I made a spreadsheet that ranks messengers for privacy

jbd , 5 months ago

I noticed that some of these are apps and some are protocols. It makes sense to list the app if the protocol is proprietary, but it's confusing that there can be multiple apps for an open protocol and not all of those apps could feature the same level of privacy.

UnHidden OP , 5 months ago

Please submit a GitHub issue so I can track the suggestions and problems, thanks

Jericho_One , 5 months ago

Didn't even include the default messages app that most Android phones ship with 🤦

UnHidden OP , 5 months ago

Please submit a GitHub issue so I can track the suggestions and problems, thanks

Jericho_One , 5 months ago

Done

UnHidden OP , 5 months ago

I've updated the spreadsheet to include Google Messages, should be live on the site now :)

brb , 5 months ago

I don't think Google Messages is the default one tho? It's just called "Messages" on my Oneplus

southernwolf , 5 months ago

I think you left off Session from this list. Based on everything I know, it'll probably come in number 2, or even number 1 if it beats SimpleX.

sxan , 5 months ago (edited 5 months ago)

SimpleX may be one of the best, privacy-wise, but until they implement multi-device support with shared history, it's simply a non-starter. Not being able to access a conversation on both my phone and my computer puts a messaging app near the bottom of any usability list.

SimpleX is close to implementing it; the last time I checked, there was a way to link two devices, but it was exceedingly cumbersome - too difficult to ask a non-tech person to work through - and the history syncing didn't work. If they get that worked out, it'll be a strong contender; I only wish it'd been part of the original design and not a tack-on, as I expect it'll consequently be a major source of bugs for the project.

BearOfaTime , 5 months ago

It's kind of there now - you can link devices, but you have to manually switch between them. So only one device is active at a time. Not what people are looking for, but it's a start.

Not really useful for me, yet, but I like their approach. They didn't just throw out a fully-functional use-anywhere but flawed system, just to appease users. They've remained focused on keeping it secure. It's an Agile development approach, which works really well for stuff like this.

My guess is it'll be more fluid within the year (at least I hope so). I'd really like to switch to it, especially since you can self-host. Would be useful for my family, and could possibly make getting friends on board easier.

sxan , 5 months ago

Yes, it's coming along. Just very slowly. I think I first tried SimpleX a year ago? It isn't quite near where I'd feel comfortable suggesting that my friends and family switch to it, and at this rate, it'll yet be a while.

I wish them luck, though.

pescetarian , 5 months ago

With simplex battery is low. Not for smartphones.

poVoq , 5 months ago

You got some errors for XMPP e2ee: the popular mobile clients all enable it by default, it has perfect forward secrecy and a/v calls are usually also e2ee and of course data is encrypted in transit.

rcbrk , 5 months ago

Yep. Really need to compare the best-practice XMPP clients (e.g. Conversations, Siskin), not half-developed clients more suited to the XMPP landscape of 20 years ago. -- Just as Matrix's ranking in the table is high because only the state-of-the-art clients are considered -- there are plenty of Matrix clients which don't support e2ee, for example.

This list of mistakes isn't exhaustive, but extending from poVoq's mentions, here are some things XMPP(conversations) does actually have positive findings for:

• End to end encrypted by default [OMEMO]
• End to end encryption is available [OMEMO]
• Voice/video calls are end to end encrypted ["calls are always end-to-end encrypted with DTLS-SRTP"]
• Utilizes Perfect Forward Secrecy [OMEMO]
• Data is encrypted in transit [TLS and OMEMO]
• You can verify contacts out of band [https://gultsch.de/trust.html]
• There has been a third party code audit [2016]
• Provider can scan for illegal content [If you send content unencrypted, otherwise no different to Matrix/Signal]

I'm not sure there's much differentiation between any apps when it comes to "What can the apps hand to police?"; if the police have physical access to your device and app, they have access to everything you do on that device/app.

lazynooblet , 5 months ago

It's got that telegram is funded by Russia, is that true?

Wikipedia says the opposite.

https://en.m.wikipedia.org/wiki/Telegram_(software)

Telegram was launched in 2013 by the brothers Nikolai and Pavel Durov. Previously, the pair founded the Russian social network VK, which they left in 2014, saying it had been taken over by the government. Pavel sold his remaining stake in VK and left Russia after resisting government pressure.

AtmaJnana , 5 months ago

Telegram was suddenly unblocked in Russia after getting a bunch of money from the Kremlin.

https://www.wired.com/story/the-kremlin-has-entered-the-chat/

The Moscow Times reported that the investments included $75 million from a joint partnership between an Abu Dhabi state fund and a Kremlin sovereign wealth fund.

BearOfaTime , 5 months ago

Uggh, that's a bit concerning.

TheAnonymouseJoker , 5 months ago

Telegram is not meant for private messaging. It is like a public forum but in the form of realtime chat. Telegram and Discord are unique types of public chat style forums.

BearOfaTime , 5 months ago

Really? Because that's how I use it. There's nothing "public" about anything I use in it.

There's also fully end-to-end encrypted chats.

TheAnonymouseJoker , 5 months ago

You can go whisper in another person's ear in a discussion group, thinking others cannot hear your whispers. Does not make it true. You can go use an axe to cut vegetables if you like. Just do not complain when the onion becomes red.

If you do not understand the nature of different tools, it is entirely your fault. Use different tools for different purposes.

toastal , 5 months ago (edited 5 months ago)

So contributions require folks create accounts with Microsoft for GitHub? That’s a bit contradictory, but here you are telling folks to raise “Issues” exposing themselves to Microsoft’s ToS & data collection machine. Not to mention all they are doing with Copilot.

UnHidden OP , 5 months ago

You're not required to contribute. I went with GH because it doesn't require creating a new account on an obscure Git provider, which would kill the chwnces of anyone contributing.

toastal , 5 months ago (edited 5 months ago)

Git provides itself, so forges aren’t even required (the d is distributed version control). Issue trackers don’t need to be attached to the code forge. Even if you like someone else hosting it & an sidecar of integrated bug tracking, it should not require an account with Microsoft if privacy is the end goal—and there’s a host (pun not intend) of other options.

PRISM Break, Calyx live on GitLab (not obscure, supports SSO). Many free software projects like Freedesktop, GNOME, KDE, DivestOS, Briar, Jami self-host the community edition of GitLab. Privacy Tools & Awesome Privacy mirror to Codeberg as well as MS GitHub, presumably to have an escape hatch to the megacorporate bubble & to practice what they preach about privacy. LibreWolf is exclusively Codeberg. Cwtch self-hosts Gitea. Prosody self-hosts its Mercurial server. Choosing not Microsoft GitHub puts you in good company.

If a mailing lists alternative isn’t your thing, Forgefed, federation protocol for software forges, would apply for anyone with a Fediverse account (so Lemmy) could submit issues with Forgejo building it in along with others soon (GitLab expressed interest).

Choosing proprietary tools and services for your free software project ultimately sends a message to downstream developers and users of your project that freedom of all users—developers included—is not a priority.

—Matt Lee, https://www.linuxjournal.com/content/opinion-github-vs-gitlab

UnHidden OP , 5 months ago

Mailing lists are for old fat unix guys. Who uses email anymore? I can't even remember the last time I opened my inbox, maybe a month ago for a 2FA code?

I'll stick with GitHub because its what I know. If you don't want to use GitHub, then you can still view the spreadsheet, just dont click the GitHub or Datasets links in the fop left.

toastal , 5 months ago

You’re in a privacy-related space that values keeping data away from the corporations—that’s why your response has a worse ratio. If you don’t want your messaging data with data with Meta or Google, why would you be okay with Microsoft for your code? I like that instead of acknowledging the multitude of options you would have that puts your project in better position for contributor privacy, you chose to attack the one you disliked the most, mailing lists, & dismissed everything else. It’s really not any more difficult to pick up something like Codeberg & the UI loads faster too.

If someone said “WhatsApp is what I know, why should I care about your $MESSAGING_APP?” would you not, like, send them the output of your project to explain how their digital privacy is at risk? Consider building another list comparing code forges & see that you get little extra from MS GitHub being closed, proprietary, centralized, for-profit/publicly-traded, requires accepting Microsoft ToS to create an account, search locked behind auth, slow to load, slow to fix bugs, has outages constantly, locks out all users from Yemen et al. due to US sanctions, plays ball with capitalists (such as following record label demands to take down youtube-dl), pushes ‘social’ features (massive can of worms), tries to monopolize the developer space on the network effect, etc.

Marzanna , 5 months ago

I think that information for XMPP is inaccurate. I use it for private communication. E2E encryption is on by default in Conversations, messages are removed from a server if MAM is off.

toastal , 5 months ago

Dino, Gajim turn on OMEMO by default & even the TUI Profanity prominently displays [unencrypted] in red at the top by default nudging you to pick OMEMO, OTR, or PGP for end-to-end encryption. The protocol is generic on purpose & meant to be extended with encryption which in the case of private chat applications, is now defacto. Much in the same way, TLS isn’t required since there are application that don’t require it, but defacto, all guides for setting up a XMPP server for chatting applications will suggest TLS where some servers have options like s2s TLS required or it won’t talk to the other server.

Seems weird that there’s a big, red no even when all the defaults point in the direction yes for human-to-human chat. Much in the same way some values are wrong like apps & servers being open source when there very much are proprietary XMPP servers out there like WhatsApp & Zoom. There’s also a reason Tails OS comes with Dino (or Pidgin) & every dark web guide explains how to connect to XMPP thru Tor + OMEMO/OTR, because it can be secure & anonymous enough for criminals & whistleblowers while being lightweight & decentralized.

rcbrk , 5 months ago

It's always crickets when the issue of improper poor ranking of XMPP is addressed in these threads..

toastal , 5 months ago

Everything has to be new & shiny or it’s bad. XML bad, JSON good. /s

degen , 5 months ago

This makes me feel things. Incredible.

pescetarian , 5 months ago

Deltachat?!

aldalire , 5 months ago

Session?

UnHidden OP , 5 months ago

Working on it

fosstulate , 5 months ago

The messaging app front I consider to be a long-term stalemate, mainly due to crippling network effects. Another factor is that strange psychology at play when making app decisions, where a person will have page after page of junk apps on their phones, yet utterly balks at the notion of installing a second messenger.

Even if a large actor (say, the EU?) managed to bruteforce some interoperability into being, I wonder whether that would be to the detriment of small apps in terms of undermining (or even eliminating) their privacy protections. I can use the likes of Session or Simplex all day long, but if the other side of the conversation is on a corporate product like Whatsapp... It runs into the same problem as email.

BearOfaTime , 5 months ago

where a person will have page after page of junk apps on their phones, yet utterly balks at the notion of installing a second messenger.

Ffs this drives me crazy.

I have a friend who bitches about SMS being shit, every.single.day.

But will they use another app? No. "I don't want to have to use different messaging apps". Oh, so what you're saying is you're OK with how shitty SMS is. So stop complaining.

Really, it's not like you don't already have 3 email accounts, and have had a few phone numbers. And your friends numbers have changed over the years too.

This is something you use all day, every day. Not hard to find a conversation - hell, both iOS and Android show you this on a per contact basis.

So I'm not sure what's really going on when people say this. There's some other weird mental thing happening.

UnHidden OP , 5 months ago

Now you have something visual that you can show them and say "this is how bad SMS is compared to Signal"

lemmyreader , 5 months ago

https://divestos.org/pages/messengers

PrivacyWayFinder , 5 months ago

Why Session is not recommended for private communication?

UnHidden OP , 5 months ago

They purposefully removed perfect forward secrecy, which is an important part of preventing future compromise in the chain of messages.

Cyberflunk , 5 months ago

They explained this, and why it doesn't weaken the stack.

This opinionated ruling about "no PFS,no secure" is questionable judgement

Aria , 5 months ago

The first row and first column should stay visible when you scroll with such a dense graph.

Encryption , 5 months ago

This is a really cool idea, will share it around!

Maybe add the website on the GitHub-Repo as the projetc-site URL, makes it easier to navigate.