I’ve been working really hard to research and rank messaging apps by their privacy. The more green boxes the better.

I plan to turn PrivacySpreadsheet.com into a place for privacy data on everything from cars to video games. It’s all open source too on GitHub.

Not trying to advertise, I just put a lot of time into researching all this, and I want to share it since I think others could benefit.

  • Cralder@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    10 months ago

    Bro put Tinder DMs on the list. Points for being thorough I guess lol.

    Jokes aside looks really useful. Good job!

    • UnHidden@lemmy.worldOP
      link
      fedilink
      arrow-up
      0
      ·
      10 months ago

      I forgot Grindr DMs, but you already know that ones gonna be red all the way down lmao

      Pls share with friends if you find it useful, I dont accept donations or anything, and it’ll never have ads or bullshit.

      I’m working on adding more services, but each one takes about 4 hours to research and review.

        • UnHidden@lemmy.worldOP
          link
          fedilink
          arrow-up
          1
          ·
          10 months ago

          Its not Google Sheets. It was initially generated with the tool because I like the formatting, but its HTML running on Cloudflare Pages. The source code is here

          If you see errors or hwve suggestions, please submit an issue on GitHub, they’re easier to track than here

  • poVoq@slrpnk.net
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    10 months ago

    You got some errors for XMPP e2ee: the popular mobile clients all enable it by default, it has perfect forward secrecy and a/v calls are usually also e2ee and of course data is encrypted in transit.

    • rcbrk@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      10 months ago

      Yep. Really need to compare the best-practice XMPP clients (e.g. Conversations, Siskin), not half-developed clients more suited to the XMPP landscape of 20 years ago. – Just as Matrix’s ranking in the table is high because only the state-of-the-art clients are considered – there are plenty of Matrix clients which don’t support e2ee, for example.

      This list of mistakes isn’t exhaustive, but extending from poVoq’s mentions, here are some things XMPP(conversations) does actually have positive findings for:

      • End to end encrypted by default [OMEMO]
      • End to end encryption is available [OMEMO]
      • Voice/video calls are end to end encrypted [“calls are always end-to-end encrypted with DTLS-SRTP”]
      • Utilizes Perfect Forward Secrecy [OMEMO]
      • Data is encrypted in transit [TLS and OMEMO]
      • You can verify contacts out of band [https://gultsch.de/trust.html]
      • There has been a third party code audit [2016]
      • Provider can scan for illegal content [If you send content unencrypted, otherwise no different to Matrix/Signal]

      I’m not sure there’s much differentiation between any apps when it comes to “What can the apps hand to police?”; if the police have physical access to your device and app, they have access to everything you do on that device/app.