Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: What are the end to end encrypted desktop messengers?
52 points by xstartup on Jan 29, 2018 | hide | past | favorite | 52 comments
Preferable multi platform. I can't believe, it's not solved yet.

Have you not tried searching yourself? There are quite a few.

Bitmessage, Tox, Wire, Matrix. Even Signal offers a desktop app, but it needs a phone number to register.


Perhaps you're referring to the fact that there's no 'standard' solution. This is the way of things, it seems - network effects weaken as choice increases.

I've used Tox before, worked fine.

Wire (https://wire.com/) is end-to-end encrypted, based on Signal protocol. It's open-source and cross-platform with mobile apps. I've been using it instead of Skype for two years and I don't regret that decision.

Looks interesting... But it is not federated, so one will not use it beyond team communications (which is a good start though)

What do you mean by "beyond team communications"?

You meet a random person and wish to connect on a chat/presence system - that is what I mean by "beyond team communications". Acceptability of such a system for that purpose either requires overwhelming adoption of a single provider (Whatsapp, Facebook Messenger) or federation (SMS, SMTP, XMPP back when Google had not yet killed it). Team communications does not suffer that acceptability requirement because tooling is hierarchically mandated.

I've been eying Wire for the interface and ease of installation. In terms of looks and handling it seems like one of the best options to hand to people with little technical interest/aptitude/patience.

Moxie Marlinspike has commented that Wire does not use the Signal Protocol but only took some components from it and created their own protocol, which he did "not recommend" https://news.ycombinator.com/item?id=12690148 Has there been any changes to that situation?

Any mail client + any mail provider + GnuPG [0]

* Totally multi platform, even for platforms not yet invented

* Totally robust, though you might want to follow an operational guide for this [1]

[0] https://www.gnupg.org/

[1] https://gist.github.com/grugq/03167bed45e774551155

GnuPG however lacks forward security, and that is seen as a downside compared to alternatives.

Very valid point, thus:

> The primary problem with PGP is that there is no Forward Secrecy. Losing a key means that all content encrypted with thatkey is compromised. There are two ways of dealing with this:

> create a single master holy grail key and guard it with your life

> create keys frequently and destroy them as soon as they are no longer needed

[0] https://gist.github.com/grugq/03167bed45e774551155#key-loss-...

forward secrecy* - I mix that up too...


Matrix paired with the Riot.im frontend offers the best functionalities. Do not trust anything with a Facebook label on it, especially Whatsapp.

Why not WhatsApp? Isn't it peer reviewed by Signal?

I know the OP didn't mention about a platform being dependent on having a mobile phone number...but an advantage of matrix is that it does not require such a number. I state this because the OP focused on desktop, so i am making an assumption here. Also, matrix (and other federated-based platforms) need not be hosted in a single silo...much like email, can be hosted by numerous servers, and yet interact freely.

WhatsApp worked with Open Whisper Systems to integrate the Signal Protocol. https://signal.org/blog/whatsapp-complete/

I've never heard of it being peer reviewed by Signal. And even if it is, there's a lot of stuff around Whatsapp apart from the protocol that most likely is not.

It was Open Whisper Systems. My bad.

They're the people behind Signal, kind of assumed you meant them :-)

The desktop client is still a resource hog though, I hope they'll manage to improve it. Matrix is the main reason I still use IRC channels (through bridges).

The riot.im website isn't bad from resource usage perspective. At least doesn't bog down my machine...though I'll admit "a website" may not fulfill OP's request for desktop app.

There are various desktop and mobile clients. Matrix is just a protocol.

The website is ok indeed, I should have mentioned that I was referring to this client: https://riot.im/desktop.html.

Any xmpp client that supports OTR. I like psi+ (https://psi-plus.com/), but there are many.

You can pair it with conversations on android (https://f-droid.org/packages/eu.siacs.conversations/).

OMEMO[1] seems to be the new hotness for end to end XMPP encryption. The feature is that it is better integrated than OTR and tends to be easier to use.

[1] https://omemo.top/

Keybase has good messaging functionality built it.

keybase and signal are my favorites; imessage, whatsapp, and some others also have native clients.

signal and whatsapp’s “native clients” are chromium-driven, but can run independently of the browser.

WhatsApp's "native" "client" is abusing your phone as a server. No-go IMHO

this is true for Signal as well, but I think this is a design feature: your phone becomes a 2FA token.

Keybase is great; opposite of anonymous if one was looking for that feature.

Do people still like Telegram? Personally, I love it but every time it comes up people question the quality of the encryption.

Am working on converting my people to Riot.IM/Matrix.org. Pretty user-friendly, considering they're alpha or beta, and their attention to their cryptography.

Yes, I myself am on several groups, most highly active with hundreds of users. However, I don't trust the Secret Chat feature too much.

Pidgin/Adium + OTR works well for many of my use cases. The Signal Desktop client also works well for me.

Does anyone have any suggestions for the following?

* Simple for family members to download and use?

* Opensource (server & client)

* Available on Linux, Windows, iOS and Android

Riot/matrix seems like a great match, but I worry that family members will be unable to use it easily.

> * Simple for family members to download and use?

psi https://psi-im.org/

> * Opensource (server & client)

Can install your own prosody instance or use one of the many free xmpp servers avalable.

> * Available on Linux, Windows, iOS and Android

I don't know about iOS, but on Android Conversations is excellent: https://f-droid.org/packages/eu.siacs.conversations/ and https://play.google.com/store/apps/details?id=eu.siacs.conve...

This looks like it might solve my problem. Thank you for the suggestion, I'll be looking into this!

You can try what i did...put it to a test!

1. Set up private test room on riot.im/matrix.org server.

2. Have family members download mobile riot.im app/client.

3. Have them play around with the system - specifically within the private room that you set up - and see what they like/dislike.

4. If they like it, and you aren't too worried about privacy, keep using that private room on the riot.im/matrix.org server.

5. Alternatively, for maximum privacy, set up your own matrix instance - using the reference synapse server - on a private VPS that you control, etc. Because of federation (for the win!), you can always later connect with other servers/rooms (that are not on your server, think like email federation).

Honestly, the UI on riot.im is so very intuitive, and has a very low learning curve; quite newbie-friendly (in my opinion). Good luck!

Wickr is a great option. they have Windows, Mac, Linux, iOS and Android apps. They also have a pro app that can do end to end encrypted voice and video calling with forward secrecy. the best part is message timers that cause remote destruction of messages. https://www.wickr.com/

Would Threema be an option? Gets occasional discussion here. Open source web client: https://github.com/threema-ch/threema-web/

Might be slightly off topic, but have you used Clatter from the Windows Store? Logs into 10 or 15 web clients at once. URLs can be added. Looks to be encapsulated edge, but highly useful.

Wickr is great, they have Mac, Windows as well as a few Linus Distro versions.


Cryptocat - not sure how that project is going these days, but here are some links:

https://github.com/cryptocat/cryptocat https://en.wikipedia.org/wiki/Cryptocat https://en.wikipedia.org/wiki/Nadim_Kobeissi

Signal desktop solves this problem

Only if you have a phone AFAIK.

Best human usable solution is iMessage.

Any mail client with either PGP or SMIME.

iOS/MacOS Messages/iChat is end to end as far as I know. I know it's not strictly multiplatform, but just putting it out there.

None mentions telegram secret chats ?

Telegram has security issues, see older threads.

As far as I'm aware, POTENTIAL security issues. No one's busted it and shown proof.

I still don't trust their encryption when compared to Matrix.

Telegram secret chats do not work on Desktop!


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact