A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z | AA | AB | AC | ||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | Popular messengers compared for security and confidentiality | Signal | Wire 4 | Skred (by TwinMe) | Threema | Session | Telegram | SnapChat (see SnapLion) | Facebook Messenger | Skype | Google Messages | Element / Riot | Apple iMessage | |||||||||||||||||
3 | Recommended for securing messages and attachments? | Yes | Yes | Yes | Yes | No via server in Canada! | No | No | No | No | No | No | No | No | ||||||||||||||||
4 | Is encryption turned on by default? | Yes | Yes | Yes | Yes | Yes | No | No. if on, AI sends info home | Yes (Not in browser) | No / not available with web client(s) | No | Yes | No | Yes | ||||||||||||||||
5 | Does the app have self-destructing messages? | Yes | Yes | Skred: Yes TwinMe: paid feature | No | Yes | Yes s/1m/1h/1d/1w/off | Read by ai and Snap retains copies | yes but may get copies | No | No | No | No | No | ||||||||||||||||
6 | Can you recall messages? (remote-delete) | Yes | Yes | Yes, plus nuke conversation | Yes | Unreliable / Buggy | only for 24hrs | Yes but Snap keeps copies | 1 day time limit to recall | Limited, FB keeps copies | No | No | Yes | No | ||||||||||||||||
7 | Does it have PFS? (Perfect-Forward-Secrecy) | Yes | Yes | Yes | Not enabled by default. | Cancelled! | No | No | No | No | No | No | No | No | ||||||||||||||||
8 | Are there secured group/chatrooms? | Yes 1000 members | Yes 500 members | Yes unlimited / not known | Yes 256 members | Yes 100 members | No | No | Yes but reports unencrypted | Yes. Web:no. fb retains copies | No | Yes? but limits. logs metadata | workaround exists | No | ||||||||||||||||
9 | Can you sign up to the app anonymously? | Phone # is your ID! | Number or email required | Yes. + change QR/code | Pmt proc. has your info | Yes | No | No | No | No | No | No | Server ops can ID you | No | ||||||||||||||||
10 | Is personal information (mobile number, contact list, etc.) hashed? | Mostly except mobile #, undisclosed metadata | Mostly, except contacts + groups | Not storing your info | Yes but questions about payment processor | Yes but questions about files & calls server | No | No | No | No | No | No | Your IP/ identity can be known by server operators | No | ||||||||||||||||
11 | Generate & keep private key on device? | Yes | Yes | Yes | Yes | Yes | Yes | No | Yes | Yes | Yes | Yes | Yes | |||||||||||||||||
12 | Can messages be read by the company? | No | No | No | No | No | Yes | Yes and AI to assist | if reported | Yes | Yes | Yes | they can visit groups | No / depends | ||||||||||||||||
13 | Does the app enforce perfect forward secrecy? | Yes | Yes | Yes | No. must be set manually | No | only every 100 uses | No | Yes | No | No | Yes | Yes | No | ||||||||||||||||
14 | info or metadata collected or sent to 3rd parties? | Undisclosed "minimal metadata" | Limited metadata (Not shared) | No | Known by payment processor | If you paid for alias or nodes | Yes | All user data, incl. messages + content | Yes | All user data, incl. messages + content | All user data, incl. messages + content | All user data, incl. messages + content | Known by payment processor | All user data, incl. messages + content | ||||||||||||||||
15 | Does the app encrypt metadata? | Yes | Yes. but Not contacts+groups | No server, no metadata | Yes | Yes | No | No | No | No | No | No | Yes but servers can see your IP | No | ||||||||||||||||
16 | Does the company log timestamps/IP addresses? | Yes: who you're talking with | Yes: who you're talking with | No | No | No | Yes | Yes | Yes | Yes | Yes | Yes | Server operators can | Yes | ||||||||||||||||
17 | Does the app use TLS/Noise to encrypt network traffic? | Yes | Yes | Yes | Yes | Yes | No | No | Yes | Yes | Yes | Yes | Yes | Yes | ||||||||||||||||
18 | Does the app encrypt data on the device? (iOS / Android) | Yes if key & passphrase set | Yes | Yes | Yes if key & passphrase set | Android: Yes IOS: No | No | No | No | No | No | No | Yes | Yes if key & passphrase set | ||||||||||||||||
19 | 2-factor authentication? | Yes | Yes | No | Yes | Yes | Yes | No | Yes | No | No | No | No | No | ||||||||||||||||
20 | Are messages encrypted when backed up to the cloud? | N/A, excluded from iCloud iTunes Android backups | excluded from auto backups. Optionally use Wire's servers. | N/A | Yes | N/A, excluded from iCloud iTunes Android backups | No | No, and analyzed by AI | No | No | No | No | Yes | No | ||||||||||||||||
21 | Are the app and server completely open source? | Yes | Yes | No, the encryption libraries are | Yes | Yes | No (clients and API only) | No | No | No | No | No | Most clients, Element server/API matrix.org | No | ||||||||||||||||
22 | Have there been a recent code audit and an independent security analysis? | NO. only old version 2014 | NO. only old version 2018 | encryption libraries | NO. only old version 2020 | encryption only with some fails | Client only (Nov., 2015) | No | No | No | No | No | No only encryption | No | ||||||||||||||||
23 | Company jurisdiction | USA | Switzerland | Skred; France TwinMe: USA | Switzerland | Australia | British Virgin Islands | USA | USA | USA | USA | USA | UK | USA | ||||||||||||||||
24 | Infrastructure location (sometimes also jurisdiction depending on laws) Influences connection quality. | USA | Germany best speed | Decentralized peer-to-peer | Switzerland | Text peer-to-peer, Attachments & calls: servers in Canada | Dubai UAE, UK, Singapore, USA, Finland | USA | USA, Sweden | USA, Sweden | USA, Australia, Netherlands, Brazil, China, Ireland, Hong Kong, Japan | Worldwide (Google Cloud regions) | UK/ potentially all jurisdictions, given it's decentralised | USA; runs on AWS and Google Cloud | ||||||||||||||||
25 | Giving customers data to intelligence agencies? | No | No | No | No | No | No (?) | Yes | Yes | Yes | Yes | Yes | No but not foolproof | Yes | ||||||||||||||||
26 | Surveillance capability built into the app? | No | No | No | No | No | Not for secret chats | Yes | No | Yes | Yes | No | No | No | ||||||||||||||||
27 | Does the company provide a transparency report? | Yes | Yes | Yes | Yes | Yes | No | Yes | Yes | Yes | Yes | Yes | No | Yes | ||||||||||||||||
28 | Company's general stance on customers' privacy | Good | Good | Good | Good | Good | Poor | Poor | Poor | Poor | Poor | Poor | Confusing | Poor | ||||||||||||||||
29 | App/company collects customers' data? | Contacts. Phone number hard-coded to account. Who is talking with whom and "other" information. Unknown other data being read/saved with their newly added closed code to "fight spam". | Wire Personal: Ltd metadata; IP, email or number (if provided), friends, groups Wire Enterprise: Contact info / metadata | No / certain metadata is used but not kept, such as device type, os, to set things like window dimensions, location (if shared) for language, and IP to perform contacts connection | Limited: Contact info (if provided), identifiers Contact/Billing information known by their payment processor. | No forensic audit would be needed to determine whether their crypto transactions are traceable (the only way to purchase your alias) | Yes Contact info / contacts / identifiers / MetaData / Chats / Groups activity / Content (only 1:1 "secret chats" do not have chats shared) | Yes AI data collection & analysis on steroids. Collects everything on phone. Filters can share face pictures to facial recognition databases and systems | Yes Purchases / financial info / location / contact info / contacts / user content / identifiers / usage data / diagnostics May be able to circumvent e2ee | Health & fitness / purchases / financial info / location / contact info / contacts / user content / search + browsing history / identifiers / usage data / sensitive info / diagnostics / other data | Yes (Information not submitted to Apple Store) | Yes (Difficult to assess given the app is integrated into Google's greater ecosystem) | Yes Contact info (if provided) / contacts / identifiers / diagnostics / user content / metadata | Yes (Difficult to assess given the app is integrated into Apple's greater ecosystem) | ||||||||||||||||
30 | Cryptographic primitives | Curve25519 / AES-256 / HMAC-SHA256 | Curve25519 / ChaCha20 / HMAC-SHA256 | WebRTC/TLS / EDCH / AES-256 / SQLCipher | Curve25519 256 / XSalsa20 256 / Poly1305-AES 128 | X25519 / XSalsa20 256 / Poly1305 | RSA 2048 / AES 256 / SHA-256 | AI on local device defeats the purpose of any encryption | Curve25519 / AES-256 / HMAC-SHA256 | Curve25519 / AES-256 / HMAC-SHA256 | RSA-1536 & 2048 / AES 256 / SHA-1 | Curve25519 / AES-256 / HMAC-SHA256 | Curve25519 / AES-256 / HMAC-SHA256 | RSA-1280 (encryption), ECDSA 256 (signing) / AES 128 / SHA-1 | ||||||||||||||||
31 | Funding Sources | Freedom of the Press, Knight, Shuttleworth, Signal, Open T. | Janus Friis / Zeta Holdings / Iconical / Morpheus | Skyrock Group | User pays / Afinum Mgt AG | LAG Foundation Ltd | Pavel Durov | Snap / Alto Partners Multi-Family Office | Meta | Meta | Microsoft | New Vector Limited | Apple | |||||||||||||||||
32 | Main reasons why the app isn't recommended - or - Desirable improvements for recommended apps | Uses your number as user ID (personal identifying data should be confidential) Last audit obsolete (8 years ago!) New code to control spam (how?). Caution about number- spoofing vulnerability. | Ver.4 new product not yet peer reviewed. Seems unfinished. No dark mode! Could further limit metadata. Enterprise collects more MetaData, has "legal-hold" feature. | Video sharing and large file transfers is a paid feature. TwinMe's expiring messages is a paid feature. | Paid app = very small userbase. Most of your friends won't like you asking them to pay just to talk with you. Should change their financing model. Like Wire maybe with a paid enterprise version. | Some things in whitepaper not implemented, such as PFS and mesage recall. Long complicated code in place of a username, crypto cost for username, learning-curve to use their crypto. | Chats/activity kept forever on their servers. Chatrooms / groups not encrypted. Messages not encrypted except for 1:1 secret chats. Attachments not encrypted. Most data not protected. | Lack of privacy / encryption. AI is super-charged data collection and analysis. Servers retain copy of "disappeared" messages for AI analysis. Filters can share images to facial recognition databases. SnapLion tool | NSA partner May be able to circumvent e2ee by using app to read unencrypted stored chats. Reported chats are sent unencrypted. Make money from collecting, renting, selling personal data. No code audits, closed source. | Named as NSA partner in Snowden revelations Encryption off by default. Not available if a browser login is in conversation Revenue from sharing data Data not protected Perpetually new bugs, closed source, no code audits | NSA partner Encryption not enabled by default Makes money from personal data Data not protected, not all data protected Closed source | NSA partner With dilution (distraction, confusion) of no less than 6 messaging programs, it's a roll of the dice as to which will survive the next round of terminated google apps. | Website offers no information about features. Enormous potential attack surface. "encrypted messages can be leaked through unsecured connected clients. No independent code or security review | NSA partner Data not protected, not all data protected No independent & recent code audit and security analysis Closed source | ||||||||||||||||
33 | ||||||||||||||||||||||||||||||
34 | Legend (color guide) : | Deep Red = Major Concern | Bright Green = Very Desirable | Amber = Somewhat concerning | N/A = not applicable or not available in time to publish | |||||||||||||||||||||||||
35 | ||||||||||||||||||||||||||||||
36 | Notes | Inspired by https://www.securemessagingapps.com/ and intended to be a more complete version with some updates and corrections. Please rely on your own research. | Share link https://docs.google.com/spreadsheets/d/14r1sLT0SSU2kKFlsi7BWGj65zPdcC4x-LfjAoKUQxNA | https://app.element.io/ |