A loosely moderated place to ask open-ended questions
Search asklemmy π
If your post meets the following criteria, it's welcome here!
Looking for support?
Looking for a community?
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
Of the three, Signal is the most secure. Now in about 2.5 seconds, someone is going to start screaming about the phone number requirement. This is used so that you can go from desktop to mobile with the same profile. You can set Signal to hide your phone number from everyone else but you. It's a non-issue.
There is a reason why Elon Musk doesn't let people post about Signal on his Nazi social network. Because it works.
It's an issue.
You can't create an account on desktop. You can't create multiple accounts. You can't create an account at all if you don't have a phone number. You can't create an account if your phone number's previous owner created an account. Signal can be subpoenaed for your phone number.
Is it possible to use a number different to the one on the device you use? Seems like a simple workaround to use a throwaway SIM to set up, and then use it with that number moving forwards.
That sounds like an awful lot of work to workaround a problem that shouldn't have existed in the first place.
You say this like username logins donβt exist
No, we know that, but people will still come scream here that you need a phone to register anyway. It's all the time the same people. Not realizing that is the easiest onboard that all the normies are used to and an easy way to control spam accounts.
I mean if you acknowledge that user names can be used like any other website then your point doesnβt work. They donβt need my phone number. Most applications donβt need it but they do? Come on.
I prefer signal because it's been the easiest one to convince my friends and family to use. I have like 8 friends on Signal, the 1 I got onto Matrix quit after a week. Matrix I treat more like foss Discord so I only use it for communities. ElementX is really nice though so I have hope that eventually it could be as smooth to use as Signal.
Signal is much more polished and less fragile than Matrix, but is pretty barebones especially in terms of features for large communities. Matrix additionally has a browser client and many non-Electron desktop clients. It's really close and depends on the use case imo. For personal messages I think I prefer Signal, for communities Matrix.
I haven't used Threema.
Self-hosted Matrix.
It still needs polish, but it's on a good path. Meanwhile others are centralized by a single authority with an easy target painted on them for government coercion along with multiple other attack surfaces, and even information easily traced to PII. Also, not everything is encrypted. A lot of metadata is left out of E2EE. And those servers/providers have that data.
By contrast, a drop in the ocean is far more likely to not be targetted from the outset, making pretty much any matrix server (potentially with the exception of the matrix.org one, but it's ok to treat it as a demo anyway) a really good choice in that sense.
Signal
I liked the Matrix because of all the kung fu karate fights, though I got to say the second one was the best, even though the third one had a Dragon Ball Z fight at the end
Post-quantum isn't really a big problem because it will be a very long time before there are viable quantum computers (maybe never). You should focus on the very real risks of security breaks from normal negligence and design errors.
Threema seems pretty unpopular, so the risk is highest. Signal and Matrix are both popular and have a lot of scrutiny on their cryptography.
All 3 have open source clients, but Signal contains some binary blobs. Only Matrix has an open source server, though end-to-end encryption enforced by the client alleviates most of the concern of proprietary servers. All 3 support end-to-end encryption.
Matrix because I can host it myself. I like self hosting. But I agree that it is the least polished of all.
Self hosted matrix with bridges to WhatsApp and telegram. What else....