What messenger app to recommend to those not interested in privacy?
What messenger app to recommend to those not interested in privacy?
So I'm in a somewhat unfortunate situation. My circle of friends doesn't want to switch to another messenger and we are currently stuck on the worst possible platform for security: Telegram.
The problem is that it is very hard to convince anyone to switch, if they are all perfectly fine and like Telegram. I mean I can get why they like it: The UX and UI of Telegram are amazing and there are well functioning clients available for any platform. It has more features and gimmicks than any other messenger I know BUT it lacks one mayor thing: E2EE. And that's mostly what I care about. The second problem is that I was the person who recommended the switch to Telegram right after WhatsApp was bought by Facebook. I know, that was a bad recommendation, but back then I didn't know shit about privacy or why E2EE mattered. I was just like "Hey, it's not by Facebook, so it must be better". And now everyone I know is there and won't leave.
If - in the hypothetical situation of me setting an ultimatum and deleting my Telegram after that - I wanted to make them switch somewhere else: What messenger would that be? Currently I'm mostly thinking Signal. I know it's not perfect either, it is centralized, and the servers are in the US, but it has a bigger user base already than most of its competitors like Threema or Matrix/Element and it is very easy to set up and use. I'm already a user of Signal, Threema, Matrix, WhatsApp and Telegram (every platform for some contacts, but most of them on Telegram sadly), so having yet another option is not a problem for me, as well as getting rid of one is also no problem. I'd love to delete both Telegram and WhatsApp in this move.
So, in conclusion, what I need is a messenger that has all or most of the following:
- best possible security (E2EE is minimum)
- easy to use (no complicated setup, simple UI)
- already has some users (not too niche)
- cross-platform and multi-device (should run on Android, iOS and Windows/Web)
- some flashy dumb features like stickers and so on to keep them entertained
My choice would be Signal. But I am unsure if that is the best choice or if I should just wait a bit and see what all of the new EU laws about messengers and gatekeepers bring to the game and if anything chances with that.
Gotta go with the crowd here. Signal is what you are looking for.
54@shortwavesurfer @MarcRnt Sadly, Signal is just another walled garden. We need to make XMPP apps more popular.
12
The only answer for what you are looking is Signal (user base). The next thing would be Whatsapp, so .... Signal... Just signal.
27First Telegram isn't the "worst possible option for privacy" and second, as you pointed out, Telegram is largely superior to others when it comes to usability and cross planform support.
26Yeah but... Thet are not E2E encrypted by default. That shows how little they care about privacy.
The worst thing about Telegram is the false sensation of security and privacy it gives to unaware people (most of them).
15I never understood these arguments for Telegram. Sure, it does have more features. It's not better in terms of usability and cross platform support though. I use Signal desktop everyday. It's a great experience. Cross platform.. The only platform Signal doesn't support is Web. Which... if there are mobile apps and desktop apps. Web is an insecure redundant need IMO. For the argument that web is good for scenarios where you can't install desktop apps: I would flip the question to.. why would you give a platform you have 0 control, permission to access your secure & private messaging? It just comes down to threat modelling. Telegram is neither secure, nor private. It shouldn't even be in the same conversation unless talking about FB Messenger, messaging on Instagram or DMing on Twitter/X.
-4
I want the answer to be Matrix. I think decentralization and federation are important to the future of internet services to avoid single points of failure, and Matrix seems to take E2EE seriously. So far, I've found Matrix to be slow and unreliable, with some of my private conversations having as many messages "unable to decrypt" as successfully delivered.
So the answer isn't Matrix yet, though I hope it will be in the future. The answer, as most comments have already said is Signal.
23For me, answer was XMPP. It does the same thing as Matrix, but is far easier to set up and is far less bloated.
5
The only answer for what you are looking is Signal. So .... Signal... Just signal.
or Molly, of course :)
18Easiest seems to me just enabling E2EE in telegram since it’s there. Asking to use secret chats seems easier than asking to switch plattforms
13Except that the feature is only available on mobile
4
FB Messenger and Instagram Messenger would be the worst for privacy... But Telegram is basically just FB Messenger with nicer UX features.
There's a couple of platforms that have better privacy and security (debatable) features than Signal, but Signal is more widely adopted amongst the E2EE Messengers.
11Signal?
10SimpleX Chat > Matrix > others
Btw it's very difficult to change something in the routine, many people have your same issue; where I live WhatsApp is a fucking authority...
9Actually, I don't know why I had forgotten this already.
Link: DEF CON 31 - The Internals of Veilid, a New Decentralized Application Framework - DilDog, Medus4
Veilid. I watched this DEF CON presentation on it. I remember asking myself "How would this differ from Matrix and why do we need a competing standard?"
But actually, after watching, I do realize that in certain ways it seems more elegant and decentralized than even Matrix. It's really more focused for general application development, but that means chat can be developed on the framework.
So maybe put this on your radar as well while it's being developed. It certainly has jumped to my attention after watching this video.
8Really interesting! Sadly in the past a lot of such frameworks went the way of the titanic :/
2
Matrix or Signal
8Signal is good but you can look into simplex chat or session
8Not ready for primetime. Like, absolutely not.
2
I think the only choice is Signal for practical purposes. There is no creating accounts, no scanning ID's, no invite link to chat. If they already know your number, there's nothing they need for you to contct you on Signal.
For people who I have their number, I will never ever acknowledge any other option than Signal because confused people don't end up making any choice. Only if they talk about servers and networks, then I will teach them network security. I say SimpleX F-Droid is king of them all, but for random people, I only mention Signal/Molly.
For the record, I will say that I am more willing to currently use Whatsapp than ever use Telegram. I can't speak to the cool features with Telegram because I hate it too much to register my number with them.
8I don't understand how you trust facebook more than telegram. It's the exact opposite for me
3Watch this whole video https://yewtu.be/watch?v=rtRQKQkvUfE
1
DMA will only affect Whatsapp and Facebook Messenger from messengers, Apple's iMessage manage to be excuded as they don't have 45 million active users (10% of EU population).
Edit: I said Google Messenger when I meant Facebook.
Signal fits all of your criteria.
- Has E2EE by default
- Has most generic UI possbile that just works
- Has a bunch of users
- Has clients for Android, iOS, Windows, macOS, Linux
- Has flashy features like stickers and stories
- Run by a non profit foundation instead of a single developer or for profit corporation
6[This comment has been deleted by an automated system]
1
Permanently Deleted
6Telegram has started it's Enshittification phase now. They put stuff in the user interface to try and push you to pay for it.
2And they have some weird crypto scams running in the background as well.
1
I don't think WhatsApp is a good option. Their clients are not Open Source, so it's unknown if they really implement all the privacy features of the Signal client. Also, Facebook and WhatsApp are known to collect every single bit of Metadata they can get, it's really bad. I wouldn't touch it again, under any circumstances. I'm glad that nobody I know uses it, at least inside my circle of friends. Some still use it for outside connections or family members.
1Telegram clients also technically have source available, even if late.
1I know, but their server doesn't. And since everyone uses it without the secret chats feature, they could read every message we exchange.
1
Permanently Deleted
4as much as I want everyone to use something like Briar or Cwtch, Signal is the only viable alternative for normal people. Session maybe, but last time I tried it, it was buggy and it has a small userbase.
4Matrix is slowly growing to feature parity with Discord and looks and functions a lot like Discord, which may make the switch over to it easier for some people.
I understand why Signal dropped SMS support, but that's literally the only reason I had it, and without the SMS support, I don't actually have more than one other person that uses it so it became pointless to keep using.
4If they have Android, Conversations is great, not more complicated to use than your normal instant messenger, except for the account creation which works just like email (user@server) so not that difficult either.
3I just simply sent a message to everyone I kept in touch on Telegram to switch to Matrix/Element and guided them through the registration to a local homeserver thanks to one of my friends' blog posts.
The easiest way to convince your friends to switch is to just make the switch and help them sign up and use the service.3Telegram is absolutely not the worst one. Those are whatsapp, facebook messenger, and viber. Telegram is not good, but I think it's an acceptable compromise
2Do you have any info on Viber being a bad service privacy-wise? It's a lesser-known messenger that prides itself on its privacy policy but I can't find any info on it being the case or not.
1Check this analysis from 3 days ago.
7 different tracking components, from 4 different companies, including facebook.I don't think it should pride itself on anything related to privacy.
It also has quite a few hard to explain permissions.
1
[This comment has been deleted by an automated system]
1fb messenger has a hidden e2ee feature that probably nobody uses, like with telegram, that's at most feature parity, not a pro compared to telegram. But then since fb apps are closed source and heavily obfuscated, you can't check for messenger nor whatsapp whether it actually does what it says.
That was about trust in the available encryption and how the app handles your messages. So far I fail to see how fb messenger is better than telegram.
But that's not the only relevant aspect in privacy. It's also important what else the app is doing, and whether there are alternative clients if you don't trust the official one. This is the reason why I won't ever accept facebook solutions being described as private options. I'd be surprised if any of facebook's apps wouldn't be doing everything in their power to collect every kind of information the OS provides to it, while the telegram client is not exactly fixated on harvesting everything.
Telegram has much less tracking components in the app, but if even that amount bothers you, telegram foss from f-droid is absolutely clean. You'll never get anywhere near with facebook services.And then also don't forget that whatsapp somehow regularly has vulnerabilities that allow arbitrary code execution on your phone by an attacker. I don't remember the last time there was such a problem with telegram, but probably is was many years ago, if it all.
3
I use matrix and setup matrix bridges to avoid this. If you are fine with a single user setup beeper should be easier. this way you use matrix yourself and your friends use whatever they want. (you can qemu an x86 android image, and pass a webcam, for whatsapp to work on the bridge)
2Either Signal or WhatsApp. There is no other easy to adopt, and good UX option. Although personally I find Signal very dubious because they refuse to implement usernames since many years now, but found all the time to implement that MobileCoin crypto.
1Hot take here; so PLEASE do not reply unless you're the OP.
Maybe you don't have to switch. At least not immediately. Ultimately someone will make a stink out of switching. Again!
MProto isn't the best cryptography around; but it does provide some implementation of some low level privacy. I wouldn't trust a credit card number to it; but it's not worthless. It is however heavily disliked by people who understand cryptography and value privacy. But Your friends don't care! That fact is irrelevant to them emotionally.
And this is where the problem starts...Your friends have gotten accustomed and attached too much to Telegram and it's many eye-candy features and smooth polish.
This is where you need to "Sour The Milk" and wean them off Telegram.
Perform your usual setup of a new group. Use Signal or Matrix (usually this will be though Element). Then Force anyone who decides to be stubborn on Telegram to use the "Secure Chat" feature on Telegram. At least then the stubborn holdouts won't be causing you excessive privacy issues.
Then lastly just transition to your new platform and pay exclusive attention to the new one and let people trickle in.
0That's a valuable Idea. If I force them to use the secret chats option, then they maybe notice that Telegram is worthless without all the flashy stuff and is not private at all. And it's at least a step forward into the right direction.
2