WhatsApp alternatives

Posted in Review with tags cryptography myenigma privacy surespot telegram threema whatsapp -

**Update: **Threema support responded: traffic-data is deleted when the message is delivered, or after two weeks, whichever is earlier.

The popular WhatsApp messaging service has been bought by Facebook last week. It is reassuring to see that many people are worried about this. It means Facebook can collect and combine even more data about you than they already do. They now have the posts that you share with all your friends, but now they also have the messages that you share with your best friend, or with the small selected groups of friends. The worrying means that people are now looking for alternatives, and below is my personal take on some of the alternatives that I’ve seen.


By far the most heard alternative at the moment is Telegram, probably because it’s free. Telegram has been developed by two Russian guys, working for a German company based in Berlin. This means that they are bound by European privacy laws, which is encouraging. So some of the scares that using Telegram is trading the privacy threats of the NSA for those of mother Russia do not seem to be based on facts.

The strange thing about Telegram is that they have chosen to develop their own protocol and cryptography. This was already explained well by Telegram, AKA “Stand back, we have Math PhDs!” in December. The blog post has an update describing a flaw in the end-to-end encryption.

The privacy policy of Telegram starts with an odd “We never share your data with anyone. No.” Telegram has both ordinary and secure messaging, where the ordinary messages are stored in the cloud, and the secret chats only pass through. The public chats are stored encrypted, with the encryption keys distributed across datacenters in other jurisdictions. When you authorise Telegram to sync your contacts, it will store a copy of all of them in their cloud.


Another very popular choice is Threema, which costs €1,79. Threema is developed by a Swiss based company. Some of the European data protection applies, but importantly the data retention law is not in effect there. This means that metadata does not have to be recorded and handed over to law-enforcement.

The cryptography in Threema is based on the very sound NaCl cryptography library, developed by the well-respected Daniel J. Bernstein, Tanja Lange and Peter Schwabe. This library not only values strong cryptography, but also usability, making it hard for developers to shoot themselves in the foot.

Some of my students have also looked at the Threema application on Android, and have not been able to find obvious flaws in it, see also SSN Projects results. The students do recommend using a master-key in the application to secure your private key.

The privacy policy of Threema is very readable; they aim to keep only the absolutely necessary information, and then only for a time as short as possible. They do not share any information with other companies, the only exception being crash reports, and then only if you give permission. If you give Threema permission to sync your contacts the app will only send one-way hashes to find possible matching IDs, after which they are deleted. The only personal information stored by Threema is your email address and phone number, and only if you give them permission.


Another alternative making the rounds is MyEnigma, which seems popular because it’s free and because Threema is not available on all Android platforms. It is also by a Swiss based company and the only alternative which extends to the BlackBerry platform, and also allows secure SMS on Android and BlackBerry.

The security in MyEnigma is based on the common TLS encryption between client and server. An added layer is that users are verified in a two-step process using both SMS and email. This makes impersonation harder, but not impossible. There is no verification process possible for the end-to-end encryption between users.

The privacy policy of MyEnigma states that they record metadata (IP address, time, time of messages sent and receive) and also allow them to share this metadata (emphasis mine):

MyEnigma requires access to your address book to find your contacts. However, they do hash these before sending them to the server. This means that the server does not have access to information about contacts that do not use MyEnigma.


A completely free and open alternative is surespot, which has shared their complete code on GitHub. Their encryption is based on SSL using the Crypto++ library. The encryption is standard public key encryption, using the server as a public key storage. The security depends on the hard-coded key of the server with which other keys are signed.

surespot does not synchronise your contacts in any way, they only allow you to send others invitations. They do however store on the server with whom you are talking, your IP address and some other statistics. surespot is based in the US and thus the above information is also vulnerable to the PATRIOT act.

The privacy policy of surespot has the following statement:

I am not certain whether it is possible to completely anonymise usage patterns for messaging applications (see T3, re-identifiabilty, etc).


Wrapping up we see some dubious behaviour by the serious contender Telegram. It appears that their homegrown crypto to has already been shown vulnerable, and they also store a lot of your contacts in their cloud accessible to them. MyEnigma does not seem any better than WhatsApp in terms of the protection of your metadata, they happily claim the right to resell that to advertising companies and others. While surespot does offer some more protection, they do store some metadata, and are based in the US. The only actual secure alternative appears to be Threema at this point. Their crypto is sound, and the privacy policy is sensible, storing only the bare minimum and for as short as possible.

Written by
Older article