My summary of the most secure cross-platform instant messengers - there are 5 very good one's but it depends on your finer criteria - not one was 100%
This is not an exhaustive list but I took the most commonly mentioned one's and threw in WhatsApp and Telegram for benchmarking. The criteria I was looking at included what type of hosting (and whether P2P) where, how anonymous is registration, can you securely remote delete, what sort of metadata is stored on servers, are your contacts shared, is it open source, two-factor authentication, are screenshots prevented, and some basic functionality.
The apps I looked at were Signal, Session, Loki Messenger, Dust, Wire, Wickr Me, Tox (protocol), and Jami. Briar and BCM Messenger fell out because Briar is Android only, and BCM Messenger although probably scoring top notified me they are shutting down. Mesh also fell out because they are Windows only right now with other clients still planned. Some items like screenshot prevention I put an orange warning but did not give the product a red flag, although it is nice to have.
So the summary of the summary is:
* Signal - full marks except it wants your phone number to register and authenticate you.
* Session - full marks but no voice or video calling. For messaging, it satisfies what Signal lacked.
* Wickr Me - basically full marks and only limitation is its encrypted group chats are limited to 10 members. Has screenshot protection.
* Tox is a protocol which ticks all the boxes but much depends on what client you actually use. 2FA though is lacking on clients.
* Wire - needs phone number or e-mail to register and there are questions about its handling of metadata (compound that with its ownership being a US company). A unique feature is it has group chats that can include non-Wire users - nice for including friends who don't use Wire.
* Jami - a peer-to-peer client that ticks all the boxes including anonymous registration. Only thing lacking is no group chats and no screenshot protection.
* Loki Messenger - actually similar characteristics as Session above (uses same network).
* Dust - makes big claims but is closed source so cannot be verified, and a phone number is needed for authentication. It is actually a form of social network, but if true security/privacy is your concern you'd probably give this a miss.
Telegram and Whatsapp both require phone numbers to authenticate. Telegram does not end-to-end encrypt by default (you must enter Secret Chat). Both collect a fair bit of metadata, but Whatsapp is in the lead in terms of sucking up as much as it can and Whatsapp is closed source.
If Mesh goes live with mobile clients and Linux/MacOS it may be a top contender. It also lacks voice/video chats right now.
See the details at Comparison of Secure Instant Messengers
#technology #privacy #instantmessengers
source https://gadgeteer.co.za/my-summary-most-secure-cross-platform-instant-messengers-there-are-5-very-good-ones-it-depends-your
Comments