Migrate any sensitive discussion to Signal. If possible, migrate all messaging to encrypted traffic. By using encrypted traffic you safeguard encrypted tactical exchange via obfuscation. A drop in an ocean is less identifiable than a drop in a pond.
Always turn on disappearing messages. Have a backup mechanism for when they take down Signal, as it is inevitable.
It could be a technical reason relating to Signal.
I wish I had a better answer than Signal for messaging, but it is the best we have right now. Most people who are security or tech familiar are very disconnected from what ordinary people can use or are willing to learn to use.
We need tech that has sensible defaults, low user complexity, and minimal new user friction. Right now, that’s Signal.
Most tech I make these days doesn’t even require an email. I generate keypairs behind the scenes instead and use QR codes to manage identity. After accessing the service, I then can escalate with unobtrusive notices (Provide your email to recover your account, etc). This auto-account pattern eliminates entry friction.
Of course, you need bot mitigation so a privilege escalation can be used as a user progressively explores more capabilities. The technical of this is a bit involved but the end-user experience is very low friction.
This gets a user invested (they can see content and actually interact with it), which then gives them a reason to progressively use more features.
Just theoretical right now but we’ll see if it works for layman users. If someday people use it over Signal, then I’ll know.
Matrix has optional encryption and is difficult for non-tech savvy users to setup.
That puts them at the mercy of tech users, and without mandatory encryption it makes people much more vulnerable.
That said, I use Matrix myself, mainly to use WhatsApp without using WhatsApp. I also built a translation plugin to use an LLM for translating to any language in a natural tone, with audio voice transcriptions and auto-translations of my voice messages to the target language.
So I like Matrix but still would recommend Signal.
It is for people outside of tech circles. Just having to locate an instance is a massive amount of friction. But you need to locate an instance and a client, and there are a lot of configurable options and things that can go wrong.
Signal is turn-key, easier than Whatsapp friction wise, encryption by default, open source, non-profit, and secure. I don’t like that their messaging platform isn’t more open and that they don’t have mitigation against, say, AWS going offline, but at the moment, they are the only app I have successfully migrated “normal” people to.
I think in the future, fediverse-esque tech will reduce their friction. Instead of managing instances, data is user-sovereign, instances never see non-encrypted user data, users automatically move between them, you don’t sign up you have generated signing keys that are opaque to users unless they want to see them (tech people), etc. Fediverse can actually be LESS friction than current social media people use, but that hasn’t been implemented yet.
Download Signal Private Messenger.
https://apps.apple.com/us/app/signal-private-messenger/id874139669
https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms
https://signal.org/android/apk/
Create local groups.
Organize there.
Migrate any sensitive discussion to Signal. If possible, migrate all messaging to encrypted traffic. By using encrypted traffic you safeguard encrypted tactical exchange via obfuscation. A drop in an ocean is less identifiable than a drop in a pond.
Always turn on disappearing messages. Have a backup mechanism for when they take down Signal, as it is inevitable.
You’ve been invaded. Act accordingly.
Ya gotta love the one coward that downvoted this and doesn’t have the balls to show themselves in an explanation why.
Just like ICE, they’re spineless.
It could be a technical reason relating to Signal.
I wish I had a better answer than Signal for messaging, but it is the best we have right now. Most people who are security or tech familiar are very disconnected from what ordinary people can use or are willing to learn to use.
We need tech that has sensible defaults, low user complexity, and minimal new user friction. Right now, that’s Signal.
Most tech I make these days doesn’t even require an email. I generate keypairs behind the scenes instead and use QR codes to manage identity. After accessing the service, I then can escalate with unobtrusive notices (Provide your email to recover your account, etc). This auto-account pattern eliminates entry friction.
Of course, you need bot mitigation so a privilege escalation can be used as a user progressively explores more capabilities. The technical of this is a bit involved but the end-user experience is very low friction.
This gets a user invested (they can see content and actually interact with it), which then gives them a reason to progressively use more features.
Just theoretical right now but we’ll see if it works for layman users. If someday people use it over Signal, then I’ll know.
I prefer Matrix, harder to shut down and decentralized.
Though signal is still great!
Matrix has optional encryption and is difficult for non-tech savvy users to setup.
That puts them at the mercy of tech users, and without mandatory encryption it makes people much more vulnerable.
That said, I use Matrix myself, mainly to use WhatsApp without using WhatsApp. I also built a translation plugin to use an LLM for translating to any language in a natural tone, with audio voice transcriptions and auto-translations of my voice messages to the target language.
So I like Matrix but still would recommend Signal.
Encryption is enabled by default in most sane clients for DMs. Groups are not by default because encryption in huge groups is slow.
And if you use a public server it’s not that hard to set up.
It is for people outside of tech circles. Just having to locate an instance is a massive amount of friction. But you need to locate an instance and a client, and there are a lot of configurable options and things that can go wrong.
Signal is turn-key, easier than Whatsapp friction wise, encryption by default, open source, non-profit, and secure. I don’t like that their messaging platform isn’t more open and that they don’t have mitigation against, say, AWS going offline, but at the moment, they are the only app I have successfully migrated “normal” people to.
I think in the future, fediverse-esque tech will reduce their friction. Instead of managing instances, data is user-sovereign, instances never see non-encrypted user data, users automatically move between them, you don’t sign up you have generated signing keys that are opaque to users unless they want to see them (tech people), etc. Fediverse can actually be LESS friction than current social media people use, but that hasn’t been implemented yet.
Signal is a good start.
I recommend simplex chat
It is a tiny bit more complicated to set up and it’s not syched on a centralized server or use any personally tracable identifier.