update!: Require PFS for instant messengers and remove Session (#3034)

Signed-off-by: fria <fria@privacyguides.org> Signed-off-by: Daniel Gray <dngray@privacyguides.org>
2025-07-03 10:02:44 +00:00 · 2025-05-16 11:45:44 +00:00
parent 06d2f0e3e1
commit 57119907f3
3 changed files with 17 additions and 71 deletions
--- a/docs/real-time-communication.md
+++ b/docs/real-time-communication.md
@ -12,15 +12,11 @@ cover: real-time-communication.webp
 - [:material-eye-outline: Mass Surveillance](basics/common-threats.md#mass-surveillance-programs){ .pg-blue }
 - [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
-These are our recommendations for encrypted **real-time communication**. These come in the form of many [types of communication networks](./advanced/communication-network-types.md).
+These recommendations for encrypted **real-time communication** are great for securing your sensitive communications. These instant messengers come in the form of many [types of communication networks](./advanced/communication-network-types.md).
 [:material-movie-open-play-outline: Video: It's time to stop using SMS](https://www.privacyguides.org/videos/2025/01/24/its-time-to-stop-using-sms-heres-why){ .md-button }
-## Encrypted Messengers
+## Signal
 These messengers are great for securing your sensitive communications.
 ### Signal
 <div class="admonition recommendation" markdown>
@ -68,7 +64,7 @@ We have some additional tips on configuring and hardening your Signal installati
 [Signal Configuration and Hardening :material-arrow-right-drop-circle:](https://blog.privacyguides.org/2022/07/07/signal-configuration-and-hardening)
-#### Molly (Android)
+### Molly (Android)
 If you use Android and your threat model requires protecting against [:material-target-account: Targeted Attacks](basics/common-threats.md#attacks-against-specific-individuals){ .pg-red  } you may consider using this alternative app, which features a number of security and usability improvements, to access the Signal network.
@ -105,7 +101,7 @@ All versions of Molly provide the same security improvements.
 Molly and Molly-FOSS support [reproducible builds](https://github.com/mollyim/mollyim-android/tree/main/reproducible-builds), meaning it's possible to confirm that the compiled APKs match the source code.
-### SimpleX Chat
+## SimpleX Chat
 <div class="admonition recommendation" markdown>
@ -140,7 +136,7 @@ You can find a full list of the privacy and security [features](https://github.c
 SimpleX Chat was independently audited in [July 2024](https://simplex.chat/blog/20241014-simplex-network-v6-1-security-review-better-calls-user-experience.html#simplex-cryptographic-design-review-by-trail-of-bits) and in [October 2022](https://simplex.chat/blog/20221108-simplex-chat-v4.2-security-audit-new-website).
-### Briar
+## Briar
 <div class="admonition recommendation" markdown>
@ -174,76 +170,28 @@ Briar has a fully [published specification](https://code.briarproject.org/briar/
 Briar supports forward secrecy[^1] by using the Bramble [Handshake](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BHP.md) and [Transport](https://code.briarproject.org/briar/briar-spec/blob/master/protocols/BTP.md) protocol.
 ## Additional Options
 <div class="admonition warning" markdown>
 <p class="admonition-title">Warning</p>
 These messengers do not have forward secrecy[^1], and while they fulfill certain needs that our previous recommendations may not, we do not recommend them for long-term or sensitive communications. Any key compromise among message recipients would affect the confidentiality of **all** past communications.
 </div>
 ### Session
 <div class="admonition recommendation" markdown>
 ![Session logo](assets/img/messengers/session.svg){ align=right }
 **Session** is a decentralized messenger with a focus on private, secure, and anonymous communications. Session offers support for direct messages, group chats, and voice calls.
 Session uses the decentralized [Oxen Service Node Network](https://oxen.io) to store and route messages. Every encrypted message is routed through three nodes in the Oxen Service Node Network, making it virtually impossible for the nodes to compile meaningful information on those using the network.
 [:octicons-home-16: Homepage](https://getsession.org){ .md-button .md-button--primary }
 [:octicons-eye-16:](https://getsession.org/privacy-policy){ .card-link title="Privacy Policy" }
 [:octicons-info-16:](https://getsession.org/faq){ .card-link title="Documentation" }
 [:octicons-code-16:](https://github.com/oxen-io){ .card-link title="Source Code" }
 <details class="downloads" markdown>
 <summary>Downloads</summary>
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=network.loki.messenger)
 - [:simple-appstore: App Store](https://apps.apple.com/app/id1470168868)
 - [:simple-github: GitHub](https://github.com/oxen-io/session-android/releases)
 - [:fontawesome-brands-windows: Windows](https://getsession.org/download)
 - [:simple-apple: macOS](https://getsession.org/download)
 - [:simple-linux: Linux](https://getsession.org/download)
 </details>
 </div>
 Session allows for E2EE in one-on-one chats or closed groups which allow for up to 100 members. It is also possible to [set up](https://docs.oxen.io/oxen-docs/products-built-on-oxen/session/guides/open-group-setup) or join open groups which can host thousands of members, but messages in these open groups are **not** end-to-end encrypted between participants.
 Session was previously based on Signal Protocol before replacing it with their own in December 2020. Session Protocol does [not](https://getsession.org/blog/session-protocol-technical-information) support forward secrecy.[^1]
 Oxen requested an independent audit for Session in March 2020. The audit [concluded](https://getsession.org/session-code-audit) in April 2021:
 > The overall security level of this application is good and makes it usable for privacy-concerned people.
 Session has a [white paper](https://arxiv.org/pdf/2002.04609.pdf) describing the technical details of the app and protocol.
 ## Criteria
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
 ### Minimum Requirements
- Has open-source clients.
+- Must have open-source clients.
- Does not require sharing personal identifiers (phone numbers or emails in particular) with contacts.
+- Must not require sharing personal identifiers (particuarly phone numbers or emails) with contacts.
- Uses E2EE for private messages by default.
+- Must use E2EE for private messages by default.
- Supports E2EE for all messages.
+- Must support E2EE for all messages.
- Has been independently audited.
+- Must support forward secrecy[^1]
 - Must have a published audit from a reputable, independent third party.
 ### Best-Case
 Our best-case criteria represents what we would like to see from the perfect project in this category. Our recommendations may not include any or all of this functionality, but those which do may rank higher than others on this page.
- Supports forward secrecy[^1]
+- Should support future secrecy (post-compromise security)[^2]
- Supports Future Secrecy (Post-Compromise Security)[^2]
+- Should have open-source servers.
- Has open-source servers.
+- Should use a decentralized network, i.e. [federated or P2P](advanced/communication-network-types.md).
- Decentralized, i.e. [federated or P2P](advanced/communication-network-types.md).
+- Should use E2EE for all messages by default.
- Uses E2EE for all messages by default.
+- Should support Linux, macOS, Windows, Android, and iOS.
 - Supports Linux, macOS, Windows, Android, and iOS.
 [^1]: [Forward secrecy](https://en.wikipedia.org/wiki/Forward_secrecy) is where keys are rotated very frequently, so that if the current encryption key is compromised, it does not expose **past** messages as well.
-[^2]: Future Secrecy (or Post-Compromise Security) is a feature where an attacker is prevented from decrypting **future** messages after compromising a private key, unless they compromise more session keys in the future as well. This effectively forces the attacker to intercept all communication between parties, since they lose access as soon as a key exchange occurs that is not intercepted.
+[^2]: Future secrecy (or [post-compromise security](https://eprint.iacr.org/2016/221.pdf)) is a feature where an attacker is prevented from decrypting **future** messages after compromising a private key, unless they compromise more session keys in the future as well. This effectively forces the attacker to intercept all communication between parties since they lose access as soon as a key exchange occurs that is not intercepted.
--- a/docs/tools.md
+++ b/docs/tools.md
@ -603,7 +603,6 @@ For encrypting your OS drive, we typically recommend using the encryption tool y
 - ![Signal logo](assets/img/messengers/signal.svg){ .twemoji loading=lazy } [Signal](real-time-communication.md#signal)
 - ![Briar logo](assets/img/messengers/briar.svg){ .twemoji loading=lazy } [Briar](real-time-communication.md#briar)
 - ![SimpleX Chat logo](assets/img/messengers/simplex.svg){ .twemoji loading=lazy } [SimpleX Chat](real-time-communication.md#simplex-chat)
 - ![Session logo](assets/img/messengers/session.svg){ .twemoji loading=lazy } [Session](real-time-communication.md#session)
 </div>
--- a/theme/assets/img/messengers/session.svg
+++ b/theme/assets/img/messengers/session.svg
@ -1 +0,0 @@
 <svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" version="1.1" viewBox="0 0 33.865 33.867"><g><path fill="#00f782" stroke-width=".101" d="m172.42 117.59-6.3946-3.5448h4.3302c3.7663 0 6.8277-3.0614 6.8277-6.8277s-3.0614-6.8378-6.8277-6.8378h-15.126c-4.7231 0-8.5598 3.8367-8.5598 8.5598 0 3.3636 1.8328 6.4652 4.7734 8.0965l6.3946 3.5448h-4.3302c-3.7764 0-6.8378 3.0715-6.8378 6.8378s3.0614 6.8277 6.8277 6.8277h15.126c4.7231 0 8.5598-3.8367 8.5598-8.5598 0.01-3.3636-1.8227-6.4652-4.7633-8.0965zm-19.949-2.3967c-2.2256-1.2386-3.6253-3.5549-3.6856-6.0824-0.0805-3.6353 2.9707-6.6163 6.606-6.6163h14.833c2.5377 0 4.7231 1.9436 4.8438 4.4813 0.13092 2.709-2.0342 4.9546-4.7128 4.9546h-8.5397c-0.52368 0-0.94661 0.42297-0.94661 0.94661v6.9688zm16.002 16.938h-14.833c-2.5377 0-4.7231-1.9436-4.8438-4.4813-0.13092-2.709 2.0342-4.9546 4.7128-4.9546h8.5397c0.52364 0 0.94661-0.42295 0.94661-0.9466v-6.9688l8.3987 4.6525c2.2255 1.2286 3.6152 3.5549 3.6755 6.0824 0.0906 3.6353-2.9606 6.6163-6.5959 6.6163z" class="st0" transform="translate(-144.99 -100.38)"/></g></svg>
		`@ -1 +0,0 @@`
			<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128" version="1.1" viewBox="0 0 33.865 33.867"><g><path fill="#00f782" stroke-width=".101" d="m172.42 117.59-6.3946-3.5448h4.3302c3.7663 0 6.8277-3.0614 6.8277-6.8277s-3.0614-6.8378-6.8277-6.8378h-15.126c-4.7231 0-8.5598 3.8367-8.5598 8.5598 0 3.3636 1.8328 6.4652 4.7734 8.0965l6.3946 3.5448h-4.3302c-3.7764 0-6.8378 3.0715-6.8378 6.8378s3.0614 6.8277 6.8277 6.8277h15.126c4.7231 0 8.5598-3.8367 8.5598-8.5598 0.01-3.3636-1.8227-6.4652-4.7633-8.0965zm-19.949-2.3967c-2.2256-1.2386-3.6253-3.5549-3.6856-6.0824-0.0805-3.6353 2.9707-6.6163 6.606-6.6163h14.833c2.5377 0 4.7231 1.9436 4.8438 4.4813 0.13092 2.709-2.0342 4.9546-4.7128 4.9546h-8.5397c-0.52368 0-0.94661 0.42297-0.94661 0.94661v6.9688zm16.002 16.938h-14.833c-2.5377 0-4.7231-1.9436-4.8438-4.4813-0.13092-2.709 2.0342-4.9546 4.7128-4.9546h8.5397c0.52364 0 0.94661-0.42295 0.94661-0.9466v-6.9688l8.3987 4.6525c2.2255 1.2286 3.6152 3.5549 3.6755 6.0824 0.0906 3.6353-2.9606 6.6163-6.5959 6.6163z" class="st0" transform="translate(-144.99 -100.38)"/></g></svg>