I also use Molly, which is an outstanding fork of Signal. But I wanted to take a moment to plug Threema, which I also use to good effect. It has the added benefit of anonymous signup without the need for a phone number, which the Signal service requires.
What is the best messenger today?
Another vote for Molly (signal fork). I use the unified push version which works very well.
praise to graphene for contact scopes, otherwise whatsapp would be unuseable (from both privacy and ui perspective).
remember to turn off your WA backups! last I read they are unencrypted to facebook servers. so much for e2ee
Blastoidea I stopped using Signal as a daily messenger. Since you can't remember why you stopped using it the first time, I'll give you my reasons for why I stopped using it.
This is a bit of a rant but it's something that has irked me a lot that is almost never talked about in the privacy space.
My threat model for a daily messenger, which is probably shared by most newish Signal users, is not really trusting big tech and being unsure if I can trust closed-source encryption promises - otherwise I would be fine with WhatsApp. The DeleteWhatsApp campaign promised a familiar experience with Signal, but from a nonprofit you could trust. It sounds perfect and this is how they convinced millions of people to download the app. But it was a lie.
For a daily messenger that's used to casually message friends and family, my goal is one thing: keep eavesdroppers out of our private conversations just like how we feel more comfortable talking about things in the privacy of our own home than in public. Signal developers have made it clear that they do not share this vision.
Signal's version of privacy means trust no one, not even the person you're speaking or even yourself. In the analogy above, their version of privacy means doing a mind wipe on everyone as they leave your home to eliminate the chance that they share contents of that conversation with others afterwards - and then throwing away that gift basket they gave you so that no one could guess they were there.
For high threat model conversations, I completely agree with Signal. Signal's more extreme privacy is absolutely necessary for some and I'm assuming some of this niche group may also be GrapheneOS ueers. But that's not the vision that was promised to the millions of people that naively installed it. And this is reflected by usability bugs that are defended as privacy features.
The two main problems I faced were media metadata and backups.
In my experience, normal nontechie people often default to using message apps to share photos (even if more efficient methods exist). No, they won't zip it. No they won't use another app. If you want the photos, this is how you're getting them. Period. "I already sent them, stop bothering me!" Signal though heavily compresses photos and strips their metadata, which is a nightmare situation for someone like me who is in charge of the family photo archive. Meanwhile, Signal purposely designed their user interface to appear similar to WhatsApp's, but the functionality works differently without informing the user. For example, if you send a photo as a document/file in WhatsApp, it sends the full untampered photo with full quality and all original metadata. Meanwhile, this same button in Signal still compresses it and still removes metadata. I had no luck trying to explain this to apathetic friends and family. Signal doesn't offer any way to turn this off and the lack of opt-out is considered a privacy feature. Signal also doesn't warn the user that they will tamper with sent media. I only discovered this months after using it.
The second issue is message backups. In a time when cross-platform compatibility and data portability is showcased, even in many "evil" Big Tech products, Signal has gone the other way. If Signal devs had their wishes, I'm sure they wouldn't allow backups at all and would make every conversation a disappearing message. They still don't have a way to backup messsges to a file on iOS, only to transfer to a new iPhone assuming you still have the old iPhone with you. Despite this being a such a crucial feature that has been requested for many years, nothing has been done. And their excuses make little sense. Other users have pitched iOS backup designs and even issued pull requests, but Signal straight up ignored them or even blocked these people. In short, if you lose your iPhone or move to Android, you will lose all of your Signal messages. I can't in good faith convince people I know to use Signal as their daily messenger knowing this, especially since most people I know use an iPhone.
On Android, they reluctantly created a backup solution, but this was a feature that only exists due to Signal's previous history of supporting SMS. They got rid of their old plaintext backups that could be opened outside of Signal and instead created their newer encrypted backups. Except...there is no official way to convert this new backup to something that can be viewed outside of Signal. You also can't merge backups and message histories. There are some third-party attempts to fix this on github, but it's a cat and mouse game since Signal updates will routinely break these attempts and at this point, I wouldn't be surprised if Signal devs were doing this intentionally. The third-party tools also aren't perfect, such as having a hard time with group messsages and creating duplicates. These solutions also usually require familiarity with techie things like command lines, Linux, etc, which is far from what most people are capable of using and far from the simple familiar messaging app that was promised. And just like iOS to Android, you can't transfer messages from the Android app to the iOS app.
As someone who has lost loved ones, insisting that people use Signal for low-threat conversations between friends and family is beyond cruel. Your message history is yours and you should be able to hold onto those memories for as long as you want. It shouldn't be up to an emotionless programmer to tell you that you don't need them.
As I mentioned in the beginning, I refuse to use Signal as a daily messenger and I've moved back to WhatsApp (and Google Messages for when they don't have WhatsApp). I still have some trust issues about using Meta (Facebook) and Google apps on my phone, but GrapheneOS at least helps to alleviate some of those concerns. I fully acknowledge WhatsApp isn't perfect as far as privacy is concerned, but assuming Meta isn't lying and there are no secret backdoors, it's still good enough for casual low threat-model use, which for me, make up 99-100℅ of my messsges.
One point often thrown against WhatsApp is that conversation metadata isn't encrypted on WhatsApp, which means WhatsApp and law enforcement can see who I'm messaging, when we messaged, and potentially where we were when we sent them. But as I said, this is for casual use. That's a lot of effort to find out I talked to my family today, which I do every day. As long as they can't see what we're talking about, I'm not terribly concerned.
The second part is them moving to Google Drive/iCloud for backups exclusively. While there have been attempts to backup and restore locally, I've never had luck. But, to whatsapp's credit, they offer encrypted cloud backups where you hold the password, not WhatsApp. I feel reasonably secure using it, minus the frustration of having to keep Google Drive installed on my phone. WhatsApp also offers a plaintext local export option for each conversation, which provides some peace of mind in case the backup fails or choose to leave WhatsApp in the future.
The third is WhatsApp's hungry permissions, but as mentioned, GrapheneOS comes to the rescue with this through contact and storage scopes.
I do keep Signal installed strictly for higher risk conversations that I intend to delete, which is not many since I'm a pretty boring person. Though for such a restrictive and infrequent use case, there are other apps that I could use instead like those mentioned in this thread that may offer even better privacy.
I think it's so important to consider the usability differences between GrapheneOS and Signal despite sharing similar privacy and security goals. Signal has a restrictive vision for how they want you to use the app, but still like to tease the masses that it's perfect for everyday use. The Signal community is also relentless in pushing people to stop using more user friendly messaging apps and to use Signal exclusively, which is so unbelievably toxic.
Meanwhile, GrapheneOS understands people have different threat models and gives users the choice by implementing optional usability features such as sandboxed play services. As an additional example, and a near perfect comparison, GrapheneOS's secure camera app gives you the option to not delete metadata whereas Signal does not give you this option at all.
The GrapheneOS mods have been outspoken about how GrapheneOS can be used across various threat models and that you have freedom in how you choose to use it. If you want a locked down minimalist phone, you can have it. But you're also free to install any privacy concerning app and change system settings as you see fit. Instead of telling you that you can't, they actually try to help you do it in a way that is more privacy respecting. GrapheneOS has even censored people in this forum that try to gatekeep this OS to only restrictive threat models. Even when users talk about doing something that poses additional security risk, the mods response is to first jnform people of the risks, but then say it's still ultimately up to the user, just don't blame GrapheneOS if things go wrong, which is very fair.
GrapheneOS is also not shy about stating what doesn't work (like play integrity attestation) instead of trying to trick users into thinking that everything works just like they're used to working. If things don't work, GrapheneOS devs appear upset that they don't work, even if it's for a feature that they may not use themselves. They want things to work, but have limited resources, so they encourage the community to create third-party solutions, to add to the codebase, or to post workarounds on their official forum - unlike Signal that purposely ignores user feedback and code suggestions.
GrapheneOS GETS it. Signal doesn't.
remember to turn off your WA backups! last I read they are unencrypted to facebook servers. so much for e2ee
Do you have a source for that? I'm having trouble confirming this from my own searching. If this were the case, I'd imagine this would be talked about tremendously.
WhatsApp still explicitly says in the app that neither Google nor WhatsApp can access your e2e backup.
When a message recipient flags a WhatsApp message for review, that message is batched with the four most recent prior messages in that thread and then sent on to WhatsApp's review system as attachments to a ticket.
Although nothing indicates that Facebook currently collects user messages without manual intervention by the recipient, it's worth pointing out that there is no technical reason it could not do so. The security of "end-to-end" encryption depends on the endpoints themselves—and in the case of a mobile messaging application, that includes the application and its users.
An "end-to-end" encrypted messaging platform could choose to, for example, perform automated AI-based content scanning of all messages on a device, then forward automatically flagged messages to the platform's cloud for further action. Ultimately, privacy-focused users must rely on policies and platform trust as heavily as they do on technological bullet points
So far, I haven't seen evidence that this is happening automatically without users manually flagging messages. So as long as you trust your message recipients, it shouldn't be too concerning for lower threat model users. For large whatsapp groups, this could be concerning.
I feel like some weight should be given to the SEC fining wall street firms billions of dollars for allowing employees to use WhatsApp during COVID, due to whatsapp not preserving communications, which goes against federal recordkeeping requirements. If WhatsApp maintained records, I feel like that may have come up during these various legal proceedings.
But yes, it's totally not worth the risk to use WhatsApp for higher threat model communications or if you're being targeted, especially due to the message metadata leaks. But I personally think WhatsApp still fits in well for most people to casually message friends and family due to its combination of usability features, mostly acceptable encryption promises, and by the sheer fact that people are more likely to use it.
Sbpr https://blog.whatsapp.com/end-to-end-encrypted-backups-on-whatsapp?lang=en_US
unless it has changed, i believe encrypted backups are opt-in and not encrypted by default
- Edited
Sbpr So far, I haven't seen evidence that this is happening automatically without users manually flagging messages.
Yes, from what I understand, the recipient has to report your message, that WhatsApp can automatically analyze the content of the message is an assumption.
Sbpr But yes, it's totally not worth the risk to use WhatsApp for higher threat model communications or if you're being targeted, especially due to the message metadata leaks. But I personally think WhatsApp still fits in well for most people to casually message friends and family
It still sounds better than SMS/MMS for sure.
N1b
Good post!
Signal have recently made improvements to their management of my telephone number, enabling it to be hidden to others.
Might be worth a new look 😀
Perhaps together with an anonymous VOIP number?
Otherwise, so irritating that WhatsApp is so easy for everybody's granma to use, and so disrespectful of privacy...
- Edited
leo although your question is not addressed at me, I'd like to answer because I sympathize with Sbpr's post.
I do not like Telegram from the security and privacy perspective. It might be the most useful, beautiful and feature complete messenger out there, but not having encrypted messages by default (and only for 1:1 conversations via very hidden secret messages functionality) destroys all usability for me. I can't trust a "private" family group chat that is out there for everyone to read, no matter what company is behind it. WhatsApp, Facebook Messenger etc., despite all their flaws, offer better security and privacy on a baseline level I'm not willing to compromise.
But again: Design, features and usability have been top notch, so it might be suitable for many use cases where privacy and security doesn't matter (e.g. when registered with a non KYC phone number that isn't connected to any crucial accounts like banking).
N1b not having encrypted messages by default (and only for 1:1 conversations via very hidden secret messages functionality) destroys all usability for me. I can't trust a "private" family group chat that is out there for everyone to read, no matter what company is behind it.
Thanks a lot for your perspective, I agree with you. I have seen a trend of switching from WhatsApp to Telegram in my friend circle and after all I am not sure this changes anything for me, as both WhatsApp and Telegram are using closed-source encryption by default. As you pointed out, at least WhatsApp promises that it uses end-to-end encryption.
Since you asked for my opinion, I'll respond by saying I completely agree with N1b in regards to Telegram. The lack of e2ee by default and lack of e2ee for group chats for anything other than 1:1 chats is a major dealbreaker for me and enough for me to not bother with it unless I'm forced to use it. I've also read that Telegram's encryption protocol is inferior to the Signal Protocol (WhatsApp uses the Signal Protocol).
- Edited
To give my opinion, I don't trust Telegram either (WhatsApp is a bit in the same boat, but at least E2EE is enabled by default).
Their marketing attracted a lot of politicians, businessmen and shady users thinking they were getting private, secure conversations.
https://portswigger.net/daily-swig/multiple-encryption-flaws-uncovered-in-telegram-messaging-protocol
https://www.cryptofails.com/post/70546720222/telegrams-cryptanalysis-contest
https://words.filippo.io/dispatches/telegram-ecdh/
https://blog.bytebytego.com/p/ep29-online-gaming-protocol#%C2%A7is-telegram-secure
The second part is them moving to Google Drive/iCloud for backups exclusively. While there have been attempts to backup and restore locally, I've never had luck.
Don't know about iOS but on Android it's still possible to have local backups and use these to restore WhatsApp. If you have backups enabled but don't configure a Google account it stores local backups in /Android/media/com.whatsapp/WhatsApp. I have been able to use these to transfer chats between phones without requiring Google Drive or the transfer chats feature.
I find simplex approach the most pleasing.
if you concerned about phone number and want a private secure foss msgr product https://simplex.chat is your solution.
-uses signal protocol
-encrypted backups that can be exported and imported.
-zero phone number requirements
-security audited Nov 2022, July 2024, January 2025
-hidden profiles with separate passphrase
-multiple profiles, multi incognito profiles (per contact even)
-uni-directional msg relay routing
-random relay servers
-socks / tor routing possible
-desktop may have diffrent profiles, link up mobile device (docking), mobile device profile overlays desktop (like laptop docking into workstation); once undock, desktop profile reappears
-recent investment by Jack Dorsey, among others
-Global Village VC seed round
Using matrix self hosted with wireguard vpn. Signal as a backup.