I’m currently running Grapheme OS on a pixel. One thing that I’ve had trouble finding is a secure video chat option. I’m assuming that its because such a thing in a secure environment is hard to come by / impossible.
The only options I’ve found are things where you must self host like element etc. Is this the only way?
I realize there may be nuanced answers to this question that I may be overlooking as I’m still relatively new to online security/privacy so I apologize in advance if this is a moot question.
Signal is pretty good all around and phenomenal considering that it’s free.
Hard to beat Signal for getting all the core elements of secure chat.
I’d argue SimpleX does it better, they’re even modifying the Signal protocol to support post-quantum encryption. No phone number, uses the Signal protocol, and has no user identifiers at all (no usernames, no account numbers, no account at all; everything is stored locally on your device).
Oh also, before the reply that Signal is post-quantum already, here’s an excerpt from the blog post I linked detailing why SimpleX’s implementation is better:
unlike Signal design that only added quantum resistance to the initial key exchange by replacing X3DH key agreement scheme with post-quantum PQXDH, but did not improve Signal algorithm itself, our design added quantum-resistant key agreements inside double algorithm, making its break-in recovery property also quantum resistant.
There is much more detail in the blog post if you’re interested. SimpleX also has an incredible whitepaper
If you’re looking for something professional, Jitsi is open-source and only requires one person to have an account to use it… You might have a better experience if you self-host or find someone who does.
jitsi really screwed up, it’s unusable now. they took down their default instance without explanation, and put it behind big tech logins.
half the public instances dont work either, there’s no clear indication of e2ee in the UX either
They posted a reason, but unfortunately the reason was it was getting abused.
But I did discover something: the list of alternative servers, which might not have been very up-to-date anyway, has vanished from their servers sometime after February.
yeah as i said most of these dont seem to work either. sad shit.
Molly (signal fork on fdroid (works with standard signal)), SimpleX chat (fdroid repo), Session (fdroid), Jitsi (fdroid (main instance requires google or github, but a community instance likely wont)).
Can you run Simplex Chat?
May want to ask this in a Graphene community.
Yes, of course GrapheneOS can run SimpleX! SimpleX has no dependence on the Google Services Framework, and even for apps that do have GSF dependence, they can be run with sandboxed GSF. The only apps that don’t work on GrapheneOS are apps that try to use the SafetyNet, which is mostly banking apps, or those that require GSF to have deep root privilege to operate.
I use simplex with graphene os on my pixel 7 pro and it works great.
I use Jami for video chat
The best options for you are going to be SimpleX Chat or Jami, depending on your use case. If you only need to make video calls, probably Jami is the easier option, but if you’d like to have a chat app with video call support, SimpleX is the right choice. SimpleX is also just a really good messaging app, because it has no user identifiers or accounts. They have a wonderful explanation of their method for two-way communication in their whitepaper if you’re interested.
Also, video calling in a “secure environment”, as you’ve stated, is not difficult in the slightest, and absolutely not impossible. There are plenty of options available. Others beyond the ones I gave are Jitsi (but it’s gone way downhill; don’t use it), Signal, Element (you do NOT have to self-host for it, you can use the main instance or any other instance), and the options open up to basically everything if you make a new user profile and install sandboxed Google Play Services in the new user profile (from the “Apps” app). With sandboxed Google Play, you can use apps like Zoom if you really wanted, but I’d strongly encourage you not to for the sake of privacy. You can download apps without signing into a Google account via the Aurora Store.
