With cell carrier hack, the time has come to encourage my family/friends to adopt an encrypted messenger. Which to use?

The title.

More detail:

Family & friends are mixed Android/iOS. I’ve mostly avoided trying to push for an encrypted messenger so I could keep it simple and eventually settle on only one for the long-term.

The time has come for me to invite the fam/friends into one encrypted messenger. I already have 2-3 people on Simplex and another 2-3 on Signal. If you had to go with only one for the next few years which would you use?

Session is cool but I’m dubious that the Oxen/Lokinet strategy will work longterm. OxChat on nostr requires onboarding into nostr and a VPN. Simplex aligns with my values the most (decentralized, elements of P2P, other cool features) but they took icky VC money and I’m still not sure what to think about that. Signal is also VC’d but the protocol appears bullet-proof.

I’d like:

  • group voice and video calls
  • group texts
  • non-technical people can participate easily

I’m thinking that the lack of group calls on SimpleX sorts it for me and I should encourage Signal adoption.

Anyone else debating this right now? What is your long-term choice?

Thanks

1 Like

Signal is the obvious answer in my opinion. It’s especially the way to go if UI/UX are a big concern but it also has a reputation as one of the most private and secure options available.

12 Likes

Signal is the easiest to use by far. I’d argue its the best for normie usage.

For the more technical crowd, Session may be better than SimpleX.

2 Likes

How come? Session has no Perfect Forward Secrecy.

2 Likes

I really don’t trust Lokinet personally.

Signal is the obvious choice for features alone, SimpleX is too new and not user friendly enough.

I still think that XMPP is the better solution overall but certainly not for “family and friends”. There’s a lot of fragmentation and many clients are missing a lot of features etc. But it is well established and reliable, and there are many clients to choose from.

Signal did not take VC money (they did receive a small loan of a (50) million dollars from Brian Acton). Also they are a non profit foundation. SimpleX on the other hand is a LLC.

2 Likes

As others have said, Signal is the obvious choice for this.

9 Likes

SimpleX.

Signal is completely centralized, relies on donations and loans (mainly loans), and despite that, it wastes tons of money on things like verifying phone numbers, which nobody asked for and nobody wants. SimpleX is also more innovative when it comes to new privacy features, etc.

One last thing is that SimpleX’s CEO isn’t openly lying in his tweets like Meredith did with the MacOS situation. She is either that incompetent or she was lying, both are bad either way.

3 Likes

My family and I also use Signal, and I have reservations concerning the long-term operation.

How can they get 50 million dollars to be operational by next year 2025.

I can’t find anything on their website about finances.

Used to use signal for awhile. Switched over to a self hosted Matrix server, as Signal would constantly just not deliver messages for minutes, sometimes hours at the most annoying time

In practice, Matrix clients don’t have perfect forward secrecy, even though the protocol technically supports it. That’s a serious shortcoming, especially for OPs’ use case. Read more here.


As for your Signal issues, I can’t say that has ever been my experience. Signal has its flaws, but those primarily lie in the culture of the organization rather than the service.

6 Likes

As others said, for friends and family very obviously, Signal.
SimpleX I would say only if you have someone paranoid of phone number but this RARELY ever happens irl wise, only mostly online so you should be good.
If you can and worried about long term viability of signal, only if you can, give a monthly donation to signal together. This should help the foundation raise enough money with more money and in return get a badge. The more people do it the better, only if you can of course. Personally I did this with GrayJay and Signal because I want to make sure that even if others won’t (in my family and friends) at least I will. It’s your choice on this. I also gave a coffee or 2 to libreoffice as I want to believe donations can keep the software going for them that I really want to use and recommend without needing to resort to Microsoft office or something…

2 Likes

Signal. It’s stupidly easy to use.

But maybe not so easy to get others to use it. Good luck.

6 Likes

as they said, with the cell carrier hack. I say it is am opportunity to recommend signal while they can!

2 Likes

Thanks for the replies.

If you are using Signal desktop on Linux, and you don’t use a Debian-based distro, did you choose to install the .deb via something like Distrobox (not sure if that would work well), or the unofficial flatpak?

It depends on your distro.
Fedora? May be the only way with flatpak, or a debian/Ubuntu distrobox or maybe adding a repo that manually has it. The most recommended method will have to be distrobox since flatpak is unofficial and anyway you’re trusting both flatpak and repo’s distributions of signal.

otherwise, Arch? You can install with pacman Source

While I’m not advocating for SimpleX, I wouldn’t downplay the issue regarding the design idea of requesting phone numbers.

Signal has made significant improvements by giving the option to not display our numbers to anyone who contacts us through the app. This has been proven to reduce many real-world threats, especially in places where businesses use real-time messaging to communicate with us. A malicious individual working in a hotel, taxi service, bank, etc., could gather your phone number from the messaging app and use it for various forms of harassment. This is not a case of a rare target threat.

I feel that would be even better if didn’t require any phone number at all. Nevertheless, Signal is the current more well featured/versed balanced option for a mainstream privacy adoption.

2 Likes

Me (from F-droid) and my enlarged family (GPlay, App store) have used Threema for years. One-off payment, no need for a phone number, audited. Easy to use.

IMHO Signal is the perfect balance for non-technical users. The only exception is the notable lack of e2ee backups on iOS (and yes I know it’s coming soon ).

I do appreciate the fact they put security before convenience, when implementing features.

I believe they were one of the first to implement quantum resistant algorithms. See: Signal >> Blog >> Quantum Resistance and the Signal Protocol

3 Likes

best i can do is Signal

1 Like