Messengers, there are many of them. But are they any good? Well there are some really good comparisons out there, but I want to add some of my own takes. If I missed your favorite messenger, I am sorry. Also I will not cover all clients for decentral protocols. For example for Matrix I might only cover Element or SchildiChat.

A short overview

• Briar is a fully P2P messenger, making it very resilient against censorship, but also lets it drain your battery, as the app needs to be active to send and receive messages.
• Delta Chat is a messenger building on the existing E-Mail infrastructure. This has the advantage of it being quite decentral if you want, self hostable and easy to use. It does leak a lot of metadata though, making it not very private and also the encryption will be turned off, when the receiver doesn’t support it.
• Discord is a widely used chat application, which is not in any way private or secure, but is quite easy to use for most people.
• Jami is another P2P messenger, which has decent security, proven by independant audits and is quite private as well. Sadly it is not really usable day to day, due to the lack of a big userbase.
• SchildiChat is a Matrix client, which is based on one of the most popular clients, Element. It brings all the features of element, on the web, desktop and Android. Schildi mostly changes UI aspects of Element, but also provides bug fixes. Sadly Element breaks perfect forward secrecy for convenience ¹, making it not the ideal choice for fully secure communication.
• Session is a messenger, which routes all its traffic through tor, making it resilient against cencorship, but also quite slow. Also it does not have perfect forward secrecy integrated ¹, meaning if one message can be decrypted all can be.
• Signal is probably the most known secure messenger. And it is really secure, but relies on centralised servers. They mainly run on AWS (Amazons Cloud Service), which isn’t the best for both security and privacy, and has shown to also not be the most reliable². For most people this is probably the best choice, as it is free, easy to use, very secure and has decent privacy protections.
• SimpleX is another P2P messenger, which also intruduces decentral relays, which add a little metadata, making the theoretical privacy worse than for Briar or similar, but to a very insignificant degree in comparison to centralised services. It is also suffers from high power consumption, due to the P2P connections.
• Telegram is for some reason a really popular messenger, which doesn’t really protect your privacy, cooperates, with governments and doesn’t encrypt messages by default. Also the cryptography can’t verified. Also Telegram seems to be developed in Russia, which isn’t exactly known for its respect of free speech, privacy and things like human rights.
• Threema is a swiss based messaging service. Just like Signal it is also open source, but the central service is hosted by Threema. It costs a 6,49 € to get it. Note that Threema just got aquired by a German capital company ³. Further it is important to note, that while many messengers like Session build on and change Signals messaging protocols, Threema rolls their own protocol, which supports perfect forward secrecy. Their protocol was criticised before, but in general should give similar security as Signals.

Yes, there are messengers from Meta, Google and Apple (Facebook Messenger, WhatsApp, Google Messages, iMessage), they all suffer bad and/or not checkable security and don’t protect your privacy. Don’t use them.

A note on XMPP, it is a great protocol, but moves quite slow, leading to privacy and security issues. I have not used it enough to give more details here, maybe in an update of this page later on.

Briar

Briar is a P2P (Peer-to-Peer, meaning direct connection without 3rd parties) communications app. This means no server in the middle that can track anything, making it very private. Also it has decent security. It is notable that it doesn’t use the Signal protocol. It doesn’t have post quantum secure cryptography sadly. Also it needs to be on all the time to receive messages, since there is no server in the middle being able to store messages until they can be received. This will drain the devices battery much faster than other messengers would. This has big advantages though. It for example works also in isolated networks and can hardly be censored.

I would probably recommend this to people on protests, since store now decrypt later attacks are irrelevant there and it is much more important to effectivly circumvent internet blockades. For example if LTE is turned off, a protest could spin up their own network and continue using Briar. For daily use it is probably not suitable.

Delta Chat

Delta chat is build on a quite fun idea. Build ontop of existing infrastructure. That means, they utilise existing E-Mail infrastructure for distribution of their messages. This means in theoretically has a huge reach. They encrypt the message content, when the other person also uses Delta Chat, which means you could send unencrypted messages. That might lead to exposed data. Also since it utilises mail infrastructure there is a lot of metadata, which is possibly collected by all mail servers that the mails land on. This is probably not the best for privacy. Also E-Mail is not really made for instant messaging, so I would not recommend this, although this is a really fun project.

Discord

Can someone explain me, why people in the FOSS community use Discord instead of forums for help? Discord is firstly not open and secondly not searchable. No one can find previous answers there, so you will proabably need to answer them over and over again.

Also they now are going to add pretty privacy invasive Age verification.

There is no encryption for messages and pretty much anything else in rest (on their servers). Sure their voice communication has at this point encryption, but it is a fully new protocol made by Discord and I know no single audit for this, so don’t use it at all or use it like anyone could read anything you share there.

Also there is a dedicated opinionated for Discord!

Jami

Jami is another P2P app, like Briar. This means they have similar cons, being quite heavy on the battery. It also has not a lot of users, making it hard to use for many probably. They use RSA keys for encryption, which is a good standard, but sadly not post quantum secure. Also Jami doesn’t notify about key changes and was never audited for security as of my knowledge. It sadly disloses some metadata during usage. Also it doesn’t support encrypted backups, which all together makes it hard to recommend. If you need P2P communication you might rather look into Briar.

SchildiChat

Ahhh, yes Matrix. As said above in the short form of this, SchildiChat is a fork of Element, which makes it inherit some security flaws, as discarding perfect forward secrecy. But they still keep the decentral and quite well encrypted nature of Matrix. This also has as consequence, that its security and privacy greatly depend on the instances of the users. In general it is more resilient against censorship and quite cool for a self-hosting project. It is not very user friendly to not very technical people, so I wouldn’t recommend it to people who want to use it for secure communication alone. For those who like to tinker it is certainly great. That is also why I chose SchildiChat here, since it is more customisable than Element is. Also it brings some bug fixes, which are always appreciated. Also there is quite a big flaw in Matrix itself, since it stores a graph of all messages on its servers (encrypted of course) it is very hard to delete old data permanently and efficiently.

Session

This is basically Signal over Tor, with perfect forward secrecy removed from it. This combination is quite interesting. It has the problems of Tor, being slow, but it also gains in privacy a lot. It is a really interesting idea for circumventing censorship and also for gaining more privacy, but it is definitely for a real interesting group of people, who need privacy, but can live with compromised security compared to most other modern messengers. I wouldn’t recommend to use it as a daily driver. It is probably more for people who want to use it in small clearly known time frames and discuss only information relevant for a short period of time. Since the encryption is really strong this “short period of time” might still be years, but should definitely be a consideration.

Signal

Signal is probably the most well know secure and quite private messenger. It is quite easy to use and for most people is probably a good way to go. It has good cryptography, so good in fact many other messengers just build on it. They have plenty of features in their app, it is possible through community tools to use it without the need of a phone. The desktop and mobile apps are pretty good, although the desktop app is quite RAM hungry, as it is an electron app.

Sadly it is not just sunshine and roses. Firstly Signal is centralised. There is no way around their servers. The code on the servers is open source and audited, but they still run on AWS, meaning if that goes down, there is no Signal for you ². This also means it is in comparison easy to censor Signal, although they have great ways to get around many blockades. Further it means that if the US takes down Signal for political reasons, all communication is gone. And Signal doesn’t leave no metadata at all, it is very minamal, but for incestigative journalists or activists, where a government might want to spy on their conversations, they could at least figure out who you are talking with, if they get data from the US Tech giants. Here you will have to note though, that Signal is probably the smallest leak in that regard.

Also Signal compromises user customizability with security. Because they want the most secure apps, they block many third party clients all together. This is probably not a big deal though, if you are looking for optimal security.

And a last clear flaw of Signal is, that it requires a phone number to be used. Since in most countries a phone number can be tied directly to ones identity that is not very private. This is probably used for verifying that users are human, making it easier to keeps bots away, but honestly, since users have to accept message requests bots shouldn’t pose a big problem anyway to them. I am not fully sure how much can be done with the phone number, but it is probably possible to see who is talking to who, if we assume the servers of Signal are acting in bad faith, which means we have to trust the Signal foundation to keep bad actors away.

SimpleX

SimpleX uses decentral relay servers for messaging and doesn’t require a phone number, mail or anything other to identify one. Also it is so secure I could recommend it to anyone. It uses the signal crypto, if you are interested, in addition to some other crypto. It is also cool that they’ve an API and they are recommended by the Whonix project, which definitely is something to brag about. It is available accross plattforms and has an intuitive UI, as far as I am concerned. Really there isn’t much bad to say about it. Okay, they don’t support automatic backups, but backups are encrypted and local. They also sadly not yet notify about key changes. If you care about big group chats, that might work not as good, but I have not tested that, but just read about it. All in all I can still recommend it, especially since you can route all traffic over tor if you want that extra privacy. Wolke is reachable over it.

Threema

Threema is a swiss base messenger, developed in the open. For using the threema servers you will have to pay a one time fee. They use their own crypto, which was criticised before, but gives more options than just the signal protocol. Also in general it brings all the security features it could need, although it might not be as mature, as the Signal protocol. Sadly their services are fully centralised and since they just got acquired this could be seen as a problem by some. It is not as good as federal services or P2P connections in minimising metadata. In that sense I would compare it to Signal. Also the server software seems to be not open source. Sadly they also require you to have a mobile device ⁴. This can’t be circumvented as in Signals case, as far as I know. In general I would prefer Signal over Threema, but in this category both are fine. It really depends on how Signal moves on with their AWS/Google/Meta/Cloudflare hosting and their phone number policy and how Threema acts now that they got acquired by a for profit investment firm. For people with strict threadmodels this is definitely not the way to go.

Telegram

If you ask yourself: Why does Wolkensteine even put this here? Isn’t Telegram just a platform for people believing the earth is a pancake?

Yes, that is certainly not far from the truth, just that there are also many scammers and some “high performers”. Yes no one should consider a messenger build in Russia as safe and yes I will not recommend this app in the slightest. I just thought: wouldn’t it be funny to see what is all wrong with it?

That is why I made a list ⁵!

• Only the client is open source.
• The company is based in Dubai and comes from Russia.
• Can only encrypt direct messages, not group chats.
• Doesn’t encrypt post quantum safe.
• Doesn’t notify you when keys change.
• Has trackers in their apps.
• You need a phone to register ⁴.
• Doesn’t protect metadata significantly.
• Is not Ad-Free
• Centralised
• Backup keys are stored by Telegram, so they are not very securely protected from governments.

Note that these are only technical reasons in privacy and security perspectives. That a company with their headquaters in Dubai, that came from Russia shouldn’t be supported is another thing and their association with tolerating scams etc. is also something most will see as a bad thing.

Big techs try at communication

Do I really need to comment on this? No, not really. Either they don’t encrypt or encrypt in unverifyable quality. Also they collect all the data they can get.

Yes WhatsApp, iMessage and what not claim E2EE, and that might be technically true, but that doesn’t mean it is good encryption or that all data transmitted is encrypted. They all claim encryption for the messages contents, but not for the metadata. This means that they still know exactly who is texting with who, when they do, how often the text, if they call, probably if the have attachments in their messages, likely also names, nick names, in WhatsApps case profile pictures, always the telephone number, where the people are who text, and so on. This might differ a little between them, but in general see them as not private and not secure, they all just can get positives for ease of use and their big comfortable userbases.