Great. Now what the fuck am I supposed to be using?

Is known where exactly Snowden is? He must be behind 9k proxies when tweeting or something.

Can someone justify this claim

lol what?

This, trips have spoken.
It's well known that Snowend is literally an illiterate

Use Bitmessage, a distributed protocol with no central authority.
>mfw no one can MiTM me
>mfw Bitmessage runs in a separate Qubes OS container
bitmessage.org

It's the US gov that has it all. AFAIK the servers are in the US so the US can grab all the traffic, and it's been shown that there is a high probability their cryptography is broken. The creator is NOT a cryptographer and he broke the #1 rule of crypto which is "never roll your own crypto." He's also said some really, really stupid things in the past

Use Silence

what's wrong with telegram? Cred Forums told me it's better than whatsapp in terms of security

what is the official Cred Forums telegram group?

Eh, I don't care either way.

Only messaging app i use is normal sms messaging and I only talk to my family because I have no friends :(

If USA wants to know when I'm coming home or am I depressed, feel free to have it.

>buying into FSB botnet created to gather intelligence on ISIS when there is a superior Chinese botnet called QQ

>recommendations for signal, imessage, and whatsapp

It's "by default". Just create a secret chat.

telegram has been shit for a while ive been watching people foolishly use it.

>seriously using (((tox)))
news.ycombinator.com/item?id=9036890

I cannot put into words how much I hate Edward Snowded. It is clear he is just an attention whoring faggot.

this is the best way to go

nobody gives a shit what you tell your friends

if you want to do anything privately, cellphones are out of the equation

NO

Nothing to hide... Nothing to fear...

>linking to the debunked shitpost
>not linking to Tox's vulnerabilities

Really?? I didn't notice that...

Wire. You know it's good because it's Swiss.

>using a chat client that rolled its own
>using a chat client from the same guy that did vkontakte
>russian facebook
PATSY

is it on f-droid?

>rofl

What's the catch with this one? It looks like it has everything everyone wants and is E2E encrypted, but no one ever talks about it.

He's in Russia dumbass.

Kys NSA fag

There is no need to upset. =D

That's just an example, but Telegram for macOS logs every sent message in a cleartext file.

turtlenecks and babyskin are two signs of a person you can't trust.

This. Use Silence you fucking faggots. Stop using compromised app like Telegram/Signal/WhatsApp. If an app is too mainstream you could bet it has a lot of backdoot.

>signal
>compromised
citation needed, please.

I've never realized that, but it seems about right.

Savoir Faire Linux's "ring" is a mature equivalent to tox, made by a respectable consulting company. It's p2p, e2e encrypted, distributed and GPLv3 licensed. It's a perfectly good alternative and its client is SIP-compatible.

Just my depressing life.

And it's on F-Droid, for those who care.

Google dependencies. Need I say more?

Security on mobile phones is non-existant, though.

A crypto-anarchist friend of mine recommands me to use separate hardware (Raspberry Pi 2, Raspberry Pi Zero, SPI wiring, separate keyboard and wifi card bought as a "lot" in a hacker space) if I wish to talk privately through Bitmessage.

FOSS hardware (building your own code in an FGPA board) is an option too.

However, NSA-proof security on iOS, Android, BlackBerry, Firefox OS, Sailfish OS, Windows Phone 8, Silent OS, etc.: in the trash it goes.

That approach is a bit extreme, but I still wouldn't trust my mobile device though. And remember the Internet is made to share data, not to keep it secure: secure communications on 80 and 443 ports go in the trash as well.

now serious answer only:

DOES end-to-end actually work for whatsapp, viber or telegram? telegram supports it for secret chats, and their website swears that nobody else can intercept them. but so does every other service offering end-to-end.

but then you read how terrorists get busted by using telegram that intelligence services have busted them with by using

>not normie friendly
>slow as fuck file transfer
>incompatible with anything else because omemo isn't widely supported
>server choice is luck and greatly affects user experience
no thanks.

Been using it for a while. Comfy af. Needs audit tho.

File transfer is as fast as the network allows it to be.
Everything else you are right, it's not hard to use but definitely not as plug-and-play as whatsapp.
As for the server I personally use ejabberd, it has great documentation and never let me down in the past years.

when i tried xmpp+conversations the file transfers were abysmal (but stable) 20KiB/s.
how are file transfer connections established? does cell provider NAT prevent fast connections?

WhatsApp has end to end encryption enabled by default, whereas Telegram has encryption to Telegram's servers but you must turn on end to end encryption manually. His claim is in this regard WhatsApp is more secure for people who are too stupid to know how to enable end to end encryption.

See

read his fucking answer you idiot
>By default, it is less safe [...] dangerous for non-experts.

Use Telegram but use secret chats if you don't want anyone to read your messages.
Its crypto is said to have weaknesses, but as long as you aren't Joe Terrorist nobody will spend the effort to decrypt your chats.

I fucking hate how everyone claims just because Telegram doesn't encrypt by default it's unsafe.

those terrorists got busted because the gov intercepted sms authentication.
If they had used secret chats and verified the keys in person, like your supposed to do, they wouldn't have got busted.

What server did you use?
Ejabberd limit bandwidth usage for normal users to a very few Kbyte/s for security reasons.
However in the config file it is possible to add custom bandwidth shapers to increase the maximum bandwidth usable by a single user.
It is also advisable to use a socks5 proxy to speed up file transfer, in the case it isn't advertised by the server Conversation will revert to some very slow file transfer method (IIRC it converts the file in base 64, sends a small chunk of it at a time and always waits for ack before sending the next chunk).
Ejabberd already embed a socks5 proxy but it must be configured properly.

i used some random public server with good availability (turned out to be a fallacy). i don't have time for hosting and maintaining my own server.

VKontakte

is that bad? if the file is yours it doesn't matter. if you don't want to keep it just shred it

>Encrypted communications are logged in a cleartext file on your computer
>Is it bad?
Y-Yes

xor with a random letter of the developer's choice is all you'll ever need :^)

but it's on your computer, you're in complete control of it. you could literally just set up some shitty cron job that clears it every 30 seconds and you'd still have 99.99999% of your resources left

Are you telling me that the target Telegram user case knows what cron is? I bet 2/3rds of the people who're gonna to use it are forensics and black hats.

* who're gonna use it, my bad.

That's their messages, your'e already willingly giving up yours to them though, so if they want to give them away you're already fucked.

This is another point that's wrong with them indeed, but not the one I was referring to.

Also don't forget OTR plugin.
otr.cypherpunks.ca

This to be honest.

Vkontakte is the only social media I have
and even that I only have to communicate with the Russian and Ukranian шлoхи

bump

Telegram is known not to be secure since the French/Belgian terrorist attacks.

sms just works

>no one ever talks about it.

That's because it works. (((They))) would rather you used broken shitty messengers that seem to have a lot of push behind them.

It isnt

Whatsapp is better, just stick with it.
Or use whatever the fuck you want and stop looking for approval.

Signal
whatsapp has implemented the signal protocol too
app is completely open too i think
not sure about the server side but could be too

>That approach is a bit extreme, but I still wouldn't trust my mobile device though.
It's not extreme at all, anyone knows that phones are severely compromised, even if you trusted the NSA and your phone manufacturer to not put backdoors most phones have serious CVE's related to the unmaintained closed source drivers

All of them have much better security for the tech illiterate than Telegram
>app is completely open too i think
It is
>not sure about the server side but could be too
It's open but the main dev of Signal doesn't want you running your own server, he doesn't federate with other servers aside from his own

Do you know how GApps works? If you did, this debunked argument of "MUH GOOGLE DEPENDENCIES" would no longer plague you mouth breathing retards.

Learn how it works.

>mouth breathing retards

The irony. You don't know shit.

The real irony is that hes right and people that run Android without gapps are fucking morons.

Moxie (Dev of signal) doesn't mind others running instances of Signal and redistributing it under a different name because the software license allows it.

He doesn't federate (share user Base) because it's a clusterfuck for development as you've gotta coordinate with all the other companies which can be a bitch and time consuming. He tried already with Cyanogen when they were the main ROM provider for Oneplus One. Cyanogen fucked up multiple times and it held back development. I know because a friend of mine used their version of signal and it would be unreliable as fuck.

Tl;Dr - Use signal.

Explain why I'm wrong you fucking jew

>pro tip: I'm not so kill yourself

>Explain why I'm wrong you fucking jew

Because you ain't right you fucking nigger. Explain to all of us why you're right.

I'll save you the reply: you can't and I thought so.

>year 2000+15+1
>taking security advice from a KGB agent

>posts something completely out of context
>asks for alternatives

OK here we go you successfully baited

Http://support.whispersystems.org/hc/en-us/articles/213190817-Why-do-I-need-Google-Play-installed-to-use-Signal-

>Why GCM is the only option to serve the signal users

It doesn't matter what pipe the data goes through as the messages are encrypted end to end.

it uses this developers.google.com/cloud-messaging/

They just use GCM to wake the phone once there is a message from the SIGNAL servers.

The worst Google could do with GCM is find out how often you connect and receive messages. Not even from whom just that you get messages and how often.

Answers your paranoia?

It is normie friendly . faggot

>normie
>faggot
>nigger
>jew
>hurr durr i've read the revision history on all these chat apps, I know more than U
is there a better chan yet?

I don't think that was what the other guy meant. Of course if the communication is end-to-end it shouldn't matter one way if GApps is there - that just means the content is encrypted and your communication is private.

What he meant was that GApps is closed source and is constantly checking in with Google:

>The trust in Android for its security and openness is unjustified. While AOSP Android is truly open source, the Google apps (and especially, Play services) are not. Thus it's impossible to determine what these components exactly do and which data is transmitted to the Internet without you knowing.

augmentedmind.de/en/articles/android-without-google.html

Even if you trust any part of the GApps to not be recording everything typed in some fashion (it is Google after all), there is still more metadata being gathered between the users using GApps on their phones.

Trying to eliminate GApps is removing a point of failure, a black box. It's almost analogous to the Management Engine on chinkpads. Yes, we know what Intel says it's for, but it is a massive unknown and could be used for basically anything.

>WhatsApp
>owned by Facebook
>Safe

Kek

Yes I see what you're saying and I completely agree.

However he's isolating the GApps and signal issue as if it renders any encrypted chat app useless.

The intel management is a very deep subject but yes we agree :-)

He said signal was compromised BECAUSE it uses GApps. See what I was objecting to?

>sabotage government program
>put national security at risk
>steal top secret information
>run away to foreign enemy nations like China and Russia
>sell said top secret information to foreign nations
>treated like a celebrity
>talks like hes some messiah and thinks his opinion matters on everything
>everyone eating it up
he cant keep getting away with it

The problem for many of us (as began to explain) is that we don't use gapps in the first place. Signal is compromised in a sense by requiring it, even if "it doesn't matter which pipe it goes through".

Besides, if it really doesn't matter, why send it through Google's and not one that we can place some amount of trust in? Why shut out the people that are actually diligent about their security?

low level contractor has opinions on things.. i lold

Retards itt be like
> "what is secret chats"
>what is password authentication
You are more stupid than whoever fucked up using it

Theres nothing wrong with google notifications. They cant possibly learn what ur writing in chats. Besides theres Signal without it and its working fine

Hes right in that telegram is not secure apart from verified secret chats which retards like op cant comprehend

>didn't even read the thread

I glanced thru. There s only 3 occurences of the word secret.

secret chat is not supported on windows

the other services don't even have a desktop version.

wire has :^)

Use Android VM

>Use Android
>expect privacy

>listening to a traitor and a snitch giving advice on how to keep secrets.

Cred Forums has really gone down the drain

B-but muh pony porn sticker pack

iMessage. However, it doesn't matter what YOU want to use, the other person has to be using the same thing. I can't iMessage someone using Telegram.

>tell people how tyrannical their government reall is and risk your way of life forever doing so
>traitor

Thank you for Correcting the Record.

twitter.com/Snowden/status/778592275144314884

I trust that's simple enough for you.

No, they are both not perfect, in significant ways. But yes, they are the best we've got right now.

WhatsApp's encryption is just as good (better at link-level, because Noise), but it's a huge shame about the Facebook phone number disclosure thing, I'd have to withdraw any recommendation due to that. It's still a good thing that they have the encryption, for the like a billion people who do use it anyway.

I've been meaning to take a closer look at Wire, and I'm sure I will at some point. I'm cautious and guarded about the possible startup exit plan/incredible journey to come and their nebulous plans for eventual monetisation. I think that'll end in tears in some way, even if Wire were technically perfect. (Hell, I trust LINE more about that - at least they know the Japanese and weebs will always buy cute stickers.)

Also MTproto is absolute shit.

That does allow for a carefully-positioned passive attacker to build a complete connection network graph, but none of the things discussed in this thread have any metadata protection anyway - that is a Hard Problem, still currently unsolved. I am working on it, but it will be years before anything I am working on will be ready for anyone to use.

Private encryption protocol, basically
> it's a reliable encryption system, trust us!
Signal and whatsapp are the same open, audited, proven protocols.

>666+666+666+6+6+6
>Having friends

One that you're not allowed in.

you mean the one with that poo in the loo that keeps shitposting all the time and that gurofag?

Is signal actually more safe if no one I text also uses it? isn't it just another party that has my texts that way?

Mate if you can read it, it's somewhere on the phone unencrypted.Encrypting communications is about keeping the line secure, not the phone. Use full disk encryption if you need to secure the phone as well.

>Also MTproto is absolute shit
Citation needed

Whatsapps closed source, innit? Who knows what their encryption really is?

EFF says Telegram is better than Whatsapp

P sure there was a blog post or whatever written by the guys behind signal when they saw whatsapp's implementation of the signal software, and they said it was good.

Who knows whats really inside that apk now?

of course they could have removed it, but they have no incentive to after putting that much work in.

Use Tor. Use Signal.

>omemeo

>Use Signal.
even if no one I know uses it?

They may have inserted a backdoor heartbleed or logjam style

those were bugs, you idiot. in software that the developers definitely saw the git logs to when they did the audit.

I didnt say they were intentionally left backdoirs. Anyway, for all i know it could have been deliberate.

What i meant with " heartbleed style" is that there are ways to totally bork an encryption program.
You should learn to read before resorting tocalling people names.

What if no one you know uses it because no one they know uses it?
It's better than most sms apps anyways.

asks for phone number

anything that does that is a botnet fampai

then you use whatever message app they use while trying to get them to convert

I have people that use GroupMe, WhatsApp, Telegram, FB Messenger, and plain old SMS
always trying to get people to move up

The lib is open source still, faggot.

Wow, that really narrows it down.

Yup, Dropbox can listen in on it.

Moscow

Here's what I want to know. WhatsApp says they can't read your messages. That means there's an encryption key that they don't have that resides in your phone.

>message person
>keys get exchanged
>whatsapp has copies of the keys

If the key exchange takes place through the servers of the company, they can promise they have end to end encryption and the message can't be decoded en route, but you cannot assume they can't just reach into your app and grab your encryption key.

PGP is the only way Cred Forumsentlemen

Snowden uses Signal if you like him so much

Why don't you marry him u queer

Just make a secret chat and enjoy your gf nudes, fagtron.
He said >by default

this

is wire on AUR or do I need to use their shitty build from source on (((github)) using (((node.js))) and (((grunt)))?

>really feels like i'm a web developer

>just because Telegram doesn't encrypt by default it's unsafe.

Yes, that's literally what is meant by the usage of the term "unsafe" you fucking moron.

Does signal have desktop support?

How do you enable end to end encryption in telegram? Couldnt find a setting.

>Less secure than WhatsApp
Including whatsapp store data on google clouds
>Telegram is le Russian botnet
Including telegram made by brothers to cover them from FSB

Face it: Snowden is pussy
And this

New secret channel?

>this level of insane OCD over muh privacy like we're all state spies
Just stop using shitty social media products and starve the beast, retards. You don't need a triple-hextuple GPG-quad HSS OpenGLGiganigga XJ-9-signed fifty bypass morse code IM client stored on a disintegrating pen drive to talk to Kyle from math class about Pokemon. Fuck me people are dumb.

Well Cred Forums was wrong again and said something retarded

The thing that's supposed to make "secret chats" "secret" is broken, is what we're talking about here.

Somehow I feel you have terrible acne

I was talking about a computer, and the fact of the screen prompt being unencrypted is a known risk factor; but that's not the same thing as logging every communication and keeping it stored in cleartext on the computer by default.

I severely doubt users would use it as it seems to be "hidden", there remain black hats and forensics. Great.

Yeah wtf russkis, I thought you knew better.

Telegramm has stopped operating out of Russia long ago mainly because russkis wanted data from Pavel.

sup, moron here
how's your battery life? do you share your activity feed with your spouse and kids?
>"okay google"
>"hairy transvestites in my area"
>of course i want to share my wifi password with jewgle, someone will fine them for 7 million and they'll pinky swear to behave

moxie is butthurt about people forking nongapps versions, and anally invades every single attempt made so far

Snowden will only recommend software that encrypt stuff by default.
And telegram encryption is shit anyway.

that's just for show because he needs to please google and the cucker government

deep down he is rooting for them to succeed and we all know it

>((Edward Snowden))

My golden rule is 'If it's on a list of things the British government wants to ban or have backdoors to then it's good to use'

That's just the Google botnet in disguise

Apple users deserve to be spied on

iMessage is the most secure chat app of them all. Only Apple devices have this.

>Qubes OS container

Can't get my fucking normie fag friends to use anything but Facebook Messenger reeee

What about the Discord botnet?