Privacy

31833 readers

161 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

426

I made a spreadsheet that ranks messengers for privacy (privacyspreadsheet.com)

submitted 9 months ago by UnHidden@lemmy.world to c/privacy@lemmy.ml

129 comments fedilink hide all child comments

I've been working really hard to research and rank messaging apps by their privacy. The more green boxes the better.

I plan to turn PrivacySpreadsheet.com into a place for privacy data on everything from cars to video games. It's all open source too on GitHub.

Not trying to advertise, I just put a lot of time into researching all this, and I want to share it since I think others could benefit.

you are viewing a single comment's thread
view the rest of the comments

[–] poVoq@slrpnk.net 9 points 9 months ago* (last edited 9 months ago) (1 children)

You got some errors for XMPP e2ee: the popular mobile clients all enable it by default, it has perfect forward secrecy and a/v calls are usually also e2ee and of course data is encrypted in transit.

[–] rcbrk@lemmy.ml 6 points 9 months ago* (last edited 9 months ago)

Yep. Really need to compare the best-practice XMPP clients (e.g. Conversations, Siskin), not half-developed clients more suited to the XMPP landscape of 20 years ago. -- Just as Matrix's ranking in the table is high because only the state-of-the-art clients are considered -- there are plenty of Matrix clients which don't support e2ee, for example.

This list of mistakes isn't exhaustive, but extending from poVoq's mentions, here are some things XMPP(conversations) does actually have positive findings for:

End to end encrypted by default [OMEMO]
End to end encryption is available [OMEMO]
Voice/video calls are end to end encrypted ["calls are always end-to-end encrypted with DTLS-SRTP"]
Utilizes Perfect Forward Secrecy [OMEMO]
Data is encrypted in transit [TLS and OMEMO]
You can verify contacts out of band [https://gultsch.de/trust.html]
There has been a third party code audit [2016]
Provider can scan for illegal content [If you send content unencrypted, otherwise no different to Matrix/Signal]

I'm not sure there's much differentiation between any apps when it comes to "What can the apps hand to police?"; if the police have physical access to your device and app, they have access to everything you do on that device/app.