Here we present means of private communication and collaboration, though it should be noted that it is up to the individual to verify every person invited into some means of private communication, else the principle of privacy shall be violated. Additionally, we do not recommend any application that does not boast end-to-end (E2E) encryption as part of its protocol. Without E2E, reasonable security is impossible; some of the applications listed below are E2E encrypted.
Additionally, we maintain that one always begin by familiarizing themselves with an application, and immediately disabling any options that violate security or privacy (tracking, data analytics, etc.) and enable all options that facilitate the same (E2E, message deletion on a timer, hidden username, etc.).
The below paragraphs contain links to outside websites and sources of data; we maintain that the individual must verify the links therein.
Group Communications
Communicating with small groups, in a private manner, can be challenging. Most use the popular gaming application, Discord, for this purpose. We do not recommend Discord for any purpose, except that which relates to what can be considered "harmless" entertainment, or perhaps as a means of individual verification.
- Session: Session is, for small groups, the best and most secure app in existence. Everything is end-to-end encrypted, and accounts can be deleted in an instant. We highly recommend Session for friend groups, families and small groups of individuals. Session is routed entirely through Tor and it is decentralized, as it is based on the blockchain. Session is a fork of Signal, with a deeper focus on protecting metadata. Session has a feature called a "duress code" which, when entered, will totally wipe one's account and all associated metadata. Desktop and mobile clients exist.
- Signal: Signal is an end-to-end encrypted chat application. Its use is similar to Whatsapp and Telegram. A telephone number is required for use; we recommend using a burner number. Desktop and mobile clients exist.
- Element: Element, formerly Riot, is very similar to Discord, with the exception that rooms (or servers) are not categorized by channels, and as such a Riot client with many joined rooms will be very cluttered. Element is built atop the Matrix protocol, which is an ecosystem supporting decentralized communications (many other interfaces for Matrix exist aside from Element). Element supports end-to-end encryption via keys, and can be an effective means for large-scale group communications. Some research will be necessary by a potential user to understand how to fully employ Element's secure features. We recommend Element for large-scale group communications, if end-to-end encryption is enabled. Desktop and mobile clients exist.
- Keybase: Keybase is an E2E chat application with a focus on projects. Project pages can be launched and members can join.
- Mega: Mega, the encrypted cloud storage and data sharing application, actually has an E2E chat feature. One can chat individually or in groups.
- WhatsApp: WhatsApp is one of the oldest means of private communication; it is end-to-end encrypted. Some contention exists in regard to its security: we maintain that one should research this and understand the risks of the application before using it. A telephone number is required for use; we recommend using a burner number. Desktop and mobile clients exist.
- Telegram: Telegram is a "secure" messaging application based in Russia. We do not recommend Telegram for secure communications, since its chats are not end-to-end encrypted. We mention it only because some great data can be gotten from it. It does require the use of a phone number. E2E chats can only be enabled on the mobile app, between exactly two people. If one is familiar with the use of Whatsapp, Telegram will be quite familiar. A telephone number is required for use; we recommend using a burner number. Censorship is almost unheard of on Telegram, except for that which pertains to child pornography, which all but the most deviant can agree upon as worthy of censor. Desktop and mobile clients exist.
- Slack: Slack is very similar to Discord, with the exception that only one server may be "logged into" at any given moment; these are referred to as "workspaces". Slack is encrypted and is meant for collaborative teams and businesses. Its organization scheme is very similar to Discord, and it features threading in chat (discussions within channels), which is a very effective means of organizing a chat. Desktop and mobile clients exist.
Email
In using email to communicate, encryption is a necessity. Tutanota and ProtonMail offer similar services. One can create as many email addresses as necessary. It should be noted: automatic end-to-end encryption only occurs between Tutanota/Tutanota or ProtonMail/ProtonMail pairs, unless you provide the recipient a decryption key through some other means. Initiating communication through an encrypted email service can be done by providing a prospective contact with the address (and nothing damning), and thereafter only communicating sensitive information with them through this email.
We recommend using PGP in addition to Tutanota/Protonmail. When communicating with a trusted individual over Tutanota/Protonmail, this combination of PGP and proprietary E2E is absolutely secure.
- Tutanota: Tutanota is the best free, encrypted and standard-feeling email provider you will find. One cannot register for an account over Tor, but can log in using Tor.
- ProtonMail: ProtonMail is similar to Tutanota, but should not be used if you fear Javascript attacks (we think this is a baseless claim, but it has been made). ProtonMail has a hidden Tor service: https://protonirockerxow.onion/login.
- For Tor-friendly emails, refer to Using Tor.
- For encrypting one's own emails, refer to Pretty Good Privacy (PGP).