For anyone sensitive to metadata collection (phone numbers), there's SimpleX.chat which is private and secure by default. If you want more complete metadata protection you will also want Orbot (in Power User Mode) and make the following config changes in SimpleX:
This article sort of addresses a question that I have had for a long time. I always wondered why it was called a "double" ratchet. There is only one hash ratchet. The triple Diffie-Hellman isn't anything like a ratchet. From the article it seems that the 3DH is called a ratchet anyway.
Implementing Signal's Double Ratchet algorithm (2020)
(nfil.dev)97 points by todsacerdoti 7 November 2024 | 8 comments
Comments
https://github.com/rongarret/ratchet-js
based on an earlier implementation I did in Common Lisp:
https://github.com/rongarret/tweetnacl/blob/master/ratchet.l...
Network & servers > Use SOCKS proxy - ON
Network & servers > SOCKS proxy settings > Proxy - 127.0.0.1:9050
Network & servers > SOCKS proxy settings > Use .onion hosts - Required
Network & servers > SOCKS proxy settings > Use random credentials - ON
Network & servers > Advanced network settings > Private routing - Always
Network & servers > Advanced network settings > Allow Downgrade - No
Network & servers > Advanced network settings > Show message status - ON
Network & servers > Advanced network settings > Transport isolation - Chat profile
Audio & video calls > Always use relay - ON [NOTE: get a good VPN to protect call metadata]
Privacy & security > Send link previews - OFF
Privacy & security > Show last messages - OFF
Privacy & security > Auto-accept images - OFF
Privacy & security > Blur media - [As desired]
The above configuration beats the pants off Session (Signal alternative typically recommended) and actually works decently (unlike Session)!
IMO the above really needs to come set by default and I might fork the client to do it (calling it SimplerX).
https://datatracker.ietf.org/doc/rfc9420/