security
This is an old revision of the document!
Table of Contents
There's a few chat applications which can be used to communicate:
Secure
- SimpleX - Bit more secure then Signal, as it has built in privacy features at the protocol level (such as message padding). By default users /chats don't have constant identifiers either. Allows for anonymous profiles and supports multiple profiles.
- Signal - Good replacement for normal “text messaging”. Share your username instead of phone number.
- Delta Chat - Supports multiple profiles.
Less Secure
- Keybase - Supports multiple profiles, allows managing teams. Roughly an alternative to discord/slack. Currently owned by Zoom. Keybase has access to metadata to understand who is talking to who. https://book.keybase.io/docs/chat/crypto#metadata
Misc
- Matrix - Fluffychat client is recommended, as it supports multiple profiles.
- Setup a home server and disable federation to prevent metadata being copied around to other servers, if wanted.
- Homeserver owners can join encrypted chats and impersonate users by adding their own device key to the target users account. This is a bug that is being mitigated in 2026 by requiring clients to confirm device keys of other users. https://element.io/blog/verifying-your-devices-is-becoming-mandatory-2/.
- A stolen domain for homeserver can gain rights as any user that has joined the room from the homeserver, This is due to Matrix stores permissions as user@homeserverDomain.com for rooms.
security.1774505378.txt.gz · Last modified: 2026/03/26 06:09 by admin