Lord777
Professional
- Messages
- 2,578
- Reaction score
- 1,520
- Points
- 113
Good evening!
It's no secret that all popular instant messengers like Telegram, WhatsApp, and so on are linked to a phone number,
but let's see which ones can be used and which ones should be removed from your devices right now.
Telegram.
(https://telegram.org/)
Messenger from Pavel Durov, built on the technology of encryption of correspondence MTProto.
A lot of noise, at one time, was around it, but after a while, as it seems, it was all a deliberate and carefully planned plan, so to speak, a PR move. Why?
E2EE chats (End-to-End Encryption, end-to-End encryption chats) are implemented as secret chats, but are not used by default. Regular chats are not encrypted at all.
As you can imagine, everything you write to your friends in regular chats is not encrypted at all!
The messenger is ambiguous. There is a lot of noise around it, but for what: there is no access to the source code, chats are not encrypted by default, there is no social graph protection (all your contacts are stored on Telegram servers), there are no group E2EE chats, E2EE chats are not supported in the desktop version of the program, only in
mobile, the messenger is centralized, messages are stored on the server (which, as already noted, are not encrypted) and at the same time there is no possibility of anonymous registration. What's the fuss about, gentlemen?
If you want to use Telegram, then at least use secret chats. To create a secret chat in the mobile version menu, select the New Secret Chat command. The desktop version does not support secret chats, so there is no question of syncing secret chats between the mobile and desktop versions. In a secret chat, messages are encrypted and not stored on the messenger's servers. You can also take a screenshot of a secret chat, but nothing prevents you from taking a photo of it from another phone.
WhatsApp.
(https://www.whatsapp.com/?lang=ru)
WhatsApp uses the Signal Protocol. Does this mean that it is as secure as Signal? Let's take a look.
Of course, this messenger is interesting because it doesn't store your messages on its servers. Instead, messages are stored on your phone. During the backup, they can be stored on any other servers. For example, if you have an iPhone, then when you backup your phone, WhatsApp messages will be placed in iCloud. along with other data.
The main problem is that WhatsApp collects all sorts of information about you - so-called meta-data, including all the phone numbers in your address book and all sorts of other data.
What is meta-data? The app records who you called and what time you called, and how long the conversation lasted, but the conversation itself is not recorded. It "logs" who you wrote to and when. For example, at 2: 30, you called phone sex and your conversation lasted 24 minutes. Agree, no one will "guess" what the conversation was about, because the conversation itself is not recorded. - In addition, WhatsApp collects tons of information about users - their phone model, OS, browser information, IP address, mobile number, etc.
The only thing that saves you is that E2EE chats are used by default and there is a possibility of group encrypted chats. Given all of the above and the fact that the messenger is proprietary with hidden code, everything doesn't look very good.
Signal.
(https://signal.org/)
The Signal messenger uses its own Signal Protocol, which is also used by other messengers WhatsApp, Facebook Messenger, Google Allo.
Signal Protocol is a cryptographic protocol that can be used for end-to-end encryption of calls (voice and video), as well as regular messages.
It would seem that if Facebook Messenger and Google Allo use the same protocol, then they are just as secure as Signal. But, as practice shows, no.
Unlike Signal, where encryption is enabled by default, it is disabled in these messengers. To enable it, you need to enable "Secret Conversations" in Facebook Messenger, and enable Incognito mode in Google Allo.
At first glance, the Signal messenger is much safer. Firstly, it is decentralized, and secondly, its source code is open to everyone, there is support for group E2EE chats, there is protection of the social graph, and messages that disappear on a timer are supported.
But this messenger is not anonymous. When registering, you must specify the phone number to which the messenger is linked.
Briar.
(https://briarproject.org/)
Based on the technology of decentralized networks (mesh), it can work via Bluetooth, Wi-Fi or via the Internet (Tog).
By default, end-to-end message encryption is provided.
Briar is not a very popular messenger, and we are willing to bet that not everyone knows about its existence. But in fact, it is very good. It can work through Tog, it is decentralized with open source code, it is possible to register and use anonymously (you do not need to specify either your phone number or e-mail), and chats are encrypted by default, and they are not stored on Briar servers (that is, your messages are stored encrypted only on your phone).
There is social graph protection (no one merges your address book to anyone), there are group E2EE chats, but there is no synchronization of E2EE chats between devices, since it is not possible to use the same account on different devices. Against the background of all other messengers, Briar looks perfect if you need anonymity of communication.
But it also has drawbacks: there is no possibility of voice calls, but you can accept this.
WickrMe.
(https://wickr.com/me/)
It claims to be the most anonymous messenger.
By default, E2EE encryption is enabled, there is no binding to the phone number, your messages are stored only on your device and then only for a while, and then they are automatically deleted.
The app doesn't have access to your contacts. On the one hand, it is not very convenient, on the other hand, no one will even know that you are using it, only if you do not provide your username in WickeMe. There are versions for Windows, iOS, and Android. On the site https://wickr.com/privacy / developers write that they do not store user messages on the server (this can be believed, since the chat history is not synchronized, what you wrote on mobile will remain there - these messages are not visible on the desktop) and that they do not store keys for decrypting messages.
Pay attention to this information:
Will Wickr Notify Users of Requests for Account Information?
Wickr's policy is to notify users of requests for their account information prior to disclosure including providing user with a copy of the request,
unless we are prohibited by law from doing so or if there is danger of death or serious physical injury. As soon as legally permitted to do so, we will notify our users of requests for their information.
In short, Wickr's policy regarding requests for account information is as follows: the user will be notified of such a request (that is, you will know that you are being followed) - the user will even receive a copy of the request.
And take a look at this:
Contents of Communications Are Not Available Requests for the contents of communications require a valid search warrant from an agency with proper jurisdiction over Wickr.
However, our response to such a request will reflect that the content is not stored on our servers or that, in very limited instances where a message has not yet been retrieved by the recipient, the content is encrypted data which is indecipherable.
Wickr can accept a request to transfer content from law enforcement agencies, but the response is that the content is not stored on Wickr's servers, so it cannot be transferred to them.
When registering with Wickr, you only need to enter your username (it should not be busy) and password. That's all. No email address, no phone number. At the moment, this is a very good option for confidential communication.
Key features of the app:
* The app is available on the following platforms: iOS, Android, Windows, Mac OS X, Linux.
* The messenger is not linked to a phone number. To register, you need to enter your email address. All you need to do is specify an ID that isn't already used by other users. After that, you can chat.
• When you start working in messenger, you need to find your friends using their ID. If your friends are not in Wickr, you can send them an invitation via SMS or e-mail.
* Wickr can forward text and voice messages, but you can't make video calls in it.
But this is not a disadvantage: in most cases, you exchange just text messages and pictures. Voice and video are used less frequently.
* Messages will self-destruct on both the sender's device and the recipient's device after some time. The user can independently set a timer for erasing the message. You can set the time from one second to several days.
* The application uses AES 256, ESN521, and RSA 4096 encryption protocols.
The messenger developer company adheres to the policy of protecting user data: no user data remains on Wickr servers.
• In the messenger, you can create a group chat with no more than 10 participants.
* Messenger doesn't merge contacts. In general, it can be denied access to contacts and it will work perfectly.
As a result, I personally give the first place to WickrMe, but I do not dispute that there are many other anonymous chats.
I will be very interested to read your suggestions and opinions about this article!
Thank you for your time!
It's no secret that all popular instant messengers like Telegram, WhatsApp, and so on are linked to a phone number,
but let's see which ones can be used and which ones should be removed from your devices right now.
Telegram.
(https://telegram.org/)
Messenger from Pavel Durov, built on the technology of encryption of correspondence MTProto.
A lot of noise, at one time, was around it, but after a while, as it seems, it was all a deliberate and carefully planned plan, so to speak, a PR move. Why?
E2EE chats (End-to-End Encryption, end-to-End encryption chats) are implemented as secret chats, but are not used by default. Regular chats are not encrypted at all.
As you can imagine, everything you write to your friends in regular chats is not encrypted at all!
The messenger is ambiguous. There is a lot of noise around it, but for what: there is no access to the source code, chats are not encrypted by default, there is no social graph protection (all your contacts are stored on Telegram servers), there are no group E2EE chats, E2EE chats are not supported in the desktop version of the program, only in
mobile, the messenger is centralized, messages are stored on the server (which, as already noted, are not encrypted) and at the same time there is no possibility of anonymous registration. What's the fuss about, gentlemen?
If you want to use Telegram, then at least use secret chats. To create a secret chat in the mobile version menu, select the New Secret Chat command. The desktop version does not support secret chats, so there is no question of syncing secret chats between the mobile and desktop versions. In a secret chat, messages are encrypted and not stored on the messenger's servers. You can also take a screenshot of a secret chat, but nothing prevents you from taking a photo of it from another phone.
WhatsApp.
(https://www.whatsapp.com/?lang=ru)
WhatsApp uses the Signal Protocol. Does this mean that it is as secure as Signal? Let's take a look.
Of course, this messenger is interesting because it doesn't store your messages on its servers. Instead, messages are stored on your phone. During the backup, they can be stored on any other servers. For example, if you have an iPhone, then when you backup your phone, WhatsApp messages will be placed in iCloud. along with other data.
The main problem is that WhatsApp collects all sorts of information about you - so-called meta-data, including all the phone numbers in your address book and all sorts of other data.
What is meta-data? The app records who you called and what time you called, and how long the conversation lasted, but the conversation itself is not recorded. It "logs" who you wrote to and when. For example, at 2: 30, you called phone sex and your conversation lasted 24 minutes. Agree, no one will "guess" what the conversation was about, because the conversation itself is not recorded. - In addition, WhatsApp collects tons of information about users - their phone model, OS, browser information, IP address, mobile number, etc.
The only thing that saves you is that E2EE chats are used by default and there is a possibility of group encrypted chats. Given all of the above and the fact that the messenger is proprietary with hidden code, everything doesn't look very good.
Signal.
(https://signal.org/)
The Signal messenger uses its own Signal Protocol, which is also used by other messengers WhatsApp, Facebook Messenger, Google Allo.
Signal Protocol is a cryptographic protocol that can be used for end-to-end encryption of calls (voice and video), as well as regular messages.
It would seem that if Facebook Messenger and Google Allo use the same protocol, then they are just as secure as Signal. But, as practice shows, no.
Unlike Signal, where encryption is enabled by default, it is disabled in these messengers. To enable it, you need to enable "Secret Conversations" in Facebook Messenger, and enable Incognito mode in Google Allo.
At first glance, the Signal messenger is much safer. Firstly, it is decentralized, and secondly, its source code is open to everyone, there is support for group E2EE chats, there is protection of the social graph, and messages that disappear on a timer are supported.
But this messenger is not anonymous. When registering, you must specify the phone number to which the messenger is linked.
Briar.
(https://briarproject.org/)
Based on the technology of decentralized networks (mesh), it can work via Bluetooth, Wi-Fi or via the Internet (Tog).
By default, end-to-end message encryption is provided.
Briar is not a very popular messenger, and we are willing to bet that not everyone knows about its existence. But in fact, it is very good. It can work through Tog, it is decentralized with open source code, it is possible to register and use anonymously (you do not need to specify either your phone number or e-mail), and chats are encrypted by default, and they are not stored on Briar servers (that is, your messages are stored encrypted only on your phone).
There is social graph protection (no one merges your address book to anyone), there are group E2EE chats, but there is no synchronization of E2EE chats between devices, since it is not possible to use the same account on different devices. Against the background of all other messengers, Briar looks perfect if you need anonymity of communication.
But it also has drawbacks: there is no possibility of voice calls, but you can accept this.
WickrMe.
(https://wickr.com/me/)
It claims to be the most anonymous messenger.
By default, E2EE encryption is enabled, there is no binding to the phone number, your messages are stored only on your device and then only for a while, and then they are automatically deleted.
The app doesn't have access to your contacts. On the one hand, it is not very convenient, on the other hand, no one will even know that you are using it, only if you do not provide your username in WickeMe. There are versions for Windows, iOS, and Android. On the site https://wickr.com/privacy / developers write that they do not store user messages on the server (this can be believed, since the chat history is not synchronized, what you wrote on mobile will remain there - these messages are not visible on the desktop) and that they do not store keys for decrypting messages.
Pay attention to this information:
Will Wickr Notify Users of Requests for Account Information?
Wickr's policy is to notify users of requests for their account information prior to disclosure including providing user with a copy of the request,
unless we are prohibited by law from doing so or if there is danger of death or serious physical injury. As soon as legally permitted to do so, we will notify our users of requests for their information.
In short, Wickr's policy regarding requests for account information is as follows: the user will be notified of such a request (that is, you will know that you are being followed) - the user will even receive a copy of the request.
And take a look at this:
Contents of Communications Are Not Available Requests for the contents of communications require a valid search warrant from an agency with proper jurisdiction over Wickr.
However, our response to such a request will reflect that the content is not stored on our servers or that, in very limited instances where a message has not yet been retrieved by the recipient, the content is encrypted data which is indecipherable.
Wickr can accept a request to transfer content from law enforcement agencies, but the response is that the content is not stored on Wickr's servers, so it cannot be transferred to them.
When registering with Wickr, you only need to enter your username (it should not be busy) and password. That's all. No email address, no phone number. At the moment, this is a very good option for confidential communication.
Key features of the app:
* The app is available on the following platforms: iOS, Android, Windows, Mac OS X, Linux.
* The messenger is not linked to a phone number. To register, you need to enter your email address. All you need to do is specify an ID that isn't already used by other users. After that, you can chat.
• When you start working in messenger, you need to find your friends using their ID. If your friends are not in Wickr, you can send them an invitation via SMS or e-mail.
* Wickr can forward text and voice messages, but you can't make video calls in it.
But this is not a disadvantage: in most cases, you exchange just text messages and pictures. Voice and video are used less frequently.
* Messages will self-destruct on both the sender's device and the recipient's device after some time. The user can independently set a timer for erasing the message. You can set the time from one second to several days.
* The application uses AES 256, ESN521, and RSA 4096 encryption protocols.
The messenger developer company adheres to the policy of protecting user data: no user data remains on Wickr servers.
• In the messenger, you can create a group chat with no more than 10 participants.
* Messenger doesn't merge contacts. In general, it can be denied access to contacts and it will work perfectly.
As a result, I personally give the first place to WickrMe, but I do not dispute that there are many other anonymous chats.
I will be very interested to read your suggestions and opinions about this article!
Thank you for your time!
