Welcome to the community, Stan!!
1 Like
Thanks.
I also just found âSilent Phoneâ. Itâs Android and iOS only and I want a desktop machine app ideally, but in case anyone has any knowledge of it i thought i would mention it,.
1 Like
Oh, itâs by Silent Circle? I like them! You mean this, right? https://play.google.com/store/apps/details?id=com.silentcircle.silentphone&hl=en
And whatâs the alternative to a messenger app having your phone number? Does Matrix/Riot ask for it as well? (I forget; havenât used it for some time.)
Most donât need a phone number. Have you heard of email? 
Wire is nice, no phone number. Hell even Skype didnât need my phone number!
You already asked that 
Do you trust them absolutely? They will probably need to keep maintaining it unless you will step in at that point and they will have access to the messages (even if E2EE ones are unreadable) and they could do a mistake or be malicious orâŚ
If you click advanced settings and erase identity server in Riot, you will not have to enter phone not email. (And if you did, you would receive error about the identity server, same if the identity server went down as itâs centralized.)
Wire also allows registration by email insteadof a phone number.
By the way, I think there have been a lot of chats in this thread and some of them arenât related to Wire. I wonder if there are some buttons I should click to move some to other topics, possibly new ones so this would be more clear for new readers.
1 Like
I guess youâre right - conversations tend to go off on tangents sometimes, you know? StanTheMan had mentioned Silent Phone - perhaps there should be a thread about that.
Good question Mikaela - and yes I definitely do. Having said that, I would still rather run it myself, but I have some serious learning to do first. I could ask them to start it, and then take over as my education allows
Side note (at risk of going in a tangent again) - Makaela you speak quite highly of XMPP on your personal page and on some of these threads. It always seemed too complicated but IF it can audio/video calls, I might take a look at it as I just found Conversations.im and they seem to explain it a bit easier. I THINK I am right in saying all I need to do is:
Sign up for XMPP account
Choose a client for each device (Aium for Mac, for example)
Sign in and chat, untick OTR logs so no logs are stored
And I THINK that would mean itâs probably even more private/secure than Matrix/Riot. Would you agree with that, or no? thanks as always.
Did you see this page?
https://xmpp.org/getting-started/
XMPP can do voice/video, but not all the clients can and itâs somewhat rare featue. I have heard that Atalk can do it, but I just received a screenshot of issue with it disabling all media features.
- Yes
- I am not sure on Adium, isnât it like Pidgin, so it might not support XMPP that well, but in general yes.
- Everyone uses OMEMO instead of OTR and I am not sure they have separate opton for that and Conversations defaults to trying OMEMO already.
I am under impression that it collects less data than Matrix and has actual storage periods for things like logs instead of e.g. keeping deleted file uploads in the database forever.
Interesting thanks! Maybe I will just skip over Matrix and go to XMPP. More research to do first, mainly on features as Matrix may well take the biscuit there.
OMEMO - Oh yes, I heard thatâs a much better system to use too, so I would be happy to use that.
Shoot me a PM sometime. This is something Iâm strongly considering starting in the next months: Turnkey hosting Mastodon, Matrix, XMPP, Discourse, [âŚ]?
As far as I see on wire.com, Wireâs no longer free software, all the plans are paid-for.
Why itâs still listed on PrivacyTools.io?
Itâs not super clear to find but hereâs a link to it: https://wire.com/en/products/personal-secure-messenger/
Itâs in the footer called âWire Personal.â
4 Likes
Thanks for the prompt response. Indeed, thereâs, just not too obvious.
I wonder, how many people tried to build and use their own Wire server, out of source?
I think it not federating doesnât encourage many into trying that.
1 Like
Discussion has been mainly going on at
And a delisting issue was raised at
https://github.com/privacytoolsIO/privacytools.io/issues/1488
1 Like
Hmm it does look interesting. It looks like they havenât open-sourced any software nor conducted any security audits though. I canât find anything about their E2EE other than:
âŚall exchanges are end-to-end encrypted by the open source WebRTC protocol used for peer-to-peer multimedia and data exchanges. - https://twin.me/en/support/twinme-protect-data/
I also see in their privacy policy this interesting bit:
We will share the information we have with entities outside of Twinlife if we have a good faith belief that access, use, preservation, or disclosure of the information is necessary to:
- meet any applicable law, regulation, legal process or enforceable governmental request;
- enforce applicable Terms of Service, including investigation of potential violations;
- detect, prevent, or otherwise address fraud, security, or technical issues;
- protect against harm to the rights, property, or safety of Twinlife, our users, or the public as required or permitted by law.
And regarding point 2 their ToS states:
you are responsible for ensuring that you do not submit material that is:
- copyrighted, protected by trade secret or otherwise subject to third party proprietary rights, including privacy and publicity rights, unless you are the owner of such rights or have permission from their rightful owner;
- a falsehood or misrepresentation;
- offensive, unlawful, harmful to minors, obscene, defamatory, libelous, threatening, pornographic, harassing, hateful, racially or ethnically offensive, or that encourages conduct that would be considered a criminal offense, gives rise to civil liability, violates any law, or is otherwise objectionable;
- an advertisement or solicitation of business; or
- impersonating another person.
But it seems like they store minimal user metadata so maybe there isnât much to disclose 
And Iâm wondering how theyâd enforce these terms if contents are supposed to be E2EE. Also worth noting, they do have an interesting biz model:
Twinme business model is based on licensing its ethical relationships model based on anonymous opt-in/opt-out to create and service communities around specific subjects of interest (e.g., brands) or content delivery media (e.g., music or video). Clients and their contents providers can enter into personal relationships and yet, each decides at any time how much he/she wants to expose to the other, or stop the relation.
Such a disruptive foundation for interacting online between products and consumers without intermediation, coupled with conversational commerce enabled by twinme chatbot technology, are at the roots of our business model, based on direct consumer conversations (like in a real shop), as an alternative to big data analysis of their private personal behavior.
Yes, but metadata kills. Iâm not sure how users can verify TwinMeâs claims (or your screenshot) without a security white paper (like Wire has), no security audits, and no open-source code. But I could be missing something here.
1 Like