My current top picks:
- This list is focused on instant messaging and chatting as the primary usage of the app
- Clients on multiple platforms preferred
- Does not expose your phone number or email address to other users
- Does not leak data (pictures or other data saved unencrypted in browseable folders)
- Has ephemeral messages (encryption keys destroyed after a set time)
- Has contact verification
- Testing done on both Android and iOS when possible. See my testing setup
OK let's get this one out of the way first. If you have a phone, there's almost no way to get away from SMS. So the best thing you can do is protect your SMS messages at rest with encryption. Signal also offers excellent end to end encryption between Signal users. One draw back of Signal is that everyone you connect with will know your phone number, but for people you are comfortable knowing your phone number that is fine.
- Runner up:
If you don't want to use Signal as a messaging app then I recommend getting Silence just for SMS messages. It will locally encrypt the SMS database on your phone. You can also send encrypted SMS messages to other Silence users. Since Silence only uses SMS it is not dependent on any servers like Signal is.
Messaging apps listed here do not expose your phone number or email address. Notes within [brackets] are potential negative attributes:
- Top Tier Recommendations:
- Wire - [Beware of possible high battery usage on older Android versions or Android forks without Play Services]
- WickrMe - All messages expire [Based in USA]
- SafeSwiss - P2P, based in Switzerland
- Second Tier (misses some criteria):
- Threema - Based in Switzerland [No PFS or ephemeral messages]
- TwinMe - P2P, based in Germany [No ephemeral messages or contact verification]
- Third Tier (keep an eye on these):
- Briar Project - P2P, can use Tor [Android only, text only, no ephemeral messages]
- Keybase - [Based in USA, only "exploding" messages are PFS, no contact verification]
- Blackberry Messenger Enterprise - [Based in Canada, no ephemeral messages, PFS or contact verification]
- Tungsten - New app still in beta but this shows lots of promise. Uses the TOR network for anonymous profiles, synchronizes across multiple devices, multiple personas, based in Germany. [No ephemeral messages or contact verification]
- BabelNet - Very nice syncing between multiple devices, based outside of the 14 eyes [User interface needs clarified wording, trouble connecting with LineageOS]
- Conversations (XMPP) or Pix-Art (XMPP) - Based in Germany [Android Only, no ephemeral messages]
- Use with caution:
- Riot - [E2EE still in beta, Based in the UK, no ephemeral messages]
Principles for a More Informed Exceptional Access Debate
In a world of encrypted services, a potential solution could be to go back a few decades. It’s relatively easy for a service provider to silently add a law enforcement participant to a group chat or call. The service provider usually controls the identity system and so really decides who’s who and which devices are involved - they’re usually involved in introducing the parties to a chat or call. You end up with everything still being end-to-end encrypted, but there’s an extra ‘end’ on this particular communication. This sort of solution seems to be no more intrusive than the virtual crocodile clips that our democratically elected representatives and judiciary authorise today in traditional voice intercept solutions and certainly doesn’t give any government power they shouldn’t have.
We’re not talking about weakening encryption or defeating the end-to-end nature of the service. In a solution like this, we’re normally talking about suppressing a notification on a target’s device, and only on the device of the target and possibly those they communicate with. That’s a very different proposition to discuss and you don’t even have to touch the encryption.
-Ian Levy is the technical director of the National Cyber Security Centre, a part of GCHQ.
-Crispin Robinson is the technical director for cryptanalysis at GCHQ.
Australia passes new law to thwart strong encryption
The new law, which has been pushed for since at least 2017, requires that companies provide a way to get at encrypted communications and data via a warrant process. It also imposes fines of up to A$10 million for companies that do not comply and A$50,000 for individuals who do not comply. In short, the law thwarts (or at least tries to thwart) strong encryption.
Companies who receive one of these warrants have the option of either complying with the government or waiting for a court order. However, by default, the orders are secret, so companies would not be able to tell the public that they had received one.
How about some rankings?
The following scoring table includes messaging apps that can be used across multiple platforms that synchronize conversations to all devices:
|Application||Additional sharing features- files, photos, etc||Group chats||Unified UI across platforms||Messages sync to all devices||Open source||Perfect forward secrecy||Ephemeral Messages||Contact Verification||Based outside the 5 eyes: +.5
Based outside the 14 eyes: +.5
|BabelNet||1||1||1||1||0||1||1||1||1 (Czech Republic)||8|
|Riot (Use with Caution)||1||1||1||1||1||1||0||1||0 (UK)||7|
|Keybase||1||1||1||1||1||.5 (exploding messages)||1||0||0 (USA)||6.5|
|Blackberry Messenger Enterprise||1||1||1||1||0||0||1||0||0 (Canada)||5.0|
The following scoring table includes messaging apps used on a single device:
|Application||Additional sharing features- files, photos, etc||Group chats||Open source||Perfect forward secrecy||Ephemeral Messages||Contact Verification||Clients on multiple platforms||Based outside the 5 eyes: +.5
Based outside the 14 eyes: +.5
|BabelNet||1||1||0||1||1||1||1||1 (Czech Republic)||7|
|Threema||1||1||.5||.5 (only on the network layer)||0||1||1||1 (Switzerland)||6|
|Riot (Use with Caution)||1||1||1||1||0||1||1||0 (UK)||6|
|Keybase||1||1||1||.5 (exploding messages)||1||0||1||0 (USA)||5.5|
|Conversations (XMPP)||1||1||1||.5 (OMEMO only)||0||1||0||.5 (Germany)||5|
|Blackberry Messenger Enterprise||1||1||0||0||1||0||1||0 (Canada)||4.0|