging system: any user can share valuable thoughts with the world.
For me, the meager settings were a big drawback. For example, it is forbidden to take screenshots of the application, and this ban cannot be lifted. You cannot even manually enter the addresses of Tor bridges, only enable or disable the ability to use them. It seems that modern WebTunnel bridges are also out of the question. That is, the developer has already decided everything for you and does not give you any choice.
Pros:
Cons:
As you can see, there is no messenger that is perfect in everything. Each of them has its own strengths and weaknesses. I hope this article will help you weigh them when choosing.
To keep the review from ballooning to cosmic proportions, we will immediately discard all the pop like WhatsApp, Telegram and Facebook Messenger. To register in them, you need a phone, and security is entirely on the conscience of the developers. We will focus primarily on complete anonymity, well-designed encryption, as well as the absence of backdoors - that is, open and third-party audited source code.
Why not Signal?
The Signal messenger has a good reputation among fans of secure communication, and it is absolutely deserved! Among its advantages:- open source;
- strong cryptography that is enabled by default;
- conducted security audit;
- cross-platform;
- the presence of a large number of useful functions: file transfer, audio and video calls;
- self-destructing messages.
But there are also serious disadvantages:
- A phone number is required for registration. And only recently was the ability to show the interlocutor a nickname instead of your phone number added;
- Signal shares phone numbers with third-party (!) companies, and there has already been a successful hack attempt in which phone numbers leaked into the hands of attackers;
- centralized infrastructure of the messenger. If the main components of the infrastructure fail, the messenger will not work.
As you can see, the disadvantages are significant, and it would be a good idea to familiarize yourself with Signal alternatives just in case. What if you can find a program with a comparable list of advantages and without the listed disadvantages? Well, let's look!
Session
In addition to serious protection of transmitted data, this messenger is distinguished by increased anonymity. It works on top of the Oxen network, the principle of which is similar to Tor: a chain of service nodes is built from the sender of the message to the recipient. The client is available for all current platforms: Android, iOS, macOS, Windows, Linux.When registering, a unique user ID and a secret phrase are generated, which is used to restore the account on a new device. All the necessary features of modern messengers are supported: calls, disappearing messages, file transfer, group chats, etc. Google infrastructure can be used to receive notifications (fast delivery mode), but the most paranoid users can disable this function.
Without Google servers, messages will continue to arrive, but with some delay. However, during testing, even "fast delivery" did not work instantly.
The main disadvantage of this messenger is that the developers chose controversial solutions in terms of security: they refused to use Perfect Forward Secrecy and the plausible deniability mode.
Help
Perfect Forward Secrecy (PFS) is a cryptographic feature that ensures the security of encryption keys even if the server’s long-term keys are compromised. In the context of session encryption, PFS ensures that each new session uses a unique temporary key that is independent of other keys. This means that even if an attacker gains access to the long-term keys, they will not be able to decrypt past or future encrypted information, since each session uses a separate key that is not stored after the session ends.Plausible deniability is a feature in encryption and data protection systems that allows a user to deny the existence of certain data, even under duress. The idea is that a user can keep sensitive information encrypted and only grant access to certain data that appears innocuous, while more sensitive information remains hidden and protected. For example, in some encryption systems, multiple passwords can be configured: one for accessing regular data and another for accessing more sensitive data. If the user is under pressure, he can provide a password to harmless data, pretending that this is all he has, and the truly important information remains hidden.
And another strange solution: to raise your service node, you need to freeze the OXEN currency on your account for about 15 thousand US dollars. This is explained as protection against spamming by untrustworthy nodes.
Pros:
- complete anonymity thanks to the Oxen network;
- no user data is required for registration;
- the ability to restore an account using a secret phrase;
- the minimum required amount of transmitted metadata is used;
- open source;
- decentralized network structure;
- encryption by default (strong cryptographic algorithms are used);
- code audit was conducted.
Cons:
- rare updates;
- Anonymity is provided for messages only;
- slow message delivery;
- presence of minor bugs;
- PFS is not used;
- other controversial decisions in security architecture.
SimpleX
Probably the most interesting messenger in this selection, it is also the most mysterious. SimpleX meets all modern requirements: there are audio and video calls, file transfer, disappearing messages, user groups, etc. Registration is anonymous and does not require entering a phone number or any other data. The network structure is federated, with the ability to connect your own relay servers. The abundance of settings is pleasantly surprising: you can connect your nodes, WebRTC ICE servers and XFTP for file transfer.To protect data, the SMP (SimpleX Messaging Protocol) is used, which is wrapped in TLS to communicate with relay servers. The developers regularly release updates and fix bugs, so the application works stably. Of course, the entire source code is open.
SimpleX uses strong cryptography, including post-quantum algorithms. In general, in terms of the thoughtfulness of the architecture and available client settings, SimpleX compares favorably with most messengers. The ability to deploy your own servers is another important plus.
Nevertheless, personally, I am still wary of SimpleX. The project does not make money, but its level of support is no worse than that of commercial ones. Suspicious! In addition, SimpleX is registered in the UK, and the government of this country every now and then encroaches on the right of citizens to reliably encrypt correspondence. An audit of the source codes was carried out, but at the request of DARPA, that is, the US Department of Defense. However, the source code is open, and the noble lords have not yet banned encryption, so perhaps it is too early to worry.
It is also worth noting that the developers have chosen an unusual programming language for the project - Haskell. Functionality lovers will appreciate it, but such a choice automatically narrows the number of people who can understand the source code.
Pros:
- no user data is required for registration;
- open source;
- frequent updates;
- encryption by default (strong cryptographic algorithms are used);
- the ability to configure the network in detail;
- the ability to protect IP addresses by retransmitting through SMP servers (both pre-installed and manually entered);
- code audit was conducted;
- minimal metadata transfer despite the federated network architecture.
Cons:
- only partially decentralized (federated) network architecture;
- consumes a lot of traffic for business purposes;
- registration in the UK;
- there are no group calls.
Jamie
This is a fully decentralized messenger that does not require any data from the user for registration. Messages are encrypted using RSA and wrapped in TLS - this is how messages are circulated between nodes. Another advantage of the messenger is that you can customize bootstrap servers, add and use nodes in the Jami DHT network, change STUN and TURN servers.There is even the ability to connect plugins, and an SDK is available for writing them. For example, through a plugin, you can change the background during a video call.
An interesting feature: when registering, you are asked to create a nickname, which is then stored on the NameServer (NS) of the Jami network. If you lose your profile (for example, forget your password), you will not be able to restore it and use your old name either, because the nameserver already knows you. However, this provides protection against identity forgery. It is clear that the nameserver does not store anything except the name, but even this is a small, but still a metadata leak.
Another interesting observation: when an account is migrated to another device, it is briefly completely loaded into the Jami network, however, under a password generated by the program. Question: how good is this password and is it really impossible to predict? I do not have a clear answer, so this is a topic for a separate study.
Pros:
- no user data is required for registration;
- open source;
- decentralized network structure;
- frequent updates;
- encryption by default (strong cryptographic algorithms are used).
Cons:
- controversial approach to metadata protection;
- The code audit was not performed.
Status
Another interesting messenger, which also has a crypto wallet and a Web3 browser. Like all the messengers in this review, it does not require a phone number for registration, and uses strong cryptography to transmit messages and has an open source code. Like Session, it uses blockchain for operation. Status has its own cryptocurrency token - ERC20 SNT. Tokens can be purchased, or you can get them, for example, for raising your network node.Previously, bootstrap servers were used during messenger loading, which allowed to obtain service information, but after the network has grown, such servers are not used by default. However, if something goes wrong, you can enable them in the settings.
The application automatically connects to the nearest nodes, but you can also select a node manually. And if you want, you can create your own and connect only to it (which, in my opinion, is a good option). And in general, the number of settings is impressive.
The legal entity is registered in Switzerland, where strict privacy laws are in effect.
When testing Status, I encountered minor bugs. For example, when you first launch the application, you need to agree to the privacy and terms of use, but when you click on the hyperlink, it sends you to the main page of the site.
By the way, I found the necessary documents by scrolling the page to the very end, but they related to the site itself, not to the messenger.
Pros:
- no user data is required for registration;
- the ability to restore an account using a secret phrase;
- open source;
- decentralized network structure;
- encryption by default (strong cryptographic algorithms are used);
- built-in crypto wallet and browser;
- based in Switzerland;
- code audit was conducted.
Cons:
- noticeable bugs;
- The messenger is still little used and not tested enough.
Briar
The Briar messenger works within the Tor network, and can also work without the Internet — on the ad hoc principle over Bluetooth or Wi-Fi (in the second case, you need to be on the same network to communicate). No phone number is required for registration.In general, the ability to work without the Internet at all is a kind of killer feature. It is clear that the radius will be small, but still, if a man-made apocalypse happens, this may come in handy!
Moreover, on Android, this messenger can also be distributed without the Internet. To do this, select “Share this app offline” in the settings, after which a Wi-Fi access point will be created to which you can connect. Briar will provide the address and port itself. Connect, and you can install the application on a new device.
As for privacy, everything is sensible here: the messenger uses the user's metadata to a minimum, so you don't have to worry too much about it leaking somewhere.
Of the minuses - there is no synchronization between devices. If you log into your account from a new phone, you will not be able to access past correspondence. Well, if you lose the password to your account, you will lose the account itself.
There are no other familiar functions: audio and video calls and even full-fledged file transfer! You can only attach pictures to messages. It must be admitted that in the modern world, these shortcomings can be decisive. But there is a built-in blogging system: any user can share valuable thoughts with the world.
For me, the meager settings were a big drawback. For example, it is forbidden to take screenshots of the application, and this ban cannot be lifted. You cannot even manually enter the addresses of Tor bridges, only enable or disable the ability to use them. It seems that modern WebTunnel bridges are also out of the question. That is, the developer has already decided everything for you and does not give you any choice.
Pros:
- no user data is required for registration;
- anonymity thanks to the Tor network;
- open source;
- decentralized network structure;
- encryption by default (strong cryptographic algorithms are used);
- code audit was conducted.
Cons:
- few features compared to other messengers;
- no synchronization between devices;
- weak customization.
Conclusions
Let's sum up some results:- Jami is a solid mid-tier, secure and decentralized;
- Session - suitable if you need anonymity along with confidentiality of messages (with some of the specified reservations);
- Status is a combine that includes, in addition to a messenger, a cryptocurrency wallet and a browser;
- SimpleX is a stable messenger with flexible customization and regular updates;
- Briar is a messenger for the post-apocalypse, simple as a hammer and able to work without the Internet at all.
As you can see, there is no messenger that is perfect in everything. Each of them has its own strengths and weaknesses. I hope this article will help you weigh them when choosing.