I've been inspecting this topic quite a lot and I'm a little confused now. So, we have reasons not to use Signal, reasons not to use Matrix, there were also some claims about Session being a fraught. Briar is mostly activists related (not very suitable for daily use), XMPP lacks good clients and suffers from fragmentation of protocol standards implementation, SimpleX is too feature-incomplete (no UnifiedPush support, big battery drain on Android, very decent desktop client without any message sync). I can't say a lot about Threema or Wire, as I'm not very familiar with them.

So, my question is — is there any good private messenger at all? What do you think is the most acceptable option?

EDIT: In addition to my post:

All messengers have their flaws, I'm well aware of that. I was interested in hearing users' opinions regarding these shortcomings, not in finding the perfect messenger. I may have worded my thoughts incorrectly, sorry for that.

  • OneMeaningManyNames@lemmy.ml
    ·
    4 hours ago

    People say this over and over "depends on your threat model" and yet people seem to have a hard time understanding that. Your threat model is "who is your adversary and what he is willing/able to do". Your security goal is what do you want to keep from your adversary.

    As others said, if you are an activist or sth important, perhaps you might want to build a working knowledge of cryptography yourself. If you just want META not being able to see your NSFW chat with your romantic partner Signal might be more than enough. In fact, people way more relevant than me also suggest that Signal is good even for bounty hunter vulnerability reporting.

    Having said that, what bugs me most is that people think the instant messaging format as suitable for everything: activism, jobs, crimes, broadcasting 1970's prog rock for extraterestrials , whatever lmao. Do you really want to use your phone for all that? Like, just carrying the phone around in the first place nullifies your other precautions, for all advanced threat models beyond privacy of non-critical social messaging.

    Persistent/resourceful adversaries can eventually get to you, using a set of penetration and intelligence techniques, which means, if you are involved, the convenience of messaging your partners in crime from the phone in your pocket while waiting for a bus is a convenience you probably can't afford.

  • mox@lemmy.sdf.org
    ·
    edit-2
    4 hours ago

    There are a few that do a good job of protecting our messages with end-to-end encryption, but no single one fits all use cases beyond that, so we have to prioritize our needs.

    Signal is pretty decent at meta-data protection (at the application level), but has a single point of failure/monitoring, requires linking a phone number to your account, can't be self-hosted in any useful way, and is (practically speaking) bound to services run by privacy invaders like Google.

    Matrix is decentralized, self-hostable, anonymous, and has good multi-device support, but hasn't yet moved certain meta-data into the encrypted channel.

    SimpleX makes it relatively easy to avoid revealing a single user ID to multiple contacts (queue IDs are user IDs despite the misleading marketing) and plans to implement multi-hop routing to protect meta-data better than Signal can (is this implemented yet?), but lacks multi-device support, lacks group calls, drops messages if they're not retrieved within 3 weeks, and has an unclear future because it depends on venture capital to operate and to continue development.

    I use Matrix because it has the features that I and my contacts expect, and can route around system failures, attacks, and government interference. This means it will still operate even if political and financial landscapes change, so I can count on at least some of my social network remaining intact for a long time to come, rather than having to ask everyone to adopt a new messenger again at some point. For my use case, these things are more important than hiding who is talking to whom, so it's a tradeoff that makes sense for me. (Also, Matrix has acknowledged the meta-data problem and indicated that they want to fix it eventually.)

    Some people have different use cases, though. Notably, whistleblowers and journalists whose safety depends on hiding who they're talking to should prioritize meta-data protection over things like multi-device support and long-term network resilience.

  • delirious_owl@discuss.online
    ·
    edit-2
    6 hours ago

    Wire is the best for security (it literally won't let you send messages unencrypted), cost (its free), privacy (no phone number required), and usability for the masses (Foss client on all the platforms, messages sync between each client like you'd expect)

    I haven't found anything that checks all those boxes other than Wire (though I do wish we had other options that came close)

    https://Wire.com

  • dingdongitsabear@lemmy.ml
    ·
    9 hours ago

    good messenger for what?

    if you want a solution for you and a bunch of your henchmen to coordinate and discuss totally-not-crimes with ephemeral comms, practically any E2EE solution will work; once the not-crimen is done, burn your accounts and toss the devices for good measure and you're scot free.

    if you want a secure messenger that's part of a widely used communication platform where you can also do normal people shit and also convert normal people to actually use it (think getting contact deets from cute boy/girl at a bar or giving yours to a business correspondent without an elaborate powerpoint presentation on how to use it) and you want to enjoy the fruits of 20+ years of continuous IM development, like having top-notch UX, battery efficiency, network resiliency, quality voice/video calls, etc., without being spied on then such a thing doesn't exist.

    how come? meredith baxter recently stated that it costs signal $50MM/yr to run their infra. that money has to come from somewhere. if there are no advertising dolts dumping cash on spying on your social graph and convos, the remaining avenues for financing are few and far between.

    in closing, there aren't any super awesome messengers you weren't aware of, everything is shit.

  • Dessalines@lemmy.ml
    ·
    15 hours ago

    Almost all those can be self-hosted, and built from source, so matrix, xmpp, simplex, are fine. Don't use anything that's uses a centralized server in a five eyes country, like signal or threema.

    • MonkderVierte@lemmy.ml
      ·
      7 hours ago

      How is Threema in a five eyes country?

      I mean, sure, only the clients are open source. Don't use it for that.

  • rcbrk@lemmy.ml
    ·
    edit-2
    15 hours ago

    XMPP lacks good clients and suffers from fragmentation of protocol standards implementation

    • For Android: Conversations is excellent, also on F-Droid if you don't want to use the Google store.
    • For iOS/MacOS: Siskin or iOS/MacOS: Monal.
    • For Linux/Windows: Gajim or Linux: Dino.

    "Protocol fragmentation" is not a valid complaint about XMPP -- it's like complaining that ActivityPub is fragmented; but that's not a problem: you use the services (Mastodon, Lemmy, Kbin, etc) built with it which suit your needs, mostly interacting with that sector of the federation (eg, Lemmy+Kbin), but get a little interoperability with other sectors as a bonus (eg, Lemmy+Mastodon).

  • 84skynet@discuss.online
    ·
    15 hours ago

    It really just depends on your threat model.

    Think it in this way: What is the most secure way to walk in the city? You'll need a team of armed bodyguards and wear a full bulletproof vest. Do you REALLY need this level of security? Who are you protecting from? If the answer is a criminal organization or law enforcement, then yes, probably. But if the answer is a random thief, then you'll probably need to just carry a gun, pepper spray, knife etc.

    Same goes for privacy online and messenger in this case. Are you an activist or a drug dealer? Then you'll probably need Tails + something like SimpleX via TOR. Otherwise, if you are just concerned of typical surveillance capitalism (and don't want the government to scan your chats like it probably will in the EU after Chat Control), in my opinion, Signal is the best compromise of privacy, security and convenience.

  • schnurrito@discuss.tchncs.de
    ·
    18 hours ago

    So, we have reasons not to use Signal, reasons not to use Matrix

    yes, nearly all possible things in the world have been argued by someone somewhere already

    • JustMarkov@lemmy.ml
      hexagon
      ·
      edit-2
      18 hours ago

      These reasons are serious and valid. That's why I provided links, so as not to be unsubstantiated.

    • Boomkop3@reddthat.com
      ·
      18 hours ago

      From what I've seen there's a lot of very bad security advice out there with even tech journalists and such just straight up repeating stuff they don't understand