Signal and Session: Comparing Two Privacy-Focused Messaging Apps

For secure messaging, Signal and Session are two prominent options. This post compares the two apps, focusing on features, privacy measures, and how they handle metadata.

Signal Messaging App

Signal is an end-to-end encrypted messaging app that prioritizes user privacy. It offers a range of features while minimizing data collection[3].

Key features of Signal:

• End-to-end encryption for messages, voice calls, and video calls
• Group chats and voice calls (up to 40 participants)
• Disappearing messages
• Screen lock
• Message scheduling (on Android)
• Customizable chat colors and themes

Signal's approach to metadata:

Signal collects minimal metadata. The only information retained is the phone number used for registration, the date of initial registration, and the date of last use[5]. With the "sealed sender" feature, Signal further reduces metadata by concealing the sender's identifier[32].

Download Signal:

• iOS: https://apps.apple.com/us/app/signal-private-messenger/id874139669
• Android: https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms

Session Messaging App

Session is a decentralized messaging app that focuses on anonymity and metadata protection[4].

Key features of Session:

• End-to-end encryption
• No phone number or email required for registration
• Onion routing for enhanced privacy
• Group chats (up to 100 participants)
• Voice messages
• File attachments

Session's approach to metadata: 

Session uses onion routing to minimize metadata collection. It doesn't require personal information for account creation and doesn't store user data on centralized servers[6][15].

Download Session:

• iOS: https://apps.apple.com/us/app/session-private-messenger/id1470168868
• Android: https://play.google.com/store/apps/details?id=network.loki.messenger

Feature Comparison

Decentralization and Privacy

Session's decentralized network improves privacy in several ways:

1. No central point of failure: Decentralization eliminates the risk of a single point of compromise, making it harder for attackers to access user data[33].

2. Reduced data collection: Without a central authority, there's less opportunity for large-scale data collection and analysis[33].

3. User control: Decentralization gives users more control over their data, allowing them to choose what information to share and with whom[33].

4. Improved anonymity: By using onion routing, Session makes it difficult to trace messages back to their origin, enhancing user anonymity[4].

5. Resilience: A decentralized network is more resistant to censorship and service disruptions[27].

Conclusion

Both Signal and Session offer strong privacy protections, but they take different approaches. Signal focuses on minimizing data collection within a centralized system, while Session leverages decentralization to enhance anonymity. The choice between the two depends on individual privacy needs and preferences.

References:

[1] https://signal.org
[2] https://getsession.org
[3] https://en.wikipedia.org/wiki/Signal_(software)
[4] https://cyberinsider.com/secure-encrypted-messaging-apps/session/
[5] https://www.reddit.com/r/signal/comments/exd92f/what_kind_of_usermessage_metadata_is_observed_and/
[6] https://www.privacyaffairs.com/session-app/
[7] https://blog.unmarshal.io/unlocking-the-future-why-decentralized-data-networks-are-essential-for-privacy-security-and-user-7b3630b8aa21?gi=70cee46d0b6a
[8] https://beebom.com/best-useful-features-signal-app/
[9] https://thehackernews.com/2018/10/signal-secure-messaging-metadata.html
[10] https://blockapps.net/blog/enhancing-digital-security-and-user-privacy-with-web3/
[11] https://www.pcmag.com/reviews/session
[12] https://support.signal.org/hc/en-us/sections/360001602792-Signal-Messenger-Features
[13] https://apps.apple.com/us/app/session-private-messenger/id1470168868
[14] https://signal.org/blog/new-features-fall-2023/
[15] https://www.privacyaffairs.com/session-app/
[16] https://x.com/signalapp?lang=en
[17] https://getsession.org/faq
[18] https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms&hl=en_US
[19] https://en.wikipedia.org/wiki/Session_(software)
[20] https://mashable.com/article/what-is-signal-app
[21] https://play.google.com/store/apps/details?id=network.loki.messenger&hl=en_US
[22] https://signal.org/blog/sealed-sender/
[23] https://www.youtube.com/watch?v=oa_7lgeKV_E
[24] https://discuss.privacyguides.net/t/metadata-in-signal-pictures/13809
[25] https://cyberinsider.com/secure-encrypted-messaging-apps/session/
[26] https://discuss.techlore.tech/t/questions-about-metadata-in-messengers/2545
[27] https://getsession.org
[28] https://freedom.press/digisec/blog/metadata-102/
[29] https://www.zdnet.com/article/this-new-fully-encrypted-messenger-app-is-serious-about-privacy/
[30] https://crypto.stackexchange.com/questions/110903/can-we-be-certain-that-signal-doesnt-log-metadata-e-g-message-graphs
[31] https://sessionapp.zendesk.com/hc/en-us/articles/4439032171033-Does-Session-strip-metadata-from-my-attachments
[32] https://en.wikipedia.org/wiki/Signal_Protocol
[33] https://www.datasciencecentral.com/how-decentralized-apps-can-help-businesses-improve-data-security-and-privacy/
[34] https://starkware.co/blog/how-could-blockchain-enhance-data-privacy/