The is the messenger matrix from the German blog Kukitz-Blog (it is a blog with a strong focus on privacy and is in my opinion well informed). But no worries, the matrix is also available in English.
Maybe you can take some inspiration from the matrix.
The issue with me is ease of use to use with other people. I've tried Matrix and Session with other tech minded people and it's not nearly as seemless as Signal. I'm just waiting for an app that ticks all my boxes, really looking forward to Signal usernames though.
it would be more usable if the left column were locked so you don’t lose it when scrolling horizontally. Same for the top row.
“Email / Phone required for signup” ← these are on two very different levels of intrusiveness.. really needs to split into two rows. And from there, it’s interesting to know whether a phone must be a mobile phone or not. With email, it’s interesting to know if disposable addresses are blocked or not.
Also, for “decentralized network” for #Signal, you simply have “no”. I would change that to “No (Amazon)” to inform people they are feeding Amazon by using Signal.
In fact I suggest also adding a row: “feeds a tech giant” because privacy from tech giants is not the only factor -- some of us trying to live ethically do not want to even feed privacy offending tech giants, such as:
Amazon
Microsoft
Google
Cloudflare
Apple
Facebook
And as someone else pointed out, Delta Chat is missing.
This is worthy of a more usable interface than this spreadsheet widget.
It took me a fair bit of scrolling to identify which attributes each of the six purple "N/A" values for SimpleX are, but now that I have I agree they're accurate (though I think there is an argument to be made for just writing a green "no" for each of them).
It is noteworthy that SimpleX is currently the only one of these (currently 34) messengers to not have a single red or yellow cell in its column. well done, @[email protected]! 😀
edit: istm that SimpleX (along with several other things) getting a "no" in the "can hand IP address to the police" row is not really accurate. SimpleX does better than many things here in that they don't have a lot of other info to give to the police along with the IP, but, if Bob has their phone seized (or remotely compromised) and then the police reading Alice and Bob's messages from Bob's phone want to know Alice's IP address... they can compel a server operator to give it to them. (And it is the same for a user who posts a SimpleX contact link publicly.)
I noticed that some of these are apps and some are protocols. It makes sense to list the app if the protocol is proprietary, but it's confusing that there can be multiple apps for an open protocol and not all of those apps could feature the same level of privacy.
You got some errors for XMPP e2ee: the popular mobile clients all enable it by default, it has perfect forward secrecy and a/v calls are usually also e2ee and of course data is encrypted in transit.
I think that information for XMPP is inaccurate. I use it for private communication. E2E encryption is on by default in Conversations, messages are removed from a server if MAM is off.
So contributions require folks create accounts with Microsoft for GitHub? That’s a bit contradictory, but here you are telling folks to raise “Issues” exposing themselves to Microsoft’s ToS & data collection machine. Not to mention all they are doing with Copilot.
Telegram was launched in 2013 by the brothers Nikolai and Pavel Durov. Previously, the pair founded the Russian social network VK, which they left in 2014, saying it had been taken over by the government. Pavel sold his remaining stake in VK and left Russia after resisting government pressure.
The messaging app front I consider to be a long-term stalemate, mainly due to crippling network effects. Another factor is that strange psychology at play when making app decisions, where a person will have page after page of junk apps on their phones, yet utterly balks at the notion of installing a second messenger.
Even if a large actor (say, the EU?) managed to bruteforce some interoperability into being, I wonder whether that would be to the detriment of small apps in terms of undermining (or even eliminating) their privacy protections. I can use the likes of Session or Simplex all day long, but if the other side of the conversation is on a corporate product like Whatsapp... It runs into the same problem as email.
Briar and Cwtch stand out as recommended for private communication, both featuring end-to-end encryption by default, utilization of Perfect Forward Secrecy, and encryption at rest on both server and client sides. They are also decentralized and not dependent on DNS, which enhances privacy and security.