this post was submitted on 16 Jun 2023
46 points (100.0% liked)

Privacy Guides

16778 readers
54 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...


Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 1 year ago
MODERATORS
 

I have nothing against Signal. I just don't have access to a phone number right now. I fully intend to use the Signal when I get a number. I know there is no silver bullet, no absolutes in the privacy world but I'm looking for any messengers that are generally considered to be private and secure on Android that I can try to convince my friends and family to use. I have a mid - low threat model, it's just the thought of giving the Zuck anymore of my family's data makes my skin crawl.

you are viewing a single comment's thread
view the rest of the comments
[–] nyanix@dataterm.digital 7 points 1 year ago* (last edited 1 year ago) (5 children)

Matrix is great, Element has a really nice UI for it. ~~Signal also does work without a phone number, in fact it doesn't really work for SMS anymore. Signal provides P2P for any communications with another Signal user. Matrix supports P2P as long as you set it up (encrypt a channel) and I think DM's are P2P~~

Edit: So Matrix is cool, End to End, NOT P2P, and probably the right decision for OP.

[–] bou@kbin.social 3 points 1 year ago

Yup, a Matrix client (especially Element) is a great choice.

[–] Hyperi0n@lemm.ee 3 points 1 year ago (1 children)

How do I use Signal without a phone number? Whenever I booted the app it needed a number.

[–] gravitywell@sh.itjust.works 1 points 1 year ago

a work around I use is text verified.com , costs like 2 bucks and then you can activate signal. Catch being that you can't reuse the number to verify again, so its only a temporary solution but I have setup a bunch of accounts that way.

[–] SFaulken@kbin.social 1 points 1 year ago* (last edited 1 year ago)

Element/Matrix can be E2EE, it is most decidedly not P2P

[–] honk@feddit.de 1 points 1 year ago (1 children)
[–] nyanix@dataterm.digital 1 points 1 year ago* (last edited 1 year ago) (2 children)

I apologize, I was thinking End-to-End. Though would someone mind enlightening me to the difference? Is is just multi-client support? Or that there can be a broker in between?

Also, to everyone currently roasting me, here is what I was referencing

[–] ivy@fedi196.gay 4 points 1 year ago (2 children)

peer to peer means that the information goes from one "peer" (device) to the other, no middleman

end to end encrypted means that the message is encrypted before transit and is then decrypted at the other "end" once it's on the recipient's device. end to end could have a server acting as a middleman, storing these encrypted messages, allowing for chat logs to be stored more conveniently and messages to be sent while one peer is offline.

[–] ivy@fedi196.gay 2 points 1 year ago

this makes more sense if you understand public and private keys

when encrypting a message, there are two keys. the public key can only be used to encrypt and the private key to decrypt. a recipient will put its public key out and a peer wishing to send it a message will use this key to encrypt it. once the message arrives, the recipient can use their private key to then decrypt the message

[–] nyanix@dataterm.digital 1 points 1 year ago

Aaaah, got it, thank you so much for clearing that up for me. I apologize for my incorrect message then. From these comments, I'm inclined to say Matrix remains OP's best option.

Thank you for educating me! 😊

[–] GunnarRunnar@kbin.social 2 points 1 year ago (1 children)

End to end means the users at the 'ends' have the keys to open the message and 'middle' is the server it goes through (that doesn't have the key so it can't read the message).

[–] nyanix@dataterm.digital 1 points 1 year ago* (last edited 1 year ago) (1 children)

Ah, and P2P would have no middle man doing the hand-off?

[–] GunnarRunnar@kbin.social 2 points 1 year ago (2 children)

Yeah, basically you both need to be online at the same time for the other to receive message. Which, as you can imagine, can cause problems. Also I'm not sure you'd need encryption for P2P messaging? Maybe from the service provider?

[–] nyanix@dataterm.digital 1 points 1 year ago

For some reason, I thought it was interchangeable terminology, I'm glad to understand better now. I could see a lot of P2P's forgoing encryption then, since presumably you're not hopping over any other devices or networks.

[–] yozul@kbin.social 1 points 1 year ago (1 children)

A phone is a radio broadcast device. If you're sending something unencrypted from it, anyone nearby can listen in to what it's sending. Of course, it's all compressed and sent with different protocols depending on what app you're using, so it's not trivial to read messages from everyone to everyone all the time, but if someone is determined it's quite doable. SMS messages in particular are famous for having that happen to them, but it can happen with any unencrypted message.

[–] GunnarRunnar@kbin.social 1 points 1 year ago

Good point, thanks for the insight. I was thinking p2p in the old school terms where there wasn't anything to intercept over the air (even though we were obviously talking about phones, dunno why my brain defaulted there).

[–] On@kbin.social 1 points 1 year ago

did you mean E2EE? I don't think signal is P2P. the signal server relays the messages in between users