IM
Image created by Rochak Shukla

What is the best and most secure instant messaging app?

This is the question that very often people ask me.

Indeed, the truth is that there are no secure solutions because, in computer science, absolute security does not exist.

The correct question should be, “What is the preferable choice to communicate securely while respecting privacy?".

Our “preferable” choices

After having spent time investigating and testing apps, I found - at the moment - some solutions to communicate while respecting privacy that I can define as “preferable.”. I cannot consider them the absolute best solutions due to the statement “absolute security does not exist.”

From my perspective, I point you to what are the “preferable” solutions and precisely from the most user-friendly to the one for more savvy users:

  • Apple iMessage:

    • to use it:
      • you should have an iPhone, iPad, or Apple computer (suggested to people that are in the Apple ecosystem);
      • you must know the mobile number or e-mail account of people you want to communicate with (and so mine);
    • features:
      • SMS exchanged among Apple users are encrypted.
  • DeltaChat:

    • to use it:
      • download the app from the “Download” page and then set up your email account simply with login and password; if you want, you can read our contribution on DeltaChat.
    • features:
      • you must use your e-mail account (messages sent are encrypted);
      • no mobile number is required;
      • you must know the e-mail account of people you want to communicate with (and so mine);
      • messages are encrypted and stored on your server mail;
      • no data linked to you or stored because it works exclusively on your e-mail account.
  • Session:

    • to use it:
      • download the app and set up your account - if you want, you can read our contribution on Session.
    • features:
      • decentralised system based on the OXEN blockchain;
      • no mobile number is required;
      • no e-mail account is required;
      • no personal information or other data are required;
      • no data linked to you or stored because it works on the OXEN blockchain;
      • messages are encrypted.
  • Matrix:

    • to use it:
      • you have to previously create an account through the app or web app which is called Element (if you want, you can read our contribution on Matrix), and here you have two options:
        1. Create the account on the matrix.org server by registering using the Element.io web app or by registering from the Element app;
        2. Create the account on our Matrix server by registering using the Element web app or by registering from the Element app but you will have to indicate https://matrix.nicfab.it as your server;
      • Once you have created the account - using the Element app - you can exchange messages with everyone; to send messages to me, you have to search @nic:matrix.nicfab.it (you can click directly on my account name to connect).
    • features:
      • decentralised system;
      • federated system;
      • no mobile number is required;
      • your e-mail account is required if you forget your password;
      • messages and data are encrypted server side.
  • App based on the XMPP protocol:

    • to use it:
      • two steps are required for actual use because you need: 1. an XMPP account and 2. an app based on XMPP protocol:
        1. XMPP account creation at a provider (if you want, you can read our contribution on XMPP - I point out a few with the most straightforward procedures):
        • disroot.org - you can register your XMPP account;
        • sure.im - you can register your XMPP account;
        1. App to use based on XMPP protocol: on the disroot.org webpage, you can find the list of some apps to use your XMPP account, and it depends on your platform (iOS, Android, Mac, Windows, Linux);
        • If you use iOS, I recommend:
          • Siskin IM - once you download the app, you have to configure your account (remember to set OMEMO);
          • Snikket - once you download the app, you have to configure your account (remember to set OMEMO); if you want, you can read our contribution on Snikket.
        • if you use macOS, I recommend Beagle IM - once you download the app, you have to configure your account (remember to set OMEMO);
        • if you use Android, I am told Conversations is excellent, but it is paid; otherwise, there are other apps for XMPP (f-droid, Gajim);
      • To chat with me: after you have gone through steps 1 and 2, you can write me at nicola@chat.nicfab.it or nicfab@movim.eu, or nicfab@disroot.org (you can click directly on the account).
    • features:
      • messages are encrypted if the user set OMEMO;
      • no mobile number is required;
      • no e-mail account is required;
      • messages exchanged are encrypted.

I hope I have succeeded in providing helpful pointers for communicating securely while respecting privacy and avoiding probably more well-known and popular solutions that I personally reject.

Please, note that this post is a simple personal suggestion, and I intentionally do not deepen on every single solution for which I refer to some well-known resources on the Internet.


Stay tuned!