If you missed the broadcast this morning, you can watch our recording of Inside Story on how to regulate surveillance capitalists like Facebook and Google and replace them with ethical alternatives at your leisure at

Signal and Wire are both centralized, even if you run your own server, you can't talk to users on the official servers. It is easy to block them too. I recommend matrix, which is federated. There is no single point of failure.

@praveen What’s the state of end-to-end encryption on Matrix? Last I checked, it was not ready.

It works mostly but with some rough edges. There is a redesign in progress to fix these issues your inputs would be valuable.

Conversations/Gajim/ChatSecure all have good e2e over xmpp I think (I prefer Matrix so not verified). Both xmpp and matrix are federated and hence preferred over Signal, Wire or Telegram. For those who want phone number based contact discovery, there is which is fully compatible with xmpp network.

@aral @praveen I don't have any opinions about the m.megolm.v1.aes-sha2 algorithm that Riot uses, but I have been using e2e encrypted 1-to-1 chats in Matrix/Riot for a year now.

It's a bit of a pain to manually backup the encryption keys and restore them on each new Riot installation. Search doesn't work in rooms with e2e encryption. Device verification is an additional step.

After first setup, the e2ee is quite smooth. I'd still recommend Riot over Whatscrap and Signal even in its Beta form.

@Aral Balkan Great points about the need for funding the free and federated alternatives! I think that this is the most impactful way individual nations or the EU can help liberate us from the US centralised, surveillance capitalist model. At least if we can focus on interoperability and standardising protocols, as you also mention. Keep up the great work you do about fronting these matters!

I agree with @{}, though on the messaging apps. Wire looks like it could be interesting once (if?) it gets federation in place. With Moxies public refusal to support anything outside of Google's distribution channel, I'm a bit surprised you still recommend Signal.

@harald Signal is not my first choice. Heck, Moxie blocked me on Twitter for calling him out for legitimising Google/Facebook by working with them. I should have mentioned Wire first but it’s hard to get things exactly right when you’re in the moment. But regardless of all that, Signal is one of the few options people have for encrypted communication and so, yes, I will continue to recommend it, regardless :)

@aral @harald Yes. I have quite a laundry list of reservations about Signal, but if it's a choice between that and something unencrypted, or "encrypted" but the platform has the private keys, then Signal is still a reasonable choice.
@bob @aral There is no circumstance where those are the only choices.
@maiyannah @aral It depends who you're communicating with and what environment they're operating in, but in most cases you're right and there are other better options than Signal.

@bob @maiyannah @aral What are the alternatives for you? I mean real good and easy ones, not Matrix or XMPP...

@skynebula @aral @maiyannah On desktop another easy one is qTox. It can be onion routed and doesn't need servers. Can also run on an autonomous mesh.

Other possibilities on mobile apart from xmpp and riot are GNU Ring and Briar.
Sign in to participate in the conversation
Aral’s Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!