Why do we still use apps that rely on phone numbers or servers?
In today’s landscape of messaging apps, both free and paid, there are numerous options that claim to protect our communications. However, many of these apps still suffer from two critical flaws that compromise user security and privacy: the need to link accounts to phone numbers and the use of centralized servers to manage message and data flow.
The first problem is the association with phone numbers. Tying our digital identity to a personal phone number not only makes users easier to identify but also opens the door to targeted attacks. A striking example of this vulnerability is the case of Pegasus malware, which exploited this very weakness to spy on and compromise journalists, activists, and leaders worldwide. By exposing our phone numbers, we not only risk revealing our identity but also create a significant attack vector.
The second problem is the use of centralized servers to store and transmit messages, metadata, and other sensitive data. Although some platforms offer end-to-end encryption, information still passes through third-party servers, which introduces potential risks. These servers become attractive targets for hackers and governmental agencies, who may access or intercept stored information. Metadata (who, when, and where messages are sent) is also highly valuable for mass surveillance and behavioral analysis.
The solution seems clear: eliminate these two major vulnerabilities by adopting apps that do not require phone numbers or centralized servers to function. Fortunately, there are alternatives that meet these criteria, ensuring truly private and secure communication.
Examples of such applications include:
• Briar (Android): This messaging app focuses on total decentralization, allowing direct communication between devices via local networks (Wi-Fi or Bluetooth). Even without Internet access, Briar continues to work through P2P connections. None of the communications pass through servers, effectively removing the risk of third-party access.
• Twinme (Multiplatform): Twinme requires no registration or phone number, making it a strong option for privacy-conscious users. The app ensures that communications do not pass through third-party servers, and it neither stores personal information nor generates metadata.
• Session: Based on decentralized messaging, Session uses onion routing to protect the identity and location of users. It does not require phone numbers or centralized servers, and it minimizes metadata generation, ensuring that no personal information can be linked to the communications.
• Ricochet: By leveraging the Tor network, Ricochet enables fully anonymous communications without relying on servers. Information flows directly between users, protected by the anonymity that Tor provides.
• Cwtch: This experimental app offers decentralized, private group messaging. Based on a P2P architecture, it does not use centralized servers and avoids the use of metadata, adding an extra layer of privacy to communications.
• Jami (Multiplatform): Jami presents itself as a complete, decentralized solution for video calls, messaging, and file sharing. Available across multiple platforms, Jami doesn’t rely on centralized servers and ensures direct connections between users, eliminating risks associated with third-party intermediaries.
Conclusion: In a digital environment where threats to privacy and security are becoming increasingly sophisticated, continuing to use apps that rely on phone numbers or centralized servers is a risky choice. Adopting solutions that eliminate these attack vectors is a logical and necessary step for any user concerned about the integrity of their communications. Apps like Briar, Twinme, Session, and others mentioned here represent the future of secure communications: private, decentralized, and free from intermediaries.
About The Author
