~/tools/messaging

Messengers

last updated 2026-06-17 Β· 7 recommendations Β· what changed

Before picking a messenger, frame it as platform replacement: what you're leaving matters as much as what you're joining. SMS to iMessage is a meaningful gain. WhatsApp to Signal is a significant one. WhatsApp to Telegram is not an upgrade at all, it's a lateral move into something arguably worse, wearing a privacy costume.

before you pick End-to-end encryption protects message content, not the fact that you messaged someone, when, or how often. That's metadata, and it's where messengers really differ. Who can see your social graph matters as much as who can read your texts.

what actually matters

e2ee by default

Encryption you have to remember to turn on is encryption that's usually off. This single criterion disqualifies more apps than any other.

metadata exposure

What the server learns: your contacts, group memberships, timing patterns. The best designs can't even see who's talking to whom.

identifier required

Needing a phone number ties chats to a real-world identity. Usernames are better; no identifier at all is the frontier.

protocol scrutiny

Open, peer-reviewed protocols (Signal's, MLS) have survived years of cryptographic attention. Custom in-house designs haven't earned that trust.

recommendations

Signal

the default pick
πŸ‡ΊπŸ‡Έ usa (nonprofit)e2ee alwayssealed senderopen sourcefree

The current gold standard, and not just by reputation: the Signal Protocol has been cryptographically scrutinized more than any other consumer messenger and holds up: it's what everyone else borrows. Minimal metadata retention (subpoena responses have famously contained two timestamps), sealed sender, disappearing messages, and it looks like a normal app, which is why you can actually move your group chats here. Essential for anything sensitive; reliable cross-platform for everything else.

For Android users who want more: Molly is a hardened Signal fork with an encrypted local database (locked at rest behind a passphrase) and built-in Tor/Orbot support. Same network, same contacts, sturdier client.

good
  • E2EE on absolutely everything: messages, calls, groups, attachments
  • Sealed sender and private contact discovery minimize metadata
  • Usernames mean you can chat without sharing your number
  • Nonprofit, open source, relentlessly audited
mind the
  • Phone number still required to register
  • Centralized: one service, one US-based operator
  • Desktop app must be linked to a phone first
free, donation-funded signal.org β†’

iMessage

the apple-baseline pick
🍎 apple onlye2ee device-to-devicee2ee rcs (beta)needs adp for backupsfree

A reasonable secondary for everyday domestic conversation between Apple devices: E2EE device-to-device, zero setup, and substantially better than SMS or unencrypted RCS. The trust model is simple: you're trusting Apple entirely. Since iOS 26.5, green-bubble chats with Android can also be end-to-end encrypted over RCS, but it's beta and depends on both carriers supporting it, so plain SMS fallback still happens when it isn't available. iCloud backups are a separate trap: not E2EE until you enable Advanced Data Protection. A useful mental model: Signal for anything sensitive, iMessage as the baseline for people who won't install Signal.

good
  • E2EE by default between Apple devices, no setup at all
  • Meaningful upgrade over SMS/RCS for ordinary conversation
  • Already installed on the phones your family actually uses
  • Beta E2EE RCS now reaches some Android contacts too
mind the
  • Without Advanced Data Protection, iCloud backups expose message history, enable it
  • E2EE RCS with Android is beta and partial: needs carrier support, and some users report delivery hiccups
  • Closed source; trust is entirely in Apple; Apple-only by design
free with apple hardware apple ADP guide β†’

SimpleX

the no-identifier pick
no user ids at alle2ee alwaysopen sourcemetadata-resistantfree

Genuinely interesting for high threat models: no user IDs whatsoever, not even phone numbers or usernames. Conversations run over unidirectional relay queues that can't be correlated into a social graph, making it truly metadata-resistant by architecture rather than by policy. Newer and less battle-tested than Signal, but the most privacy-forward design currently available in a consumer messenger.

good
  • No identifier means nothing to subpoena, leak, or correlate
  • Metadata resistance by design, not by promise
  • Open source, double-ratchet encryption, self-hostable relays
  • Independently audited twice (Trail of Bits); post-quantum-resistant key exchange built in
mind the
  • Younger protocol with a shorter audit history than Signal's
  • Multi-device and delivery UX still have rough edges
  • Small network: you'll be onboarding your contacts yourself
free, open source simplex.chat β†’

Matrix / Element

the federation pick
federatede2ee in dms/private roomsself-hostableopen sourcefree Β· hosting optional

Matrix is a protocol, not a company: like email, anyone can run a server and talk to every other server. The result is messaging nobody can switch off: the right answer for communities, team communication, and people who want to own their infrastructure. Know the fine print: E2EE is available but not universally default (it depends on server and client configuration), and room metadata is visible to every participating server. More friction than Signal; a different use case, not a replacement.

good
  • No central operator: self-host or pick any homeserver
  • E2EE in DMs and private rooms (verify your client's defaults)
  • Element now requires verified devices for E2EE messages by default
  • Rich rooms, threads, and bridges to other networks
  • No phone number needed
mind the
  • E2EE coverage depends on configuration: not a flat guarantee
  • Room metadata (members, timing) spreads across participating servers
  • Key verification and device management confuse newcomers
free Β· self-hosting from ~€5/mo element.io β†’

Briar

the off-grid pick
peer-to-peerno servertor / bluetooth / wifiopen sourcefree

Briar has no server to subpoena because there is no server: messages travel peer-to-peer over Tor, or over Bluetooth and local Wi-Fi when the internet is down or blocked. Built for activists and journalists under real pressure. As a daily messenger it's spartan; as infrastructure of last resort it's unique.

good
  • No central anything: nothing to block, seize, or log
  • Works without internet via Bluetooth/Wi-Fi mesh
  • All traffic over Tor by default; no phone number or email
  • Desktop client (Windows/macOS/Linux) now in beta alongside Android
mind the
  • Android and a beta desktop client only; iOS still unsupported (platform reasons)
  • Both parties must be online to deliver: no server-side queueing
  • No voice/video; battery cost from constant Tor connection
free briarproject.org β†’

Threema

the pay-once pick
πŸ‡¨πŸ‡­ switzerlandrandom id, no phone #one-time purchasemostly open source€6 once

Threema skips the subscription model entirely: pay once, get a randomly generated Threema ID, and you're done: no phone number, no email required to use it. Swiss jurisdiction and a long-standing focus on metadata minimization mean the server learns very little about who's talking to whom. Most of the client code is open source and has been independently audited, though parts of the backend remain closed. Owner changed to Comitis Capital (German PE) in Jan 2026, the second private-equity owner since 2020.

good
  • No phone number or email needed: random ID is the only identifier
  • One-time purchase, not a recurring subscription
  • Swiss jurisdiction, strong metadata minimization by design
  • Independently audited; most code is open source
mind the
  • Small network compared to Signal: onboarding contacts takes effort
  • Some backend components aren't open source
  • Now owned by German private equity (Comitis Capital), second PE owner since 2020
  • One-time cost rose to €6, still real friction next to free competitors
€6 one-time, comitis capital (de) threema.ch β†’

Session

the onion-routed pick
onion-routedno phone numberdecentralized service nodesopen sourcefree

Session routes every message through its own onion-style network of decentralized service nodes rather than a company-run server; there's no central operator to subpoena for your metadata. Built by the Session Technology Foundation (formerly the team behind Oxen), it needs no phone number or email; an account is just a generated ID. Onion routing adds latency you'll occasionally notice. A 2026 funding crisis nearly shut the project down entirely; it's still operating, but now on a much smaller team.

good
  • No phone number, email, or other identifier required
  • Onion routing over decentralized service nodes: no central server to compel
  • Open source clients and protocol
mind the
  • Independent 2026 research found multiple protocol vulnerabilities, including a flaw that could in principle allow network takeover
  • Survived a 2026 funding crisis that nearly shut it down; runs on a much smaller team now, plus volunteers
  • Onion routing trades some speed for the metadata resistance
  • Smaller user base: expect to onboard contacts yourself
free, open source getsession.org β†’

the telegram problem

telegram is not a private messenger This needs saying clearly, because it's frequently and dangerously mislabeled. Regular chats and all group chats are server-side encrypted: Telegram holds the keys and can read them. Only "Secret Chats" are E2EE, they're not the default for anything, and they're effectively unavailable on desktop. The custom MTProto protocol has seen far less audit scrutiny than Signal's. Messages sit on Telegram's cloud indefinitely unless you delete them, and the company has handed user data (IPs and phone numbers) to law enforcement when compelled; the CEO's 2024 arrest in France produced real policy shifts, not principled resistance. It's a cloud messenger with a privacy reputation it has not earned. Treat it as social media, never as a Signal replacement.

at a glance

messengere2ee defaultidentifierarchitecturemetadata exposureplatforms
Signalyesphone # (register only)centralizedminimalall
iMessageapple-to-appleapple idcentralizedapple sees plentyapple only
SimpleXyesnone at allrelay queuesnear zeroall
Matrix / Elementdms & private roomsusernamefederatedper-serverall
Briaryesnonepeer-to-peernear zeroandroid
Threemayesrandom idcentralizedminimalall
Sessionyesgenerated idonion-routed / decentralizednear zeroall

"metadata exposure" is what the operator could learn, not what they promise to log.

worth knowing

The best messenger is the one your people will use. Signal on everyone's phone beats a perfect tool nobody installed. Move one group chat at a time; the family one is usually easiest.

Turn on disappearing messages. Encryption protects messages in transit; it does nothing about the archive sitting on a stolen or seized phone. A default timer (a week, say) is cheap insurance.

WhatsApp is better than its owner suggests, and worse than it looks. It runs the Signal protocol underneath, so content encryption is solid. But it's Meta-owned, metadata is the product, and the privacy policy reflects that.

Back up your keys. On Matrix especially: lose your key backup passphrase and your encrypted history is gone for good. Store it in your password manager.