Secure Messaging
Your text messages are not private.
SMS travels through your carrier unencrypted. They can read every message, store them indefinitely, and hand them to law enforcement without a warrant. WhatsApp claims “end-to-end encryption” but shares metadata with Facebook—who you talk to, when, how often, your location.
iMessage is better, but only between Apple devices, and iCloud backups often store your messages unencrypted on Apple’s servers.
Real privacy requires end-to-end encryption with open-source, audited software.
This week, you’ll set up Signal—the gold standard for secure messaging. You’ll understand what “end-to-end encryption” actually means and learn practices to protect your conversations.
Understanding Messaging Privacy
The Problem with SMS
SMS (Short Message Service) was designed in the 1980s with no security:
What your carrier sees:
- Every message you send and receive
- Phone numbers of all participants
- Timestamps of every message
- Your location when sending/receiving
What attackers can do:
- Intercept messages via SS7 attacks (carrier network vulnerabilities)
- SIM swap attacks to receive your messages
- Fake cell towers to capture SMS traffic
- Social engineer carriers to access accounts
SMS is surveillance infrastructure. Never use it for anything sensitive.
The Problem with WhatsApp
WhatsApp uses the Signal Protocol for message encryption—the content is protected. But WhatsApp is owned by Meta (Facebook), and they collect everything else:
What Meta collects:
- Who you message and when
- How often you communicate
- Group membership and dynamics
- Device information and IP addresses
- Contact lists and phone numbers
- Profile photos and status updates
This metadata reveals:
- Your social network
- Your daily patterns
- Your location history
- Your relationships and their strength
“We can’t read your messages” doesn’t mean “we don’t surveil you.”
The Problem with iMessage
iMessage is better than SMS and WhatsApp:
- End-to-end encrypted between Apple devices
- Apple claims they can’t read your messages
But:
- Only works Apple-to-Apple (falls back to SMS otherwise)
- iCloud backup stores messages unencrypted by default
- Apple has the keys if you use iCloud backup
- Closed source, can’t verify encryption claims
- Metadata available to Apple
If iCloud backup is enabled, your “encrypted” iMessages are stored on Apple’s servers in a way Apple (and law enforcement) can read.
What End-to-End Encryption Actually Means
True E2EE:
Alice's Device → [Encrypted Message] → Server → [Encrypted Message] → Bob's Device
↓
(Server sees: encrypted blob)
Only Alice and Bob can decrypt the message. The server operator (Signal, WhatsApp, whoever) cannot read the content.
But E2EE doesn’t hide:
- That you sent a message
- To whom you sent it
- When you sent it
- How large it was
- Your IP address (when connecting to server)
Metadata matters. “I know you called a suicide hotline at 2am for 30 minutes” doesn’t require reading the conversation.
Why Signal?
What Makes Signal Different
Signal is built for privacy from the ground up:
Open Source
- Client apps are fully open source
- Server code is open source
- Anyone can audit the code
- No hidden backdoors
Signal Protocol
- State-of-the-art encryption
- Forward secrecy (past messages safe if keys compromised)
- Post-compromise security (future messages safe after recovery)
- Used by WhatsApp, Google Messages, Facebook Messenger (but Signal does it best)
Minimal Metadata Collection
- Signal only stores: phone number, account creation date, last connection date
- No message logs, no contact lists, no group info on servers
- Proven in court: Signal literally can’t provide message content
Non-Profit Foundation
- Signal Foundation is a 501(c)(3) non-profit
- No advertising, no data mining, no surveillance business model
- Funded by donations and grants
- Mission-driven, not profit-driven
Disappearing Messages
- Messages auto-delete after set time
- Reduces data that can be seized or leaked
- Encourages ephemeral communication
Signal’s Track Record
Court-tested privacy:
In 2016, Signal received a subpoena for user data. Their response:
- “The only information Signal stores is the phone number, date of account creation, and date of last connection.”
- That’s all they could provide because that’s all they have.
Compare this to Telegram, which stores messages on their servers (not E2EE by default) and has handed data to authorities.
Signal vs Other “Secure” Apps
| App | E2EE by Default | Open Source | Metadata Collection | Business Model |
|---|---|---|---|---|
| Signal | ✅ Yes | ✅ Yes | Minimal | Non-profit donations |
| ✅ Yes | ❌ No | Extensive | Advertising/Meta | |
| Telegram | ❌ No* | Partial | Some | Unclear |
| iMessage | ✅ Yes** | ❌ No | Some | Device sales |
| SMS | ❌ No | N/A | Complete | Carrier fees |
*Telegram requires manually enabling “Secret Chats” for E2EE **iMessage only encrypted between Apple devices
Part 1: Installing Signal
On Your Phone (Primary Device)
Signal requires a phone number to register. This is a trade-off:
- Pro: Easy to find contacts, prevents spam accounts
- Con: Links your identity to a phone number
On Android:
- Open F-Droid (preferred) or Google Play Store
- Search for Signal
- Download Signal Messenger by Signal Foundation
- Open Signal
On iOS:
- Open App Store
- Search for Signal
- Download Signal - Private Messenger
- Open Signal
Register Your Account
- Enter your phone number
- Signal sends SMS verification code (or automated call)
- Enter the verification code
- Create a PIN (important for account recovery)
- Use something memorable
- Different from your phone unlock code
- Write it down and store securely
- Set your profile name (can be pseudonym, visible to contacts)
- Optionally add a profile photo
Enable Registration Lock
This prevents someone from re-registering your number (SIM swap attacks):
- Go to Settings (tap your profile icon)
- Tap Account
- Enable Registration Lock
- Your PIN is now required to register on a new device
Set a Screen Lock
Protect Signal when your phone is unlocked:
- Go to Settings → Privacy
- Enable Screen Lock
- Choose timeout (immediately, 1 minute, etc.)
- Signal now requires phone biometric/PIN to open
Part 2: Signal Desktop
Signal works on desktop, synced with your phone.
Install Signal Desktop on Linux Mint
Option 1: Official Repository (Recommended)
# Add Signal's signing key
wget -O- https://updates.signal.org/desktop/apt/keys.asc | gpg --dearmor > signal-desktop-keyring.gpg
sudo mv signal-desktop-keyring.gpg /usr/share/keyrings/
# Add Signal repository
echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main' | sudo tee /etc/apt/sources.list.d/signal-xenial.list
# Install Signal
sudo apt update
sudo apt install signal-desktop
Option 2: Flatpak
flatpak install flathub org.signal.Signal
Link Desktop to Phone
- Open Signal Desktop
- You’ll see a QR code
- On your phone:
- Open Signal → Settings → Linked Devices
- Tap Link a New Device
- Scan the QR code on your computer
- Desktop syncs your contacts and message history
Desktop Security Settings
- Click your profile icon → Preferences
- Under Privacy:
- Enable Hide Menu Bar Icon (optional, reduces visibility)
- Under Notifications:
- Set to Name Only or No Name or Message (prevents message preview on screen)
Part 3: Using Signal Securely
Disappearing Messages
Enable disappearing messages by default:
- Go to Settings → Privacy
- Tap Default Timer for New Chats
- Choose duration (1 week recommended for most conversations)
Now all new conversations will auto-delete messages after the set time.
Per-conversation settings:
- Open a conversation
- Tap contact name at top
- Tap Disappearing Messages
- Set custom timer for that conversation
Verify Safety Numbers
Signal uses “Safety Numbers” to verify you’re talking to the right person:
- Open a conversation
- Tap contact name → View Safety Number
- You’ll see a QR code and number string
- In person, both scan each other’s QR codes
- If they match, tap Verify
Why this matters:
- Prevents man-in-the-middle attacks
- Confirms you’re messaging the real person
- Warns you if their keys change (new device, or compromise)
Verify safety numbers for important contacts when you can meet in person.
Sealed Sender
Signal hides sender information from Signal’s servers:
- Go to Settings → Privacy
- Enable Sealed Sender (should be on by default)
- Enable Allow from Anyone if you want unknown contacts to use sealed sender
This means Signal’s servers don’t see who sent a message to whom.
Note to Self
Signal provides a “Note to Self” conversation:
- Syncs between your devices
- End-to-end encrypted
- Use for secure notes, links, files
Find it by searching for “Note to Self” in contacts.
Part 4: Signal Best Practices
Contact Management
Do:
- ✅ Verify safety numbers with important contacts
- ✅ Use profile names that contacts will recognize
- ✅ Keep your contacts list on Signal minimal
Don’t:
- ❌ Add everyone you know (signal metadata shows your social graph)
- ❌ Import entire phone contacts (unnecessary exposure)
- ❌ Use Signal for accounts you want anonymous (phone number links identity)
Group Chats
Signal Groups:
- End-to-end encrypted
- Admin controls for membership
- Group links for easy joining
Security considerations:
- Anyone in group sees all members’ phone numbers
- Group membership is stored encrypted on Signal servers
- Admin can see who’s in the group
For sensitive groups:
- Keep membership small
- Use disappearing messages
- Verify all members
Voice and Video Calls
Signal supports encrypted calls:
- In a conversation, tap phone icon (voice) or video icon
- Call is end-to-end encrypted
- Quality depends on internet connection
Group calls: Up to 40 participants, all encrypted
Verify call security:
- During call, both parties see same two-word code
- Read it aloud to verify no interception
Sharing Media
Photos and files sent through Signal:
- Encrypted in transit and at rest
- Can send with disappearing messages
- View-once photos available (auto-delete after viewing)
To send view-once photo:
- Attach photo
- Tap infinity icon → select View Once
- Recipient can only view it once
Part 5: Signal Limitations and Mitigations
Phone Number Requirement
Problem: Signal requires a phone number, linking your identity.
Mitigations:
- Use a separate number (prepaid SIM, VoIP)
- Use your real number but be aware of the trade-off
- Signal recently added username support (doesn’t eliminate phone requirement but allows hiding it)
Username feature (2024+):
- Settings → Account → Username
- Create a unique username
- Share username instead of phone number
- Phone number still required for registration
Metadata Still Exists
Problem: Signal minimizes metadata but can’t eliminate it entirely.
What Signal knows:
- Your phone number
- When you created account
- When you last connected
What your network knows:
- That you’re using Signal
- When you send/receive data
- How much data (approximate message count)
Mitigation:
- Use VPN/Tor to hide Signal usage from ISP
- Accept metadata limitations as trade-off for usability
Device Security
Problem: Signal is only as secure as your device.
If your phone is compromised:
- Attacker can read all messages
- Attacker can impersonate you
- Encryption doesn’t help
Mitigations:
- Keep device updated
- Use strong screen lock
- Don’t install untrusted apps
- Enable disappearing messages (limits exposure window)
Backup Security
Signal backups on Android:
- Can be encrypted with passphrase
- Stored locally on device
- Can be transferred to new device
Signal backups on iOS:
- No backup feature (by design)
- iCloud backup does NOT include Signal messages
- Must transfer via device-to-device
Do:
- Use encrypted backups on Android
- Understand that new devices start fresh on iOS (unless transferring)
Part 6: Beyond Signal
For Higher Threat Models
If phone number requirement is unacceptable, consider:
Session (Signal fork, no phone number):
- Uses Session ID instead of phone number
- Decentralized network
- Slightly less mature than Signal
- Trade-off: Less convenient, smaller network
Website: https://getsession.org/
Briar (no internet required):
- Peer-to-peer over Bluetooth/WiFi/Tor
- No central servers
- Works without internet
- Android only
Website: https://briarproject.org/
Matrix/Element (federated, optional phone):
- Decentralized like email
- Can self-host
- More complex
- E2EE available but less seamless
Website: https://element.io/
When to Use What
| Use Case | Best Tool |
|---|---|
| Daily messaging with contacts | Signal |
| Anonymous messaging | Session |
| High-risk journalism/activism | Briar + Signal |
| Team communication | Matrix/Element |
| Talking to people who won’t switch | Grudgingly, WhatsApp |
Privacy Checkpoint
Your messaging is now significantly more secure:
What changed:
- Conversations encrypted end-to-end
- Signal minimizes metadata collection
- Disappearing messages reduce data exposure
- No more SMS for sensitive topics
What you gained:
- Private conversations (content protected)
- Reduced metadata footprint
- Protection from carrier surveillance
- Encrypted voice/video calls
What you traded:
- Phone number linked to identity
- Need contacts to also use Signal
- Some metadata still exists
- Learning curve for new habits
Troubleshooting
Verification code not arriving
Try:
- Wait a few minutes (carrier delays)
- Request voice call instead of SMS
- Check if number is blocked in your country
- Try different phone number
Desktop won’t link
Check:
- Both devices on internet
- Phone Signal app is updated
- Try restarting both apps
- Unlink all devices and re-link
Messages not syncing to desktop
Normal behavior:
- Messages from before linking don’t sync
- Only new messages sync across devices
- Group history may not fully sync
Contact can’t verify my safety number
This means:
- One of you reinstalled Signal
- One of you changed devices
- Potential security concern
Action:
- Verify identity through another channel
- Re-verify safety numbers when able
Signal using too much battery
Mitigations:
- Settings → Notifications → ensure optimized delivery
- Check if Signal excluded from battery optimization
- Limit media auto-download over cellular
Going Further (Optional)
Molly (Hardened Signal Fork)
Molly is a Signal-compatible app with additional security:
- Database encryption (Signal stores unencrypted on device)
- Supports SOCKS proxy/Tor
- UnifiedPush support (no Google Play Services needed)
- Passphrase lock
Only for Android, available on F-Droid.
Website: https://molly.im/
Signal on GrapheneOS
GrapheneOS (hardened Android) + Signal provides:
- No Google Play Services dependency
- Sandboxed Google Play (optional)
- Enhanced OS-level security
- Recommended for high-risk users
Operational Security
For truly sensitive communications:
- Use dedicated device for Signal
- New phone number from prepaid SIM (cash purchased)
- Register Signal over VPN/Tor
- Never link to identity
- Use with disappearing messages always on
- Verify safety numbers obsessively
This is extreme but appropriate for journalists, activists, whistleblowers.
What’s Next
You now have end-to-end encrypted messaging with Signal. Next week, we’ll strengthen your account security with two-factor authentication—because a strong password isn’t enough when attackers can reset it via SMS.
Week 8 covers two-factor authentication with TOTP apps and hardware keys.
Summary
This week you:
- Learned why SMS, WhatsApp, and iMessage aren’t truly private
- Understood what end-to-end encryption does and doesn’t protect
- Installed Signal on phone and desktop
- Configured disappearing messages and screen lock
- Learned to verify safety numbers with important contacts
- Understood Signal’s limitations and trade-offs
Your conversations are now encrypted so that only you and your contacts can read them. Combined with encrypted email (Week 5) and hardened browser (Week 3), you’re becoming difficult to surveil. Next, we’ll add VPN protection to hide your network traffic.
💻 Ready for the command line? Cypherpunk 101 covers private messaging with
signal-cli, Matrix, OTR, and the metadata trade-offs in more depth: Cypherpunk 101 Week 6: Private Messaging, Encrypted Email & Metadata →