this post was submitted on 13 Jun 2023
21 points (95.7% liked)

Privacy

31854 readers
195 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Today, most messaging apps have true end-to-end-encryption (Telegram's must be activated per contact for Secret Chat), but what really differs now is how many can tie your communications back to you through metadata. Obviously those which require a phone number or an e-mail address, do have your activity tied to you potentially.

WhatsApp, Signal, Telegram and similar do require this for registration. Partly it is for authentication, finding friends, and also for resetting access if access is lost. What data you can see after a reset, gives an indication of what the provider has access to. For Signal, you won't be able to read any of your older messages. Signal indicates in this linked article, though, that they only keep the very minimum of information (tested by a legal subpoena). Telegram has more access as that is how all your chats get restored, but they have been banned in various countries because they don't hand over the information. WhatsApp, of course, we all know about their passing of detailed metadata upstream to Facebook (it's in their terms and conditions). I've done a post before about the risks and the monetary rewards around harvesting metadata. Just by registering on WhatsApp, you have also shared all your friends' phone numbers to Facebook, along with how often and how long you contact them, where you are when you contact them, etc.

We've also seen lots of secure messengers emerging that require no phone number and also no e-mail address, eg. Briar, XMPP, Jami, Threema, SimpleX, Nostr, and many more. Many mainstream users don't adopt them because the common problem is, you can't find your own friends easily (who do you chat with then?).

So this is one of the reasons why Signal has been pretty popular as a secure messenger. It requires a phone number, but retains virtually no information about you to sell or leak, and you can very easily find all your friends using it. So no, it is not THE most secure messenger, but it is certainly the most secure of those requiring a phone number or e-mail address for registration.

But the main takeaway is, unlike with an SMS app where only one app may be the active SMS app, your phone can have 10 or more instant messengers installed, so there is no reason not to also have Signal installed. It helps your friends, who are more privacy conscious, to stay in contact with you via Signal. Whether a message notification pops up via WhatsApp or Telegram, It's still going to pop up, unless you have a friend that insists on contacting you through two apps at the same time. Most modern messenger apps use push notifications, so they are not constantly polling, which uses data and battery all the time.

Go ahead, try more than one messenger, and you may be amazed that there are often better and more interesting features to try. Many of your friends will thank you.

#technology #privacy #messengers #chat #Signal

top 19 comments
sorted by: hot top controversial new old
[–] SkyNTP@lemmy.ml 5 points 1 year ago* (last edited 1 year ago) (4 children)

your phone can have 10 or more instant messengers installed, so there is no reason not to also have Signal installed

But I don't want to have to manage 10 different communication apps, and I don't want to be in a walled garden, and I don't want to wrestle with my contacts about which app to use. I want federation.

F*ck off Signal. I choose Matrix instead.

[–] maynarkh@feddit.nl 2 points 1 year ago (1 children)

You will get it, courtesy of the EU. Look up the Digital Markets Act. Big names like Facebook Messenger, Apple iMessage and such will be forced to federate.

And that's just the start, like 20% of the full scope of the already accepted bill. It will be a bigger shakeup than the GDPR when it gets implemented.

[–] TWeaK@lemmy.ml 2 points 1 year ago

Yes but the EU also wants to ban encryption.

Let's see what shape the laws take after they're written, rather than running purely on what we hope they will be.

[–] pineapplelover@infosec.pub 2 points 1 year ago (1 children)

Signal is easier to get into and with the upcoming implementation of usernames and hiding phone numbers I think I will convert all my friends on there. Aside from that, you could create your own Signal server if you want and unlike Matrix, it doesn't leak any metadata.

[–] axolotl@lemmy.one 1 points 1 year ago (1 children)

you could create your own Signal server

I thought self hosting wasn't possible with Signal?

[–] pineapplelover@infosec.pub 1 points 1 year ago

I meant proxy server but I looked a bit more into it and there is a project that allows you yo have your own Signal network

Run proxy: https://signal.org/blog/run-a-proxy/

Run private network: https://github.com/CableIM

[–] AntennaRover@lemmy.one 1 points 1 year ago

Federation works great for a lot of use cases, but as a result of that it requires a lot of unencrypted metadata to pass through several servers in order to route a message properly. If your primary concerns are about walled gardens and fragmentation, Matrix is a great choice. If you’re mainly worried about privacy, signal’s lack of federation makes your communications more private.

[–] GadgeteerZA@beehaw.org 1 points 1 year ago (1 children)

Well I use Element for Matrix as well... but why not 10? You only really manage them once when set-up. After that, you just respond to whoever messages you, or you compose a message of whichever one. They no longer chew battery or data in the background. I have 11 installed and there is really no "extra" effort.

[–] MangoPenguin@lemmy.blahaj.zone 2 points 1 month ago (1 children)

Well part of the frustration is setting them all up again on a new phone or after wiping a current phone. Most privacy oriented apps have a rather rough/painful set up process, especially when trying to restore backups of your data since they often don't automatically back up and restore for you.

[–] GadgeteerZA@beehaw.org 1 points 1 month ago

Could be yes - although I seem to think with my transfer from one Samsung to another it brought the files and settings over. Can't remember for sure now as was over a year ago, but I did not recall any major issue.

[–] Gleddified@lemmy.ca 5 points 1 year ago* (last edited 1 year ago)

Still a bit peeved at them removing SMS functionality from the android app. Now I need 2 apps. If it means they plan to move away from the phone number requirement, then I'll look forward to that.

I'm also still a but sketched out by the while MobileCoin thing from a while back. Not sure I trust the direction they're taking, but i've tried all the alternatives and found them lacking in one way or another.

[–] PublicLewdness@lemmy.ml 2 points 1 year ago

I refuse to give a phone number over to use Signal. I use Session; Matrix; XMPP; and Jami all before I would touch Signal.

[–] MajorMajormajormajor@lemmy.ca 2 points 1 year ago

I used signal as my main messaging app up until they removed sms from it. Before that point it didn't matter if most of my friends didn't use it, I could still communicate with everyone I wanted to regardless of their app. I would even slowly see people join over time, it was really promising.

Then they went and removed sms and now I rarely use it. I keep it as a backup if I ever need to send something sensitive, but that's pretty rare these days.

[–] BriarTalker@lemmy.ml 1 points 1 month ago

I think the key is getting a core group of users in your friend/family community using it. I got all my family using Briar and now some of their friends are on it too, just because they knew people using it. IMO, Briar is the best message platform out there and I'd love to see more people using it.

[–] frasassi@kbin.social 1 points 1 year ago* (last edited 1 year ago)

Folks just commenting here letting you know that a Signal community is now open on kbin: https://kbin.social/m/Signal

[–] pineapplelover@infosec.pub 1 points 1 year ago

I disagree with this "So no, it is not THE most secure messenger, but it is certainly the most secure of those requiring a phone number or e-mail address for registration". I believe it is probably the most secure messenger. It is not anonymous like Session but it is the messenger that does not know anything about you. There are court cases requesting Signal to give information up and all they are able to give is the last time the person connected to the servers.

[–] Thy_Moose@lemmy.ml 1 points 1 year ago (2 children)

I like the idea of Signal, and would probably love to use it, but everybody I know (and everybody is still don’t know!) is using WhatsApp, and there’s no way they all are going to migrate.

[–] KLISHDFSDF@lemmy.ml 3 points 1 year ago

If you want to advocate in the easiest way possible, I'd advise you install it even if you don't use it. That way if others join it, they'll find people vs seeing nobody is on it and then uninstalling it immediately. I went this route and went from not really using it to now being almost 99% of my communications. Everyone at work has started using it as its easier between iOS/Android especially if you have people in your groups that refuse to install meta/facebook products.

[–] TWeaK@lemmy.ml 1 points 1 year ago

Be the change you want to see!

load more comments
view more: next ›