I’d like to be able to chat from an Android phone without a SIM card.
Edit: Since several people have mentioned it, I’m including this note at the top. There are security issues with using a temporary number to register even if it is not needed to maintain the account. Anyone can gain access to the number and use it for account recovery, etc. I’m not an infosec person at all, but this seems pretty obviously bad. Some services will work fine with a landline or other permanent phone number, as long as you retain private access to the number.
Edit 2: SimpleX turned out to be a good fit for me. It was fast and easy to set up, and simple for my family to use. I also like that it is self hostable if I need to set that up in the future. There are some excellent suggestions and useful discussions below, and I appreciate the help. I’ll come back to this thread in the future if I need to switch
Jitsi
With Jitsi you can also self-host the server-side components if that’s your thing: https://jitsi.github.io/handbook/docs/devops-guide
isn’t that all google code?
Is it? I had no idea that was a potential accusation.
Edit: just did a quick search and found nothing indicating Jitsi is Google.
8x8 collects and gives to google https://jitsi.org/meet-jit-si-privacy/
and
the usage of the free meet.jit.si service, is not free of tracking, requires authentication at either Google, GitHub, or Facebook and is hosted at AWS which is not considered GDPR-compliant.
https://en.wikipedia.org/wiki/Jitsi
matrix is much better.
From that first link it just looks like they give data to Google if you use the YouTube integration, which is something that you don’t have to activate, and also is an unavoidable prerequisite of such an integration.
Last I checked matrix doesnt support videochats out of the box. A lot of people use jitsi plugged in to matrix deployments to handle this
Oh thanks!!!
From all of us who donate to FSF.org To the world
A Free-as-in-speech-and-beer solution
Happy Newton’s birthday
SimpleX chat does video calls.
Thanks, I’m going to check this out. Seems pretty straightforward which is good for the family to use
Just for transparency reasons, you might want to see this: https://discuss.privacyguides.net/t/simplex-chat-is-now-a-crypto-project-selling-tokens-and-nfts/32490/9
I prefer Delta Chat, but sadly video calls are experimental :(
And also there is no support for group calls.
Thanks for the heads up. This may still be the best option for me, but it is good to stay ahead of these things.
There is something in the quoted Masto thread that suggests realtime video is inherently insecure? I have to be honest that I didn’t really follow it.
The info from SimpleX reads as though they are using crypto donations rather than more traceable cash, which mostly makes sense to me. The NFT tech that they describe is not for trading purposes, but to anonymously verify payments. It would be used to connect an account to a payment through zero or minimal knowledge. I don’t really understand the tech, so please let me know if I even understand what they are suggesting.
This is just for family chat, so total black box security is not a priority.
Thanks for the heads up
You’re welcome
There is something in the quoted Masto thread that suggests realtime video is inherently insecure?
Well, to keep it simple: Voice/Video Calls on SimpleX are private. The point Sarah (from Cwtch, another private messaging platform) was making in that toot is that it is hard to be truly anonymous on a video call due to network level limitations on how the app route calls. But that is mostly about having privacy from a state-level adversary, I mean don’t even worry about this.
The info from SimpleX reads as though they are using crypto donations rather than more traceable cash
The criticism on the Privacy Guides forum is about the SimpleX team implementing a system based on crypto and NFTs to pay server operators, aiming to incentivize people to host more servers. But the catch here is that server operators get a 60% cut and the SimpleX team takes 40%, raising concerns about a possible enshittification, SimpleX will be more inclined to generate revenue instead of improving the app and bla bla bla.
Also on the other thread that the highlighted comment linked, a developer I respect called ignoramous points out that because SimpleX is based in the UK, it could be subject to the IPA law and there are transparency concerns about the SimpleX team not even caring to warn about it (if you care about that stuff).
And also SimpleX advertises as not having user identifiers but that’s a lie because by default if you don’t do anything about it the servers have your IP address (and your IP is a user identifier).
It’s these little things that make me distrust the project. Personally I don’t like Web3/crypto stuff, so I tend to avoid services that implement it.
This is just for family chat, so total black box security is not a priority.
Yeah i mean, for your use case, using SimpleX is totally fine. I just wanted to share the criticisms that exist around SimpleX.
Thanks, I appreciate the detailed reply!
You can use element for that, just don’t use a matrix.org account.
Why not matrix?
I can’t speak for them, but personally I’ve been moving away from matrix entirely for a few reasons.
Element was always a buggy mess on my phone, and a shitty electron app on my laptop.
It was too difficult for normals and while I disagree, they wouldn’t use it. What’s a chat app without contacts after all?
While element was bugging and I was awaiting an update, I found out that the Matrix [.] org foundation was started as a project at Amdocs, then when it was defunded the lead of the project created the foundation. Amdocs is fucking sketchy, they’re associated with mossad and have infiltrated the US telcom networks. Now look, I’m not saying they backdoored matrix, but they did do the other thing and backdooring a chat app would be right in line with their entire schtick, and I’m just too fucking paranoid for that, straight up. It also leaks metadata like piss to any server that federates with yours so if mossad is working with the matrix org, they get all of it just by your server federating with the largest, “official” server. To some degree, metadata seems inescapable, but almost anyone is better than mossad.
They also have a bit of a CP problem in their public rooms so stay out of those, but don’t worry due to that problem they removed searching for public rooms so you have to know the addr to join, so they make it hard to stumble into them, but also now you can’t search for public rooms which is a hinderance if you did want to join, say, the rasberry pi room, despite the risk of cp being posted.
BUT they don’t require phone numbers!
So for now I’m trying out Delta Chat, seems alright so far. No video calling though.
But yeah maybe that whole Amdocs connection to the “official server” is what they were referencing, but if not I’d like to know their reason!
Interesting information. I didn’t know about the potential tie. Honestly, any “intelligence” agency is as bad a tie for a chat app, especially one that claims privacy. I have no one on Delta, but I’ve had it installed for a while : / maybe one day…
I was able to get two people on Delta so far, it seems easy enough for normal people to use, so there may be hope yet!
I hope so. It took me almost 7 years to go from Hangouts to Signal, and it took Google claiming they’ll kill Hangouts for the last 3-5 to make the jump.
Well that was nice of google to help lol. Good luck, I hope you can get them to switch!
I can never say that google never helped me with anything lol!
matrix.org is one instance, the biggest one. Guessing they require a phone number.
It does not appear to require a phone number. It even looks like an email address is optional.
Ah ok. I haven’t used matrix in a while, but it didn’t require a phone then (several years ago), so I thought they were saying not to use matrix in general.
Matrix.
Matrix has video chat? What clients support it, cuz Element doesn’t (has a video icon for voice chat, tho).
https://jami.net/ has an android app
If you feel like setting up a stun/turn server it’s possible to set up your own using something like xmpp or next cloud talk. Works for individual accounts with friends if not a plug and go app.
I have an ejabberd server setup for my family for this reason. Using the Conversations app off F-Droid and Gajim on desktops
NextCloud has end-to-end encrypted voice and video chat, and of course a whole bunch else, since people are mentioning self-hosting. The corresponding Android app “nextcloud talk”.
Nextcloud talk does not support E2E on mobile, web client only. I was just setting it up the other day and was very surprised when I saw this.
Thanks I never heard about this one.
self hosted matrix here
Threema
It’s around $5 for the app. No phone number needed. End-to-end encryption for chat and calls (audio/video). Desktop versions are in beta.
iOS and Android
Strongly recommend against Threema. Thier initial “custom protocol” had a bunch of basic mistakes in it, and thier mitigation doesnt completely solve the biggest ones. The original details can be seen here: https://breakingthe3ma.app/ I can’t find the original blog post that did a more thorough breakdown.
Ah, found the blog post with a thorough breakdown: https://soatok.blog/2021/11/05/threema-three-strikes-youre-out/
I’d love to see the blog post. Is there a date on that paper? How recent is this?
I’ve read about fixed vulnerabilities, but not outstanding ones.
This looks promising. I Like that it has group video as well. Thanks.
I don’t know how private/secure it really is, but Teleguard doesn’t require a phone number.
I’d really like to see some research into them, though, to know how good/bad it is.
I don’t know where to even start.
Alternative: XMPP has been around for 25+ years, can be self-hosted, there’s numerous solutions available.
It looks like Session has video calls in beta.
Note that most services requiring a phone number for registration don’t actually require that phone number to be connected to a SIM card in the device you’re using. That may be helpful depending on your use case.
Do not use Session. It isnt even vaguely secure. Two part blog post from the researcher that single handedly disproved Session was secure or had any interest in being secure:
https://soatok.blog/2025/01/14/dont-use-session-signal-fork/
https://soatok.blog/2025/01/20/session-round-2/
EDIT: Formatting
Side note but I was literally just thinking the other day that the accelerated rise of corruption and right-wing pivot of the globe also coincides with encrypted / anonymous communications. Mobsters and state actors must be having an absolute field day this past decade.
If the Epstein files have proven anything, it’s that these idiots use plain text email.
GNU Jami though I had trouble getting it to work reliably, and you have to install an app. YMMV.
Jitsi is decent, especially if you don’t mind using their server meet.jit.si (may have changed by now). It uses WebRTC (i.e. you can use it with just a browser) which I think is preferable to a mobile app.
I think there will inherently be some lag if you’re using a mobile phone at the client side, because of all the codecs, wifi latency etc.
This shouldn’t be that hard a technical problem especially if you’re ok with audio-only. I don’t know why the existing programs all have probs in some areas. Jitsi is nice to use but a pain to self-host from what I can tell.
I have a self-hosted nextcloud that has a video chat feature (Nextcloud Talk) but it’s not great.
I have been wanting to spend a chunk of time looking into the situation and finding a good answer, or at least identifying the trade-offs clearly.
