The 6 Best Private Encrypted Chat Apps for Linux Users
When you switch to Linux, you make your digital life substantially more private. The overwhelming majority of Linux distributions do not track or otherwise log what you do on your computer. But if you install one of the mainstream chat apps onto your Linux machine, you’re still giving some company a record of your personal conversations.
To keep your communications comparably private to what you do on your PC, you need an encrypted chat app. Fortunately, there are many options to choose from with Linux support, all of which have a compatible mobile app as well.
Signal is perhaps the most popular and accessible encrypted messaging app. With Signal, you can send instant messages, images, files, recorded audio clips, and videos. You can also take part in video calls. Its feature set and ease of use combine to make it arguably the best secure messaging app for a majority of people.
Signal is primarily a mobile app, but the desktop client retains most of the functionality. The catch is that you need to have Signal installed on a mobile device first. You then activate Signal on your Linux desktop by pairing it to your mobile app. Once activated, you need not touch Signal on your phone again unless the time comes to re-install Signal or place it on another PC.
The Signal desktop app, like many communication platforms, is an Electron app, so it isn’t the lightest on system resources. Signal also requires a phone number for registration, a step some privacy-conscious users aren’t comfortable with.
If you described Session as Signal without the drawbacks, you wouldn’t be too far off the mark. Session provides a similar experience and functionality as Signal, but you don’t need to register a phone number to use the software. This means there is even less metadata available for someone to gain access to.
The lack of a phone number requirement also makes Session easier to use as a desktop Linux app. You don’t need to install the mobile version first. You can download Session, create a username, and start chatting.
So, what’s the downside? Registering with a phone number is part of what makes Signal so accessible, which makes it easier to convince friends and family to use it. There are simply more people out there using Signal than Session. You may find yourself wanting to use Session but sitting at your computer with no one to talk to. Unfortunately, this is hardly an issue limited to Session.
When you use any centralized communication platform, you put your eggs in one basket. If the service goes away, you’re out of luck and need to look for an alternative.
XMPP offers protection against this fate. XMPP is a protocol, rather than a platform. Put differently, it builds instant messaging infrastructure similar to the way email functions. With email, you can create an account with one provider yet still send an email to anyone registered with a different provider.
As big as Gmail is, if Gmail were to go away, email would still exist. With XMPP, if one provider goes away, you can create an account with a new provider and continue sending messages to all your previous contacts. Likewise, you aren’t dependent on one particular app. You can use any XMPP client to sign in to your account, just like you can use any email client to check your email.
XMPP isn’t encrypted by default, but you can opt to add encryption utilizing OMEMO or PGP. At that point, XMPP becomes a very private way to chat with others from your Linux PC. The XMPP protocol has gained many features over the years, meaning you can now place audio or video calls, or send files. There’s a good chance you’ve used XMPP in the past without realizing it. Google Talk and Facebook Messenger both initially used XMPP.
There are several XMPP clients available for Linux, so links to a few are listed below.
The previous chat clients are primarily intended for one-to-one chats, though all also support group chats. Wire is different. Its target audience isn’t individuals, but teams. Think of Wire as an alternative to Slack and Zoom. It’s an open-source, end-to-end encrypted way to handle the communications and collaboration your team might need to work in separate locations.
Part of Wire’s appeal isn’t just the private messaging and video conferences. It’s also the ability to manage team members, with all the tools in place for registering and onboarding new accounts. You have control over who gets to see your team’s communications, and who doesn’t.
Wire, the organization, pitches the app toward corporate, government, and other enterprise use. But the code is all freely available on GitHub. You can download the free version of Wire and host it on your own hardware or virtual private server. Or you can stick to Wire’s servers if that all sounds too complicated.
Like XMPP, Matrix isn’t a single platform or service. It’s a federated approach to messaging that allows anyone on one server to message and communicate with anyone on another, as long as they’re utilizing the Matrix protocol.
Matrix is a newer standard than XMPP and comes with a set of features more in line with what newer chat apps offer. Think Signal mixed with Discord or Slack.
The Matrix standard allows for apps that feel more modern. It is designed as a replacement for XMPP built from the ground up to better support the way many of us have grown accustomed to interacting on the web. On the flip side, Matrix isn’t as mature. That doesn’t mean it isn’t stable and reliable, but it isn’t as time-tested or battle-hardened.
As a protocol, there isn’t an app called “Matrix” for you to download. Instead, you can choose whichever client most appeals to you. The Element app is commonly used and is available as an Electron app for Linux. But if you want a more native app for your desktop environment, some of those are available too.
Whether centralized or federated, all the aforementioned apps require servers. Jami is the exception. Jami is a peer-to-peer approach to messaging. This is the same technology behind sharing torrents. Your message goes from your device to the recipients, with no server in the middle maintaining a copy.
Jami doesn’t require a phone number or any other personal information to create an account. One advantage of its approach is that not even an internet connection is required. If people are on the same local network, they don’t need a connection to the web in order to send messages to one another. This enables you to use your computer for messaging while still keeping your communication confined within the walls of the building you’re in.
As part of the GNU Project, with support from the Free Software Foundation, Jami has some of the highest free software credentials.
Keep Your Words to Yourself
Many apps advertise encryption or even end-to-end encryption these days, but their implementation means there are gaps in security. And when a platform is proprietary, at the end of the day, there’s no way to verify whether it’s as secure as it promises. You can connect to Discord, WhatsApp, Facebook Messenger, and the like on your Linux PC, just don’t think that your messages are private or secure.
But there are many ways to chat without handing those conversations over to companies. And you can extend that same privacy to email as well.