One of the most powerful steps we can take towards freedom is giving ourselves a place that we can speak freely, one without fear of surveillance or censorship. The knowledge that we are not being watched enables us to experiment, take risks, be creative, and work out our ideas and thoughts with those we most trust. This freedom is key to human flourishing, and in order to achieve it we need platforms that give us strong privacy in our communications with very little to no added barriers of entry.
The fact that you won’t do things, that you will self-censor, are the worst effects of pervasive surveillance. - Bruce Schneier, fellow and lecturer at Harvard's Kennedy School and a board member of EFF
A relatively new kid on the block is SimpleX Chat, a messenger that blends a beautiful UI with an innovative approach to protecting not only the contents of your messages from prying eyes, but also the other data about those messages (the “metadata”). Let’s dive into what using SimpleX is like and how it can be an excellent piece of your freedom tech toolkit.
How SimpleX Chat Protects Your Privacy
SimpleX Chat leverages many different tools to provide excellent privacy to all users by default, requiring no additional steps to protect your messages from prying eyes. This protection involves not only your data itself (message contents, videos, pictures, etc.) but also the data about that data — metadata. It does this in a variety of ways:
- All messages are encrypted using the same battle-tested protocol as Signal, the “Double Ratchet Algorithm”.
- All connections between contacts use uni-directional message queues, so not even relays can connect users together to create social graphs.
- All packets sent by SimpleX are padded with fake data to prevent packet size analysis by ISPs, malicious relays, or malicious networks.
- All messages are mixed by relay servers to prevent timing analysis by ISPs, malicious relays, or malicious networks.
- As discussed below in more detail, all messages are able to be sent and received without tying them to a static username or phone number.
- All files and media (except videos, as of v5.3) are encrypted with a random symmetric key when stored locally, providing forward secrecy even for files saved to your phone.
- Optionally, users can leverage Tor via Orbot to prevent relays from seeing their true IP addresses.
The beautiful thing about using SimpleX is that once you do the initial connection with a friend or family member, using it is about as approachable and simple as any other popular messaging app. Message reactions? Check. Replies to individual messages? Check. Delivery receipts? Check. You’d never know you were protecting your privacy in so many ways while using SimpleX, which is vital to the growth of freedom tech beyond the most technical and privacy-conscious users. The ability to recommend an app and have someone use and enjoy it without seeing the need for personal privacy is the easiest path towards broader adoption of privacy tools.
But there are some key differences and additional features that exist in SimpleX that are worth highlighting here.
Connecting to new contacts
While using SimpleX day-to-day looks very similar to other messaging apps, under the hood there are some unique approaches happening when it comes to initially connecting to another SimpleX user. As SimpleX intentionally does not have any usernames, phone numbers, or unique identifiers for each user, how do you connect to others on SimpleX? The process goes like this:
- You setup your profile on SimpleX with a username, profile picture, etc. just like any other app.
- When you want your friend to chat with you, you simply share your SimpleX address via text or QR code.
- This address contains no information about you or your user profile, and merely tells other SimpleX users how to request to connect with you.
- This is has to be done “out-of-band” in another messenger or in-person, as there are no usernames or unique identifiers to use when connecting for your own privacy.
- Your friend scans the QR code you’ve sent him via Signal.
- Your friend’s SimpleX app connects to yours and requests to connect.
- When you accept the connection request, SimpleX shares the information necessary to send you messages (a server and message queue) and your friend’s app shares the same information for him (a separate server and message queue).
- Once connected, simply chat as normal! As messages are routed through servers you can send and receive messages when one party or another is offline without issues, just like Signal etc.
While this process introduces a slight additional hurdle, it’s only present when initially connecting to a new contact and doesn’t have to be done again once you’ve started chatting. This initial requirement allows users on SimpleX to avoid having a static username or having to share a phone number that is often linked to their real-world identity, and makes pseudonymous chats drastically easier. Every contact you chat with sees a different set of message queues and unique identifiers, so if you choose not to share your contact info (i.e. using Incognito Mode which we’ll cover later) there is no cryptographic or network-related tie visible between your different conversations.
Learn more: SimpleX Chat Docs - Making Connections
Have a “friends and family” persona and an online pseudonym? Keeping the two separate with most other messengers like Signal involves having multiple phone numbers and multiple phones. One of our favorite features in SimpleX is the ability to easily switch between profiles and prevent any links between the profiles from leaking. Most of us have a separate online persona, so the ease of switching between profiles and keeping those personas separate is invaluable.
You can have many different chat profiles and receive notifications for all of them at the same time. Want to mute a public profile that’s a bit noisy? Simply long-press and mute it. Want to hide a profile that you use for anonymous tips to journalists or other use-cases that you don’t want to be visible to someone who picks up your phone with SimpleX open? You can do that as well.
Privacy is the power to selectively reveal oneself to the world. - Eric Hughes, A Cypherpunk's Manifesto
The chat profile feature is very well thought out and makes it far easier to be online while preserving your privacy. You should be the one in control of who sees what about your chat activities.
Learn more: SimpleX Chat Docs - Chat Profiles
Contrary to the bad reputation the term “incognito mode” has gotten from web browsers touting it’s false privacy, combining the excellent privacy of the SimpleX protocol with Incognito Mode SimpleX likely the best tool for dissidents, activists, and whistle blowers. With the flick of a switch SimpleX changes from sharing your profile information with each contact to generating an entirely unique profile for you with every new contact you connect with. This mode makes communicating with many different people without revealing that you’re the same entity effortless, as not only can each contact not connect the dots between ‘nyms (even by collaborating with other contacts), they also can’t link ‘nyms together using addresses as message queues are entirely unique.
No need to manage a bunch of accounts or generate throwaway email addresses and phone numbers, just flick the switch and enjoy practically perfect pseudonymity while chatting. Incognito mode even automatically retains the pseudonym used for a contact when they invite you to a room, preventing accidentally leaking a different ‘nym or being unrecognizable to the contact.
Learn more: SimpleX Chat Docs - Incognito Mode
An essential function of messenger platforms is the ability to create group chats, and SimpleX does support groups in what they call “secret groups.” While these groups appears to function similarly to group chats in other apps, they actually share some distinct differences (and thus a major disadvantage). Group chats in SimpleX still leverage the same peer-to-relay architecture described below, meaning that when you join a group SimpleX creates a connection directly to every room member instead of just to a centralized server.
While this is great for privacy, it means that there is drastically more overhead in group chats compared to more centralized platforms. SimpleX groups still function well for small numbers of room members but are not recommended for replacing large groups on platforms like Matrix, Telegram, etc.
Learn more: SimpleX Chat Docs - Secret Groups
SimpleX Chat Architecture
One of the aspects of SimpleX that sets it apart so clearly from other options for private messaging is it’s unique peer-to-relay architecture. This provides strong protections against metadata surveillance by preventing peers from learning any information about you or other connections you’ve made, and allows for seamless chatting even when one party or another is offline. A consistent issue with purely peer-to-peer messengers like Briar is the requirement to have both parties online at one time to be able to communicate, a barrier of entry that is hard to get past when users are coming from apps like WhatsApp and Telegram.
When you connect to a contact in SimpleX, instead of providing them with a unique identifier or phone number to connect to through a centralized server, instead SimpleX selects a pair of servers to use when receiving messages from that contact along with unique message queues on each. The other contact’s app does the same, selecting two random servers to use when receiving messages. This initial communication only takes a few seconds and ensures that communications between you and any of your contacts never rely on a single server or are able to be tied back to a static identifier or individual entity.
Servers in the SimpleX protocol are “dumb” in the sense that they cannot see any information about messages, and only know where to pass messages to for any given message queue. They only see individual message queues, and no single server controls both directions of a chat. Even so, it’s important to have the ability to remove any trust in the centrally run servers that SimpleX hosts, and as a result they’ve made it quite easy to run your own “SMP” server.
Running your own server allows you to customize message retention, know that the relay you’re using is not storing any logs of activity, and ensure you’re running the exact code available on Github.
Learn more: SimpleX Chat Docs - Hosting your own SMP Server
What needs improvement
While SimpleX is a fantastic tool, that doesn't mean it's perfect! So far in my usage, the biggest pain-point by far is that notifications can be intermittent on both iOS and Android. Syncing all of those peer-to-relay connections adds overhead, but I have seen significant improvements over the past few versions, thankfully!
The other issue is that currently audio and video calls are in beta and a bit flaky. I'm hopeful that they can work the kinks out as that's a pretty essential feature to many people used to Signal's E2EE calls. They have proven that they can build out and improve the app rapidly over the past year that I have been a SimpleX user, and I don't expect that to change!
I'll be sure to come back and update this blog post as issues are resolved, so be sure to check back in here or follow their blog to get the latest news on updates.
We at Freedom.Tech have found SimpleX Chat to be a fantastic tool, and it’s rapidly becoming a go-to in the privacy and security communities. The attention to detail, emphasis on accessible user interface and user experience, and the combination of many of our favorite features from other chat apps alongside new ones makes it an invaluable tool. In addition, the lack of a requirement for a phone number (looking at you, Signal!) and the ability to use multiple chat profiles alongside pseudonyms makes it a perfect fit for those who need the ability to protect their communications.
Free and un-surveilled speech is absolutely vital to the cause of true democracy, cryptoanarchy, and freedom across the globe, and we’re grateful that SimpleX is making that more approachable and powerful. In particular, SimpleX can be an excellent way to communicate tips to journalists anonymously, speak out against repressive governments in private group chats, or coordinate protests.
Try out SimpleX Chat
We’d love to hear more from you all about SimpleX, and give those who haven’t used it yet a chance to try it out. Feel free to connect to us using the QR code below (or simply tap it on mobile) to chat!
Join the Conversation
If this post has sparked an idea or motivated you to get involved, there is no better next step then to join the conversation here at freedom.tech! Subscribers can jump straight into the comments below, or you can join our community SimpleX or Signal groups:
If you have feedback for this post, have something you'd like to write about on freedom.tech, or simply want to get in touch, you can find all of our contact info here: