🇬🇧 🇪🇸 🇫🇷
Any service that does not show how it works in detail (free software) has not received our trust.
Any service that passes our exchanges through its servers runs the risk that they will be hacked or bought one day, and therefore does not have our full confidence either.
as secure as possible humanly and technically in terms of privacy
as many functions as possible among those that allow us to communicate today (text, audio and video, in pairs or groups, sending files, even screen sharing)
the possibility of using the service on Android, Apple and Wind mobiles, and if possible on computers (Mac, Wind. and GNU/Linux)
the size of the user community is still a criterion, but a secondary one
The two tools chosen send messages from one user to the other without going through a server that can store them (neither in clear text nor encrypted). And they have been reviewed by academics.
offers the best technical and human guarantees for the confidentiality of exchanges between users. But the counterpart is that the link with each interlocutor must be created individually by exchanging an identifier of his or her choice (real name or pseudonym). Moreover, it still lacks some "basic" functions that we are used to: groups for chatting and conferences. This is currently under development. There are not a lot of stickers and other things to express one's emotions. And if you lose your main password, which nobody else has, the account is lost forever. On the other hand, you can use it on mobile and computer (Mac, Wind. and GNU/Linux), and make backups.
Humanly speaking, the service is part of the GNU Project, a project serving the [human] community since the 80's carried by idealists. It is the free software movement that inspired Wikipedia.
Technically, there is no server that follows the exchanges, and the users are "anonymous". It is a decentralised (distributed) system. The exchanges are truly confidential and will remain so. Explainations.
Commercially, Jami is developed by a free software services company (SFL) which sells its expertise in providing a confidential messaging service.
For these human and technical reasons, Jami can never be sold to a GAFAM.
is closer to our habits on WhatsApp. It is better known by the general public and will be all the more easily chosen by our entourage.
Technically, it is based on phone numbers. As a result, it is still possible to track (at Signal) who is in contact with whom, although we are fairly certain that there is no such tracking. But the exchanges do not go through centralized servers. The servers are only used to connect users.
Alerter Edward Snowden recommends the application, which he believes is one of the best ways to avoid mass surveillance programs.
The Electronic Frontier Foundation (EFF) has included Signal in its guide to self-defence against surveillance.
Commercially, Signal is halfway there: it is being developed by a commercial company that is funded by a foundation. The medium-term future is not guaranteed.
Tox, a bit like the principle of Signal but with an even more hidden message circulation (onion layer routing). Not yet completed.
Session, is also very promising and comes from a foundation but is still only text, no audio or video calls. Also uses onion routing.
XMPP Solutions, in fact, are also quite solid and interesting, but the programs to be installed have a different name on each device (depending on whether you are on Android, Apple, Wind. etc.), sometimes with different functions from one to the other, which doesn't make it easy to spread by word-of-mouth.
Silence, only offers the exchange of SMS and MMS messages, in a confidential ("encrypted") way.
Commercial, therefore likely to be resold, to add advertising, or to restrict free use to make users switch to paid mode...
Olvid stands out with a very secure system in technical terms, but remains the flagship product of a company that seeks to sell its services to businesses.
Telegram, which has announced that it will start "monetising" the application in 2021. What's more, the server programs are not known. It would appear that the product is honest because it is used in various countries that are heavily censored and repressed, but we cannot tell.
Citadel, FB Messenger, JioChat, Line, Skred, Skype, Threema, Viber, WhatsApp, Wire...
As this is open source software, it is also possible to compile the two selected tools yourself. So if there was hidden tracking to servers, it would be relatively easy to get rid of it. And in both cases, the code has been revised.
Jami's non-centralised operation avoids the production of metadata that could be stored and then sold, pirated or required by a government.
Signal's operation requires the minimum amount of metadata: the sender's telephone number, and the date and time. The developers ensure that this data is erased and that only two timestamps are kept, the first for the creation of the account and the second for the last connection to the service, which are essential to ensure the service.
Signal is developed in the USA, so is subject to laws that allow US intelligence (various offices, see "CLOUD Act") to access the stored data, but they store virtually nothing. This is better than in France where they would have to store a certain amount of data for a year or two.
The company shows on its site how it has already responded to such a request by providing exactly two dates for a user.
Jami is developed in Canada, and is therefore not yet subject to US constraints, but agreements are under discussion. On the other hand, by their design, the servers really don't have much to offer to intelligence.