--- marp: true theme: default paginate: true --- # Messaging Without Big Tech ### Free & Open Alternatives to WhatsApp and Messenger MakerFLOSS · 2026 --- ## Why Are We Here? Most people use WhatsApp, Messenger, or iMessage. **What's the problem?** - **WhatsApp** — owned by Meta; metadata harvested; backup encryption only added under pressure - **Messenger** — no E2EE by default in groups; extensive ad tracking - **Telegram** — *not* E2EE by default; groups are server-side; closed server - **iMessage** — Apple lock-in; not available on Android or Linux These apps are *convenient* — but the cost is your data and your network. --- ## What Would We Want Instead? | Property | Why it matters | |---|---| | End-to-end encryption | Only sender and recipient can read messages | | Open source | Anyone can audit the code | | Self-hostable | You control the server and the data | | No phone number required | Less identity linkage | | Cross-platform | Linux, Android, iOS, Windows | | Federated / decentralized | No single point of failure or control | No single app checks every box — but the trade-offs are manageable. --- ## The Landscape at a Glance | App | E2EE | Open source | Self-host | No phone# | Federation | |---|---|---|---|---|---| | **Signal** | ✓ | Partial | ✗ | ✗ | ✗ | | **Matrix / Element** | ✓ | ✓ | ✓ | ✓ | ✓ | | **XMPP + OMEMO** | ✓ | ✓ | ✓ | ✓ | ✓ | | **Briar** | ✓ | ✓ | N/A | ✓ | N/A | | **Session** | ✓ | ✓ | Partial | ✓ | Partial | | **Threema** | ✓ | ✓ | Partial | Optional | ✗ | --- ## Signal — The Gold Standard for E2EE **Created by** Moxie Marlinspike (2013), now run by the non-profit Signal Foundation. **The Signal Protocol** is the encryption layer also used by: WhatsApp, Google Messages (RCS), Skype, Facebook Messenger (secret chats) ### Pros - Extremely simple UX — works like a normal messaging app - Calls, groups, disappearing messages, Stories, Note to Self - Audited, battle-tested cryptography - No ads, no tracking, no data sold ### Cons - Phone number required — links your identity to your account - Centralized — Signal's servers, Signal's rules - Server source code published but community forks are blocked --- ## Signal — Under the Hood ``` Alice's phone Signal Server Bob's phone ───────────── ───────────── ────────── [message] ──encrypt(Bob's key)──▶ [stores ciphertext] ──────▶ decrypt ──▶ [message] ``` - The server sees: *who* talks to *whom*, *when*, and *how often* - The server does **not** see: message content - This metadata is still significant — [read the Signal subpoena responses](https://signal.org/bigbrother/) **Best for:** journalists, activists, family group chats, anyone who wants simple + secure --- ## Matrix — The Federated Open Standard Matrix is a **protocol**, not an app — like email, but for real-time chat. ``` [your homeserver] ←──federation──▶ [another homeserver] ▲ ▲ Element client FluffyChat client ``` - **Standard**: matrix.org (open spec, anyone can implement) - **Server software**: Synapse (Python), Conduit (Rust), Dendrite (Go) - **Clients**: Element, FluffyChat, Cinny, Fractal (GNOME), Nheko - **Bridges**: WhatsApp, Signal, Slack, Discord, IRC, XMPP — all bridgeable --- ## Matrix — Pros and Cons ### Pros - Fully open source, top to bottom - Self-host your own homeserver — you own your data - Federated — no single company controls the network - Bridges let you consolidate all your chats in one place - Persistent rooms, Spaces (like Discord servers), threads ### Cons - E2EE key management is still clunky (cross-signing, key backup) - Synapse is resource-hungry (~1 GB RAM for a small server) - Message history sync across federation is slow - The UX of Element is still maturing --- ## Matrix — Why It's Interesting for MakerFLOSS We could run our own homeserver at `matrix.makerfloss.eu`. **What this gives us:** - Full control over our community chat - Bridges to reach people still on WhatsApp or Messenger - A playground for learning about self-hosted infrastructure - Federated — members can also use matrix.org or their personal servers **Resources needed:** - A VPS (we already have one at `88.99.32.236`) - ~500 MB RAM for Conduit (lighter than Synapse) - A subdomain + TLS (Traefik already handles this) --- ## Two More Worth Knowing ### XMPP (Jabber) The *original* federated chat standard — 1999. Still alive and kicking. - Extremely mature and lightweight - Good clients: **Conversations** (Android), **Monal** (iOS/macOS), **Gajim** (desktop) - E2EE via OMEMO - Con: fragmented client quality; setup less beginner-friendly ### Briar Peer-to-peer messaging — *no server at all*. - Works over Tor, local WiFi, or Bluetooth (offline!) - Censorship-resistant by design - Con: Android only (iOS in beta); no desktop client; both parties must be online to first connect --- ## Participation — Let's Talk **Round 1: Your current situation** *(2 min, pairs)* - What messenger do you use most, and why? - Is there anything about it that bothers you? **Round 2: Barriers** *(group discussion)* - What's the hardest part of switching or convincing others to switch? - "But all my friends are on WhatsApp" — how do you handle it? --- ## Participation — Hands-On Options Pick one to try *right now*: **Option A — Signal** 1. Install Signal on your phone 2. Register with your phone number 3. Send a message to the person next to you **Option B — Matrix (web)** 1. Open [app.element.io](https://app.element.io) in your browser 2. Create a free account on matrix.org 3. Join the room `#makerfloss:matrix.org` (if it exists — let's create it!) **Option C — Discussion** Should MakerFLOSS set up a Matrix homeserver? What would it take? --- ## Resources | Resource | Link | |---|---| | Signal | signal.org | | Matrix spec | spec.matrix.org | | Element client | element.io | | FluffyChat | fluffychat.im | | Conduit server | conduit.rs | | Briar | briarproject.org | | Privacy Guides (comparison) | privacyguides.org/en/real-time-communication | | EFF Surveillance Self-Defense | ssd.eff.org | --- ## Summary - **Signal**: easiest switch, best UX, E2EE by default — but centralized and requires a phone number - **Matrix**: most aligned with FLOSS values, self-hostable, federated — but more complex - **XMPP**: the old guard, still solid for the technically inclined - **Briar**: for extreme scenarios — no infrastructure needed **The best alternative is the one people will actually use.** --- # Questions? *Slides made with [Marp](https://marp.app) — open source markdown slide tool*