• Off Topic
  • Signal vs Threema as a Secure Messaging App

[deleted] Excuse me for my ignorance, but isn't that part of the point of end-to-end encryption? That trust in the server is not required. And from what I understand Signal implements E2EE better than most. Or am I missing something?

    • [deleted]

    treequell
    From the operational point of view metadata is more important than content of your messages. The social graph has a big value.
    If you know social graph you can use other operational tools to obtain information you want to get.

    Former head of the National Security Agency Gen. Michael Hayden: "We Kill People Based on Metadata"

    Use Session for a TOR type network.

    My current path is Origin>VPN (Netherlands)>Germany>Greece>UnitedStates>Destination.

    Path changes as nodes drop out and are replaced.

    • [deleted]

    [deleted] Every year you can win free Threema shop licenses by solving their easter egg challenge. You get three free licenses which are then delivered via a Threema private message, but you can use those free licenses to create a new profile that is not affiliated to your payment info.

    10 months later
    • [deleted]

    Threema has a lot of issues, you should give this article a read.

    Session shouldn't be used nor recommended. It is a very broken and poorly maintained app an thus it's insecure. You'll accomplish the opposite of what you want by using session. They're also misguiding users into a false sense of security and privacy.

    While Threema and Signal have their issues, they're still the best secure messaging options out there. Especially with the upcoming Signal feature to remove the tel nr requirement.

      • [deleted]

      • Edited

      herbaert While Threema and Signal have their issues, they're still the best secure messaging options out there.

      I don't think Threema can be recommended when it intentionally doesn't have Forward secrecy (unless manually enabled for an contact) and has many amateur cryptographic mistakes.

        • [deleted]

        Themble The other issues mentioned in the article (Weak KDF, Unauthenticated CBC mode, Cache-timing attacks, etc.) still apply.

        7 months later

        Threema all the way, I hate Signal.

        • xxx replied to this.

          AlanZ Threema all the way

          Threema is fine for a lot of usecases.

          Max-Zorin To me it comes down to how many of your contacts are actually willing to use the messaging app. The unwillingness of many people to "install another messenger" on their phones seems to be one of the strongest forces in nature........

          So true.
          I ended up with Molly and threema. People can reach me there or they should use Phone, SMS or mail.