Cross-posted from : https://lemmy.ml/post/16566616

Hi, I wanna know what is the most secure and best messaging app/platform… Need an app that is crossplatform and has a very good numbers of features and security. (And it has to be FLOSS) I thought about XMPP clients, Signal, Session, IRC clients… Propose and explain me your choice

  • Autonomous User@lemmy.world
    link
    fedilink
    English
    arrow-up
    27
    ·
    edit-2
    7 months ago
    • SimpleX is libre software and the most decentralised voice chat here.
    • Briar is libre and the most decentralised but is missing voice chat.
    • XMPP and Matrix are libre software and federated/decentralised. XMPP servers use far less resources, so creates more decentralisation than Matrix in practice.
    • Signal is libre and more popular but centralised, acceptable.
    • Avoid Threema’s app which requires a service as a software substitute.
    • BlueKey@kbin.run
      link
      fedilink
      arrow-up
      8
      ·
      7 months ago

      SimpleX doesn’t need a phone. The desktop app can run standalone or linked to the phone-profile (but the phone must stay connected for that).
      They also have a CLI version (which you can use as a central hub for your profile).

        • BlueKey@kbin.run
          link
          fedilink
          arrow-up
          5
          ·
          7 months ago

          SimpleX isn’t able to share your profile-data between devices. Instead you connect with e.g. the desktop app to the phone to use the phone-profile, but it need to stay online, which can be inconvenient.

          With the CLI version you are able to run it on some (private) server and then connect the phone and desktop app to it. But it is still not really convenient, as you need to establish a tunnel (for example SSH port forwarding) to the server (the clients don’t support connecting via internet URL the last time I checked).

          • Emanuel@lemmy.eco.br
            link
            fedilink
            English
            arrow-up
            1
            ·
            7 months ago

            I see. I switched from the CLI version to the desktop version when it came out and was considering switching back if it was more convenient than it currently is to use my phone’s profile on desktop, but it sounds like it really isn’t.

  • mox@lemmy.sdf.org
    link
    fedilink
    arrow-up
    20
    arrow-down
    1
    ·
    edit-2
    7 months ago

    There is no best, because none of them cover every use case or threat model. However, these are worth considering:

    • Matrix, if you don’t mind minor meta-data leaks (reactions and avatars have not yet been moved to the encrypted channel, IIRC).
    • XMPP with OMEMO, if all your contacts are technically skilled enough to manage the requisite clients, servers, and protocol extensions, or if they have a skilled admin to do it for them.
    • Signal, if you don’t mind linking a phone number to your account, can tolerate an ecosystem effectively married to Google, and accept the risks of a centralized service that can be attacked or shut down by someone with the right access or influence.

    In situations where your safety depends on anonymity from the powerful or well-connected, I would instead look for a messaging system tailored for such things. (It would, of course, require giving up some convenient features that most of us expect from a general-purpose chat platform.)

    • smileyhead@discuss.tchncs.de
      link
      fedilink
      arrow-up
      13
      ·
      7 months ago

      reactions and avatars have not yet been moved to the encrypted channel

      Fortunetly there is ongoing work to do that. Still admin sees who you are talking to, but there is some effort.

      • toastal@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 months ago

        Even with the UnifiedPush fork from F-Droid where you can avoid the Play Store & FSM notifications, you are still shackled to Android which isn’t a long-term solution with Google ultimately at the helm.

    • Blizzard@lemmy.zip
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      7 months ago

      I think Signal dropped the phone number requirement, didn’t they?

      • BlueKey@kbin.run
        link
        fedilink
        arrow-up
        11
        ·
        7 months ago

        As far as I know you still need a phone number to create an account. But for connecting you can use the new usernames (and make sure to disable automatic number sharing with contacts in the settings).

      • youmaynotknow@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        7 months ago

        Now you’re able to hide your number at different levels, but it still requires you to use a phone number to sign up and use.

    • foremanguy@lemmy.mlOP
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      7 months ago

      In fact you could say that for now XMPP is the best in your opinion, but a bit technical?

      • mox@lemmy.sdf.org
        link
        fedilink
        arrow-up
        5
        ·
        7 months ago

        No, I would not say that.

        I used XMPP in the past, but long-lived public server support is almost nonexistent these days, and proper setup/maintenance requires too much tech skill for the general public. Also, it lacks modern features that many people have come to expect. I would only suggest it for small groups, and only if you can run your own server and provide tech support.

        For my needs, Matrix is the best available today. It covers the things that I find most important, and is constantly improving.

        • poVoq@slrpnk.net
          link
          fedilink
          arrow-up
          6
          ·
          edit-2
          7 months ago

          but long-lived public server support is almost nonexistent these days

          Uhm, that is untrue, especially compared to Matrix where multiple public servers recently had to shut down because of excessive server resource use.

          But yes, like in any healthy federation it is better to run your own XMPP server.

        • toastal@lemmy.ml
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          7 months ago

          For beginner self-hosters Snikket’s guide is even less work than others, but ejabberd/Prosody are easy to setup up compared to most software. General public is generally out at needing their own server even if the system requirements for XMPP incredibly minimal & many would have access to hosting at home on the cheap with dynamic DNS & basically anything with a processor + a Linux distro.

          Not sure what the modern feature support you are talking about tho. Some clients already have stickers, reactions, threading… but the ‘X’ is for ‘extensible’ so it is all meant to be optional on purpose so it is easier to implement clients & democracy wins on features that clients decide are worthwhile to uptake (at least now that Google is out of the picture dictating too much)–& you have community-ran compliance suites for server features like the one for Conversations. Having used a couple of Matrix clients that aren’t Element, the fragmentation of client feature support is literally just as bad–except there is a lot less maturity due to age.

  • Simon Müller@sopuli.xyz
    link
    fedilink
    arrow-up
    15
    ·
    7 months ago

    SimpleX is quite a promising project, uses Double Ratchet End-to-End-Encryption (from Signal), and has a very interesting protocol and model to provide quite strong metadata protection, especially in regards to whom you talk to and groups you’re in.

    If your threat model requires exceptionally strong Metadata protection, SimpleX is probably going to be your go-to

    Though, for a more lenient threat model, where still good, but less laser-focused metadata protection is enough, Signal will probably do just fine.

    Personally I use Signal, but I also have a SimpleX Profile, an XMPP Account and Matrix. (preferred in that order)

  • rrobin@lemmy.world
    link
    fedilink
    arrow-up
    9
    ·
    7 months ago

    Depends on what you mean by “secure”, being very loose with the definitions, we have

    • end to end confidentiality (i.e. only you and the intended destination can see the message contents)
    • privacy (only the destination knows i’m sending messages to them)
    • anonymity (no one can find out who you are, where you live, i.e. metadata/identity/etc)

    My personal preference is Simplex.

    Reasoning for a few:

    • Email: even if you use PGP to encrypt messages the server(s) in the delivery path have access to all metadata (sender, receiver, etc, etc). If no encryption is in use, they see everything. Encryption protocols in e-mail only protect the communication between client and server (or hop by hop for server to server)
    • XMPP: similar reasoning to email. i.e. the server knows what you send to who. I should note that XMPP has more options for confidentiality of message content (PGP, OMEMO, others). So I find it preferable to email - but architecturally not too different.
    • IRC: Again similar reasoning to email - even if your IRC server supports TLS, there is no end to end encryption to protect message contents. There were some solutions for message encryption/signing, but I’ve never seen them in the wild.
    • Signal: Good protocol (privacy, confidentiality, etc). Dependency on phone number is a privacy concern for me. I think there are 3rd party servers/apps without the use of phone numbers.
    • Simplex: Probably the strongest privacy protection you can find, but definitely not easy in terms of usability. The assumption is that we do not trust the intermediate server at all (and expose nothing to it), we just leave our encrypted messages there for the receiver to pick up later. It also does some funny stuff like padding messages with garbage.
    • Matrix: In theory it supports end to end encryption in various scenarios, but my experience with it has been so bad (UX, broken encrypted sessions) I only use it for public groups.

    Some more food for though though; these protocols support both group communication and 1-1 messaging - privacy expectations for these two are very different. For example I don’t care too much about confidentiality in a group chat if there are 3000 people in there. It might be more concerned with concealing my phone/name/metadata.

    In general I consider large group chats “public”, I can try to be anonymous, but have no other expectations. e.g. some people use some protocols over ToR because they do not trust the service (or even the destination) but they try to protect their anonymity.

    On a technical note: I don’t think there is any protocol that supports multi-device without some kind of vulnerability in the past. So I would temper my expectations if using these protocols across devices.

    I’m not familiar with the other ones that were mentioned in comments or in the spreadsheet.

  • whyNotSquirrel@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    1
    ·
    7 months ago

    For privacy it’s probably one that nobody uses. Then it’s even more private because you’ll never send anything

  • GolfNovemberUniform@lemmy.ml
    link
    fedilink
    arrow-up
    8
    arrow-down
    1
    ·
    7 months ago

    You need to understand your threat model. Some apps are very secure but extremely inconvenient and hard to use. Others are more convenient but may not be able to hide the fact of a conversation between certain users for example

    • foremanguy@lemmy.mlOP
      link
      fedilink
      arrow-up
      2
      ·
      7 months ago

      If I want convenience for now I would use Signal or maybe Session, but here I want the (almost) most secure thing that I could get

      • umami_wasabi@lemmy.ml
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        edit-2
        7 months ago

        There is always a cost to security. How much you and your recipent ready to pay?

        And, what you mean by “secure”? E2EE is basic. How about meta data? Or resilient to DPI? How about correlation attacks? Then the directory server. And the operator of the server. Where they located can be a factor too.

        There can be a milion factors that can contribute to security. You can have it all but I don’t know if such thing exist or not. For each factor, you gain some security but loss some in other places. You need to pick and choose what you need.

        • foremanguy@lemmy.mlOP
          link
          fedilink
          arrow-up
          2
          arrow-down
          2
          ·
          7 months ago

          I wanna get something that could be tweaked like changing the encryption… Something really customizable, maybe running my XMPP server

          • umami_wasabi@lemmy.ml
            link
            fedilink
            arrow-up
            6
            ·
            edit-2
            7 months ago

            So you want self hosted? And what you mean by changing the encryption? Changing the encryption protocol and encryption algorithm are two different thing. OMEMO is kind of de facto for XMPP. Last I checked it seems doesn’t let you choose the cipher suite like TLS 1.2 does. You can spin another if you have the capability to do so but not recommend.

            And whatelse you want to tweek?

            EDIT: typo

            • foremanguy@lemmy.mlOP
              link
              fedilink
              arrow-up
              1
              arrow-down
              1
              ·
              7 months ago

              That would be cool to have a messaging app that let me change almost what I want like the encryption protocol, changing the encryption keys… And so on, don’t know if it’s possible

              • umami_wasabi@lemmy.ml
                link
                fedilink
                arrow-up
                2
                ·
                edit-2
                7 months ago

                Key? Oh, welcome to the land of GPG/OTP where platform and protocol doesn’t matter. Good luck finding a friend willing to deal with this just to talk to you though. And loose some important security features like forward secrecy and double ratchet.

  • smileyhead@discuss.tchncs.de
    link
    fedilink
    arrow-up
    6
    ·
    7 months ago

    There is no one best, as we wish there would be. Depends what you want.

    XMPP and Matrix are definetly the most based ones, because you are not tying yourself to one particular app and server, they’re the common languages. And this is what I would want to use for mass communication and as a base, default.

    Signal is nice if those above are not enough developed yet for you. Easy to switch friends into and discover contacts with it’s phonebook based nature. But there is no open API for thrid-party apps, only reverse engineering from open source code.
    If you don’t need calls Matrix has a bridge so you can use both at the same time.

    There are also the most anonymous ones, like Briar, SimpleX or Session, there is a lot of them. For me their usage is when two or more people want really private chat and both agree on the app. I really can’t and don’t want to see them as the default.

  • RmDebArc_5@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    ·
    7 months ago

    I would recommend looking at this site. My personal recommendation would be simplex chat. It’s decentralized, doesn’t require a phone number and supports forward secrecy.

  • onlinepersona@programming.dev
    link
    fedilink
    arrow-up
    6
    arrow-down
    1
    ·
    7 months ago

    What is it you’re looking for actually? “Best” is subjective to the person’s needs.

    For example for me, the best is signal but I would much rather use something decentralised that still allows friends and family to find me easily using my phone number. Stories / client defined groups without notifications are also very useful to me. Also a native desktop app (aka not a locked down browser running some local webpage) would be awesome. But such an app doesn’t exist yet.

    What would you need and prefer?

    Anti Commercial-AI license

  • crispy_kilt@feddit.de
    link
    fedilink
    arrow-up
    6
    arrow-down
    1
    ·
    edit-2
    7 months ago

    I’d go with Signal or Threema

    Signal: Best data protection. They are on a different level from anyone else. They even reimplemented gif search through their app so it can be anonymised (instead of the data-collecting gif search in your keyboard). Just an example, they really try. Also has a desktop app that doesn’t need the mobile app to be running. Downsides are google dependency (for push notifications - but they’re empty, the encrypted data does never even touch google) and required linking to phone numbers. They do have usernames now so you don’t have to give out your phone number to talk to someone. Behind it is an US based non profit - whether that is a downside everyone can decide for themselves.

    Threema: No need for phone number, not even a credit card, you can buy it anonymously through their website. No google services required. Swiss based company, so much better laws than USA. Finance themselves through the one time fee of 2 USD and through their corporate offers, no nags for donations, no selling of data. Downsides are server code is not open source, and their protocol is less good than Signals, but still reasonably secure. They’re working on a new one though. Also no independent desktop app yet (also working on it).

    • foremanguy@lemmy.mlOP
      link
      fedilink
      arrow-up
      3
      ·
      7 months ago

      Would maybe choose Signal for its simplicity but I do not would like to use threema, it is a bit too related to his company, rather prefer simplex as example

  • thegreekgeek@midwest.social
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    7 months ago

    Delta Chat is quite good, it’s an email client thats built like a messenger app. It’s E2EE with Autocrypt lvl 1, you can use it with most email services, and they have a self hostable/hosted “chatmail” service that you can also use if regular email services are slowing down the messages (gmail isn’t the best for this). It also supports apps and games in chat using the webXDC standard.