Instant messengers with encryption in mind (2021/2023 view)

Short preface

I’ve started writing this “thing” in 2021 (based on relatively recent experiences) and ultimately finished in 2023. I feel not much changed during this time though, so most points still stand. Just keep in mind that 2021 is mentioned multiple times not without a reason. Wherever I felt like it, there is an update with 2023 perspective. Oh, and of course this is purely an opinion piece. Take everything with a grain of salt. Or treat it like you would someone’s diary entry.

Intro

The Internet is a wonderful thing and there is no denying that. You could surf through countless websites touching on countless of interesting topics. You could set up a blog to keep a diary or get people to know you. You could get yourself a swell website with variety of content. You could open a store… and so on and so forth. But let us be honest - most of us use the Internet almost exclusively to keep in touch with people or communicate about “important matters” (work, hobby, whatever). This process of communication may happen on dedicated forums, a subreddit (mid 2023 update: heh), maybe a server of an instant messenger or a voice chat but most likely in a Facebook group or a Messenger chat.

All of those forms of communication are not private. Forums, subreddits, Facebook groups are inherently (semi-)public and Messenger chats are parsed for data-mining and ads targeting purposes (either in full text or just metadata). To avoid this surveillance and profiling and to promote good Internet “hygiene” and habits, me and a group of college friends (with one, let’s say prominent one) have been trying out quite a few instant messengers. Our main focus was that the communication should be end-to-end encrypted with user-experience coming close second. In the end we did not find THE instant messenger to rule them all. Every single solution has flaws - either on the front end or in the basis of its inner workings. Oh and there is also a “human” problem to keep in mind. 

The “human” problem

The Internet was a wonderful thing, until the era of social networks came. In their premise they (social networks) are made with good intention in mind - integrate website, blog and instant messenger functionalities and make it more effortless to communicate with friends and family and share interesting content. This effortless manner however causes one gigantic issue - effortless and cool and nice things are addicting. Now imagine - one could get people addicted to a website that serves them content they are interested in and that at the same time allows them to keep in touch with people.

They have “one” gigantic issue - they are usually centralized, proprietary and addicting. One consequence of that is lack of control over user’s data in hands of said user. This is not a problem. It’s good to not have to care sometimes how things work and what data they proces and just carpe diem for the time being. Much larger consequence of the beforementioned addictive nature is that once a certain size of a group of friends joins such

Social networks however. did not appear out of nowhere. Before, there were forums, blogs, personal websites, wikis… And let’s even throw mailing lists into the mix! All of them had (have) quite a couple of problems:

1. They are not immediately accessible. As in, you have to know the address of a site (or e-mail in case of a person) or what to google for (if we even take search engines into account).
2. Their message flow is not instant. One has to actively go to a forum/blog/site or open their e-mail client and check if new messages arrived/new content has been added.
3. Some are borderline unusable on mobile devices (which are a problem in themselves).
4. Are (almost always) completely open to public.
5. Are too easy to “get into” and get addicted to for unsuspecting people.
6. If this one stayed like this then I had something more on my mind but forgot for now.

Somewhere in-between all of them (forums, blogs, personal websites, mailing lists) are instant messengers. They seem to solve all of the issues mentioned! But in their beginning they were too limiting, because people… most likely just wanted to communicate instantly, share information and their day to day experience quickly. All of that with limited, costly and slow DSL connection. This makes so much sense! But internet quickly moved into a multimedia ear. So let’s focus on that - IMs more modern and still actually used. Some them are server/room based, some person-to-person (not to confuse with peer-to-peer). Some are centralized and some are not or are peer-to-peer.

This article touches on findings and issues I had in 2020 concerning modern instant messengers. But “what is a modern instant messenger?" one may ask. Let me define one and then I will confront that with examples I had “pleasure” of using.

An ideal modern instant messenger should:

1. allow user to have an uniquely identifiable “handle” (account, profile, call it however you want),
2. keep list of “friends”
3. have always-on server (to act at least like an IRC bouncer and allow user to read messages received in time where they had no active client/messenger application running)
4. allow to send text (duh) that can be at least slightly formatted,
5. allow to send images and videos that get embedded among text messages,
6. support file transfers,
7. do it all end-to-end encrypted in as wide scope as possible,
8. do it all on mobile platforms too (let us not kid ourselves that smartphones are not useful or are going anywhere),
9. do it all in a fast (responsive), efficient, reliable manner

Instant messengers

Let’s go through the services one by one at no particular order. Starting way before the privacy conscious journey. Keep in mind that everything written here is from a perspective of the year 2021, semi-extrapolated in places over to 2023. Links are deliberately not provided for most of the IMs. Each will be judged in few categories, completely subjectively. Popular - how many “random” people use it. Private - whether contents of your messages are monitored (for any reason). Safe - is your device in danger by using it or are you. Usable in 202X - self-explainatory. OSS - is it open source.

Gadu-gadu (GG)

Most popular instant messenger in Poland. Surprisingly, in contrast to Tlen.pl, is still alive and well in 2021. And also surprisingly you can still sometimes hear its iconic new message sound when walking through the city.

It changed ownership quite few times but in its core it is still the same program, down to huge banner ads on top of its windows. However any kind of encryption has been implemented only as recently as in 2010. Back then we (Poles/humanity) were not as aware and cautions when it came to Internet privacy. From what I gathered from Wikipedia article and other random sources, GG is using only SSL transport encryption, so from today’s standpoint still not the best, but better than nothing. There has not been any data privacy concerning incidents throughout its whole lifespan (so since THE year 2000), so I would guess it is as safe as a non-e2e IM could be (privacy policy aside of course). But the ads…

It also had lots of alternate clients all over mobile and desktop platforms - native but alternate Windows, Linux, J2ME (running on Sony PSP even) and Symbian apps. Most of them solved core problems with GG (mainly ads, and lack of skins). I will not focus on them in this writeup. They are interesting to reminisce about but completely obsolete today.

Popular: heck yeah! (but not so anymore) Private: kinda. Safe: seems like it. Usable in 2021: barely (ads and no web-client). OSS: no

Skype

For most it was “GG but with voice and video chat”. It had that mid 2000s aesthetics (like GG) and mostly just worked. For majority of us (barely pre-2000 born people) it was also the first way of internet contact with family abroad. It still is hugely popular among some audiences.

I have used Skype for as long as GG (I think) and to be honest it did not do me wrong for all this time. There were a couple of huge UI changes but nothing that made Skype unusable. Of course ownership changed to Microsoft and people started to be concerned about privacy and data-mining.

Even though I am 100% sure transport encryption is in place, Skype is not private and for some it violates freedom (people got banned for using a bad word). Current (Electron-based?) UI is the most clunky of them all. The huge mess concerning what is a Skype ID (and how fast it propagates!) and lack of voice noise gate (!) make it borderline unusable.

Popular: I think so… Private: I don’t think so… Safe: probably. Usable in 2021: eh… it’s ‘fine’… (but barely) OSS: no

Discord

Having mentioned Skype I couldn’t not mention Discord as in its early days it was branded as “Skype killer”.

If we ignore a couple of facts:

• it’s not e2ee
• it’s not open source
• it’s owned by a non-trustworthy company
• it’s sometimes heavily censored

the user experience and integration of 1-to-1, group, voice chats and servers works very well. Having proper set of expectations I could say, that Discord never let me down.

Everything is fast and snappy, both on desktop and on mobile. Web client is fully featured. There is a friends system. Notifications settings are more than fantastic. Basically, it has except privacy, nothing is missing.

Small 2023 update: Discord on Android craps its pants worryingly often lately. However a quick restart of the app makes it behave again, at least for some time.

Small update 2: Discord Nitro is an interesting way of monetizing the thing. On the one hand, not having Nitro doesn’t take any key features, on the other it’s keeping fun behind a paywall. But well… we pay to go to see a movie in the cinema from time to time.

Popular: YES! Private: No, lol. Safe: depends what you consider safe. Usable in 2021: extremely! OSS: no.

XMPP

Where do I even start… It is quite an old protocol so it must be a huge mess.

We (me and friends) tried some native desktop, web and android clients. We could not get anything to feel completely seamless. Converse.js and Conversations.im were pretty cool but only until any form of end-to-end encryption was enabled. Then, everything started to fall apart: writing indicators, media transfers, desktop-mobile “handoff”. The idea of client-agnostic protocol is great! But having so many clients leads to a hot pot of differences and incompatibility. For us, the idea of an IM that allows complete freedom of choice in this matter but works only in a single configuration for all and on single device per person was (is) pointless.

Oh, and of course the client is completely decoupled from the server. So you either find a server you trust (with your data/that it will not get shut down) or you host your own. This is cool from privacy oriented point of view but completely over the top from usability standpoint. I understand this is the point of XMPP but sometimes I am also the end-user.

Popular: not really (surely is for some). Private: only as much as you made it be. Safe: not sure. Usable: not for me (us)/not with encryption and mixing and matching clients. OSS: yes

Briar

Is P2P and mobile only. Works in a weird way. Security-wise probably fine but seemed over the top for casual chats. Not being able to sometimes leave someone message for when the person comes back to the computer/app kinda misses the point of IM (for us). Having Holo UI (yes, the Android 4.0 one) also left the impression that the app has no perspective of further development. What kind of encryption it uses, I could not care less.

Popular: no lol. Private: rather. Safe: seemed so. Usable in 2021: no…? OSS: yes

Jami

…or should I say GNU Jami? It is a typical free-and-open-source application. From the first sight there is this feeling that it is going to fall apart. Two (out of four) of us tried to exchange few messages but from what I remember we even had problems with clients discovering each of ours accounts. It is P2P so that kinda makes sense that there would be such difficulties. If I understand correctly it uses only SSL/TLS but there is no server on the communication path, so… that’s fine I guess?. I will leave it at that.

Popular: no (?). Private: rather. Safe: seemed so. Usable in 2021: no (last verified in 2020) OSS: yes

tox

The client left me speechless as it felt like nothing could be done/achieved. I’m not gonna delve any more on tox if the UX doesn’t make me wanna continue using it.

Telegram

This is gonna be a good one. When starting this writeup like 2 years ago I was ready to roast Telegram for being falsely advertised as e2ee-type secure. I thought things changed since then… but no! 

Telegram uses MTProto - their own “secure messaging protocol” which by deafult is only secure in-transport (so we can assume as safe as SSL/TLS). Should you want to encrypt your messages, you have explicitly create a “secret chat” with a person. Yes, (from what I recall) single person. No group e2ee is supported. On top of that, usability of secret chats flop as soon as you try using Telegram on desktop or via their web app as they don’t appear there. Telegram says this is a feature, and even though I understand the reasoning, lack of choice is an anti-feature for me. Signal, WhatsApp, Element, Wire… all manage to do this simple thing and do not even advertise that.

Currently used version of MTProto has not been independently audited from what I could find (not being able to find the information about the audit right from the horses mouth should be telling enough). And Telegram in their own support articles state, that on one hand the data is spread over multiple data centers in multiple countries so it’s safe from “politics” but on the other hand Telegram can be forced to give up data […]. (this is a direct quote from the support article mentioned). Take it as your paranoid self will.

Other than that, Telegram’s user experience is on very high level. The official app feels coherent, so do desktop and web clients. There is no abundance of features (incl. stickers… lots of stickers…). There is a reason it is so popular.

Popular: YES! (especially in some circles). Private: can be. Safe: seems so for now. Usable in 2021: very much yes OSS: kinda

Keybase

The premise is cool: give each user a place to serve as a “keyserver”, a keypair and some encrypted space with safe and unique way of sharing everything. Having  somewhere to refer when you want to confirm if someone’s handle is really owned by someone and to serve files and a static site… sounds great! Of course, as you might have already noticed, there are problems with every single solution in this “article”. Keybase has some too.

1. Nobody (I know) uses it. One friend and a couple their friends do but that is not enough. There is a reason no one is using Keybase as IM
2. Desktop client is wonky. Especially on Windows. “K:” drive mount collides with other hardware drives (even when Keybase files system is unmounted). There are places in the app that clearly show, that it was made with MacOS in mind first and everything else late second. Let’s not forget the UI that feels “dry” and almost early-web-like. Some encrypted data never loads.
3. Android client is wonky. Encrypted files would often just not load at all. Not even a list.
4. Zoom acquired Keybase.
5. It’s not OSS!
6. You have to use a client application to do basically anything. Every single registered client stays logged (not logged-in) on Keybase forever.

I really wanted to use Keybase but the experience was just bad. Maybe that’s caused by not using it much, maybe the other way around.

Popular: seems like it could be but no (?). Private: seemed so. Safe: seemed so. Usable in 2021: not sure. OSS: no!

Viber

This is basically early WhatsApp that is now owned by a Japanese company. I have used it only for a brief moment. It felt very toy-like. Somewhere between LINE and Signal. Desktop app was very Skype’ish and I couldn’t take the font smoothing it had. It was “meh, fine” but did not feel better at anything than any other messenger mentioned here.

Popular: among some groups I guess. Private: seemed so. Safe: not sure. Usable in 2021: maybe. OSS: no!

WhatsApp

Now owned by Facebook is not to be trusted from the start.

The idea is pretty unique - being based on Signal/OpenWhisper and having everything E2E encrypted having the phone doing the heavy lifting to make encryption key exchange easier. WhatsApp also is incredibly popular with all the people except those privacy-conscious (keep in mind the “human” problem). The mobile app is fine, desktop one is basically a web-client and actual web-client exists too.

Some of us however preferred the messenger to be used to not be tied to a phone number (or any physical thing). And having the phone be running as relay at all times (and drain its batter even when using a desktop to chat) seemed completely stupid. Both those things and Big Zucc crossed WhatsApp for us pretty switfly.

Popular: yes. Private: maybe. Safe: hard to tell. Usable in 2021: yes. OSS: kinda, not really

Facebook Messenger

Where do I even start 2: The Movie… Let’s get the big thing out of the way first - Big Zucc. It is not encrypted (other that SSL/TLS but that says nothing) and is proven to be mined for data used for ad targeting and disabling people’s access. Facebook itself is full of ads and tracking so I will skip over the fact that it is defectively adware. It is the main offender of the “human” problem (see below).

It is not good in any way other than that people are using it. Okay, maybe I am too harsh. It is complete (1-1 and group chats, images, gifs), has dedicated mobile apps (notice the “s”), works in a “web-client” (but only on desktop) and since recently also a has a native desktop app. It also really just works. Having possibility to write to anyone you come by on Facebook is a double-edged sword but it is convenient.

Now, let us discuss some of its problems.

1. UI is inconsistent between platforms
2. There are two mobile apps - regular one and “lite” version of which the “lite” is not able to view all contents sent from desktop/web or the regular one or this functionality is noticeably impaired
3. There are at least three four ways to access the chat on a PC (note: the strikethrough is not even a 2023 update)
4. The dedicated Messenger website does not have a dark mode, while regular Facebook and /messages subpage, that is effectively the same as the dedicated Messenger one but with Facebook top bar, do have a dark mode
5. Impossible to style using custom CSS (randomised class names that change with every update)
6. Constantly updated and changed just a bit
7. Sucks people in (again, see “human” problem)
8. Mobile clients sometimes lose connection (can happen during ongoing chat but restarting the app “fixes” the issue)
9. Web-client’s UI sometimes breaks in unpredictable manner
10. Notifications on desktop not working unless you use the dedicated Messenger website that does not have dark mode (“native” Electron-based desktop app is not something I am willing to install on my PC)
11. Facebook website is generally slow and bloated
12. For a service that is as proprietary as a service could be feels very much like most free and open source solutions. i.e. it could fall apart at any moment

And with those 12 points, the Facebook Messenger rant is over.

Popular: surprisingly for how bad the experience is. Private: yeah, Facebook is a private company. Safe: I feel endangered every time I use it. Usable in 2021: barely (out of necessity) OSS: what?

Wire

Now we are getting to the good part. This was our IM of choice throughout two of our last three semesters of college.

It has everything we needed: e2e, group chats, voice calls, non-phone-number IDs, well integrated mobile and desktop apps (incl. web-client). It had some cool features - built-in photo editor, gif search, working message search.

There were two problems however. One was that it was incredibly slow on last-gen devices (running e.g. Snapdragon 801) when scrolling through messages or media as it did not feature any message pooling when scrolling (!). Another was a problem with loading images that we reported and that eventually got fixed (when we moved on…). But since we shared a lot of random images, before it got fixed we started searching around for another IM to replace it.

It was fine, but slow and had a critical (for us at least) feature broken.

Popular: maybe (pretty lively on github). Private: rather (in theory you could self-host). Safe: felt like it. Usable in 2021: maybe (last verified in 2020) OSS: yeah, I guess

Signal

Heh. In 2021 I was ready to glorify Signal and call it the be all end all encrypted real IM but, oh boy (or girl, or whatever you are)… things took A turn.

Signal started for me as the better SMS app. It was nice, minimal, no fluff but well designed. Somewhere around certain pandemic (or just before it) there was a mass exodus from I believe WhatsApp (due to Facebook (now Meta 🤷‍♂️) taking the ownership) to Signal so more non tech-savvy (non hackers) started using Signal in its “full mode”. With the “it’s just another SMS app but we will have a nicer experience and nothing will change for you” argument, I was able to get even my parents to use Signal. Everything/everyone we could’ve immediately needed was in one place, one app.

On top of that, Signal has been audited, the encryption and the protocol is thrustworthy, even though the server side of things is not open source and client builds are not reproducible. Group chats are encrypted by design, so nothing (except SMS) is unencrypted. You can send files, larger photos, there are reactions, sitckers. Everything works smoothly. Even the desktop client works in a (more or less) sane way. What would one want more?

I admit, Signal is just an SMS app on steroids (steroids being e2ee). There is no editing messages, no rich text. The desktop app does not show SMS, just Signal messages which work effectively just like SMS. There is no web app (which was huge argument for me back in 2021). So I’ve kept using Signal as the SMS app and to contact other fellow Signal users (incl. my parents) - for which it was fine.

And then things start to crubmle. In 2022 Signal started introducing other features. Cryptocurrency and “stories”. And I’m like… why? The niche already using Signal surely did not ask for any of that. Of course you could disable stories and just not look at the crypto thing in Signal’s settings but it should be a… signal (sorry) that things are turing into wrong direction…

And then things start to crumble again. Late 2022/early 2023 Signal plans (has planned?) to remove SMS support. Yep. With the reasoning being that SMS support gives false sense of security and (due to Google being Google) supporting RCS would be impossible. Oh and they think SMS is expensive and no one uses it outside the US. So the developers prefer Signal to be just another messenger app (and not confuse… Americans?) than to be the ultimate messenger app (and get love from enthusiasts). At least I’ve moved my unencrypted SMS to something more fun.

I kinda get it, kinda don’t. People using Signal are most often tech-savvy enought to be aware of why they are using it and which messages are encrypted and which ones are not or be casual enough users to not care about it either way. And even though Google not making it any easier to implement RCS by 3rd parties is a pretty clear point, the way to globally supported RCS is still very long and most likely bumpy. Case in point: my 2022 flagship phone can’t use RCS (in Google’s Messages app of course) because the carrier has a whitelist of phones that can. This list consists of some Samsung and Huawei phones. Maybe 30 or 40 models total. And from what I’ve seen around local forums and Reddit - RCS is really flaky and also makes it unclear which threads are SMS and which are RCS.

So to sum Signal up - it’s dead for me just like Facebook Messenger is. I’m gonna use it only as long as someone else I care about does, not for any other principle (like I did before the SMS removal).

Popular: yes but less and less and if so only in some circles. Private: yes. Safe: yes (but I wonder for how long). Usable in 2021/2022/2023: yes/a bit less/no (or yes if we kill any ambitious expectation) OSS: client-only but builds are note reproducible

Matrix/Element (formerly Riot.im)

This. This is almost the cherry on top. It has its problems, but nonetheless it proved to be the one.

Element, based on the decentralized Matrix protocol, checks all the boxes for a sane, privacy focused IM.

• Community servers: check.
• Ability to self-host: check.
• Works no matter who is on which server (federated): check.
• Desktop experience is predictable: check
• Runs in web browser: check
• Mobile app does not suck: check

So the biggest selling point of Matrix is the federation (ability to work across multiple different servers without a centralized one). One could expect this would be the biggest hurdle to get working but it’s completely the opposite. The Python server setup was easy as pie (I’ve done it bare-metal), and following a guide setting up federation was just a matter of time. Updating both, the server and the client is so easy that the maintenance is almost non-existent. Once installed, everything just works.

Okay, some features are missing, like easy custom stickers or integrated voice chat (it’s doable via Jitsi), some videos and audio files do not embed. Maaaaaaybe carelessly copypasting things is a little bit more cumbersome (links don’t always embed the same everywhere, and then there is the matter of disk space limit when self-hosting). But as far as just the text chat goes, I could not ask for anything more. Especially since the encryption is here by default and it works, cross-server too.

Speaking of encryption, we had one big encryption incident that spanned over a couple of days. Two of us are on a community server and two of us are on self-hosted ones. I had to get in touch with the maintainer of the community server to verify a couple of things. Buuuuuuuuuut… this happened once in mid-2022, and since then, other than a regular decryption lag once a couple of months, no encryption problems happened for us. Also, there are some articles on the Internet that touch upon metadata leakage of the Matrix as a protocol, however IIRC, there was nothing one should worry about for casual (as in not politically risky on a World scale) communication with friends.

An now, a word about alternative Matrix clients. I tried, but I couldn’t be bothered. Nothing comes close to feature-completeness of Element. Let’s leave it at that.

Oh, and other than the college groups I don’t know of anyone else who uses Element/Matrix daily. This is amongst all of my friend circles. Soooooo…

Popular: from my experience - hard no (but it is within general tech-y community). Private: yes. Safe: yes. Usable in 2023: heck yes. OSS: yes, completely.

Summary

In my mind, only Element or Telegram make sense for an encrypted IM. They are the only ones that don’t try to be what they are not. Their UX is modern, predictable and just plain nice. You want to go paranoid and self-hosted - you host your Matrix instance. You want mobile-first popular choice - you go with Telegram.

Out of all the non-e2ee IMs, for me, only the Discord shows any value. It does that by integrating both DMs and TeamSpeak/IRC-like channel based communication, with voice, screen share and all other bells and whistles.

We are slowly going into post-web3 world, where social media die. It’s a good idea to not get too used to any way of keeping in touch with friends and family (maybe other than e-mail?). I hope this writeup/opinion piece at least got you a tiny bit interested in the world of modern Instant Messengers. Maybe you’ll be the one to start up a perfect one!