即時通訊軟體

防護下列威脅：

• 被動攻擊
• 服務提供商
• 大規模監控
• 監控資本主義

These recommendations for encrypted real-time communication are great for securing your sensitive communications. These instant messengers come in the form of many types of communication networks.

Video: It's time to stop using SMS

Signal

Signal 是由Signal Messenger LLC開發的行動應用程式。 The app provides instant messaging and calls secured with the Signal protocol, an extremely secure encryption protocol which supports forward secrecy² and post-compromise security.³

Homepage

下載

• Google Play
• App Store
• GitHub
• Android
• Windows
• macOS
• Linux

Signal requires your phone number for registration, however you should create a username to hide your phone number from your contacts:

1. 在 Signal 中，打開應用程式的設定並點擊上方的帳戶個人資料。
2. 點選使用者名稱，然後在「設定您的 Signal 使用者名稱」畫面上選擇繼續。
3. 輸入一個使用者名稱 Your username will always be paired with a unique set of digits to keep your username unique and prevent people from guessing it. For example if you enter "John" your username might end up being @john.35. 根據預設設定，當您建立使用者名稱時，只有 2 位數字會與使用者名稱配對，但您可以增加更多位數，直到達到使用者名稱的長度限制 (32 個字元)。
4. 返回系統應用程式設定頁面並選擇隱私權。
5. Select Phone Number.
6. Change the Who Can See My Number setting to Nobody.
7. (Optional) Change the Who Can Find Me By Number setting to Nobody as well, if you want to prevent people who already have your phone number from discovering your Signal account/username

We have some additional tips on configuring and hardening your Signal installation:

Signal Configuration and Hardening

Contact lists on Signal are encrypted using your Signal PIN and the server does not have access to them. Personal profiles are also encrypted and only shared with contacts you chat with.

Signal supports private groups, where the server has no record of your group memberships, group titles, group avatars, or group attributes. Signal has minimal metadata when Sealed Sender is enabled. The sender address is encrypted along with the message body, and only the recipient address is visible to the server. Sealed Sender is only enabled for people in your contacts list, but can be enabled for all recipients with the increased risk of receiving spam.

The protocol was independently audited in 2016. The specification for the Signal protocol can be found in their documentation.

Molly (Android)

If you use Android and your threat model requires protecting against Targeted Attacks you may consider using this alternative app, which features a number of security and usability improvements, to access the Signal network.

Molly 是 Android 的替代 Signal 用戶端，可讓您使用密碼加密本機資料庫、安全地刪除未使用的 RAM 資料、透過 Tor 路由連線；除此之外，還有 許多。 It also has usability improvements including scheduled backups, automatic locking, and the ability to use your Android phone as a linked device instead of the primary device for a Signal account.

首頁

下載

• F-Droid
• Accrescent
• GitHub

Molly is updated every two weeks to include the latest features and bug fixes from Signal. The exception is security issues, which are patched as soon as possible. That said, you should be aware that there might be a slight delay compared to upstream, which may affect actions such as migrating from Signal to Molly.

Note that you are trusting multiple parties by using Molly, as you now need to trust the Signal team and the Molly team to deliver safe and timely updates.

Molly-FOSS is a version of Molly which removes proprietary code like the Google services used by both Signal and Molly at the expense of some features (like battery-saving push notifications via Google Play Services). You can set up push notifications without Google Play Services in either version of Molly with UnifiedPush. Using this notification delivery method requires access to a MollySocket server, but you can choose a public MollySocket instance for this.¹

Both versions of Molly provide the same security improvements and support reproducible builds, meaning it's possible to confirm that the compiled APKs match the source code.

SimpleX Chat

SimpleX Chat is an instant messenger that doesn't depend on any unique identifiers such as phone numbers or usernames. 其分佈式網路使 SimpleX Chat 成為對抗 審查 的有效工具。

首頁

下載

• Google Play
• App Store
• GitHub
• Windows
• macOS
• Linux

SimpleX Chat provides direct messaging, group chats, and E2EE calls secured with the SimpleX Messaging Protocol, which uses double ratchet encryption with quantum resistance. Additionally, SimpleX Chat provides metadata protection by using unidirectional "simplex queues" to deliver messages.

To participate in conversations on SimpleX Chat, you must scan a QR code or click an invite link. This allows you to verify a contact out-of-band, which protects against man-in-the-middle attacks by network providers. Your data can be exported and imported onto another device, as there are no central servers where this is backed up.

You can find a full list of the privacy and security features implemented in SimpleX Chat in the app's repository.

SimpleX Chat was independently audited in July 2024 and in October 2022.

Briar

Briar is an encrypted instant messenger that connects to other clients using the Tor network, making it an effective tool at circumventing Censorship. Briar 還可以使用鄰近 Wi-Fi 或藍牙連接。 當無法使用網際網路時， Briar 的本地網格（mesh）模式可能很有用。

Homepage

下載

• Google Play
• Windows
• Linux
• Flathub

To add a contact on Briar, you must both add each other first. You can either exchange briar:// links or scan a contact’s QR code if they are nearby.

Briar has a fully published specification. Briar supports forward secrecy² by using the Bramble Handshake and Transport protocol.

The client software was independently audited, and the anonymous routing protocol uses the Tor network which has also been audited.

標準

請注意，我們與推薦的任何項目均無關。除了我們的通用標準外，我們還制定了一套明確的要求，以便我們能夠提供客觀的建議。 我們建議您在選擇使用項目之前先熟悉此列表，並進行自己的研究，以確保它是您的正確選擇。

最低合格要求

• Must have open-source clients.
• Must not require sharing personal identifiers (particularly phone numbers or emails) with contacts.
• Must use E2EE for private messages by default.
• Must support E2EE for all messages.
• Must support forward secrecy²
• 必須由信譽良好的獨立第三方進行公開審核。

最佳情況

最佳情況標準代表我們希望在這個類別的完美項目的應具備的特性。 推薦產品可能沒有此功能，但若有這些功能則會讓排名更為提高。

• Should support future secrecy (post-compromise security)³
• Should have open-source servers.
• Should use a decentralized network, i.e. federated or P2P.
• Should use E2EE for all messages by default.
• Should support Linux, macOS, Windows, Android, and iOS.

[PWAs]： 漸進式網路應用程式 [WKD]： 網頁鑰匙目錄

---

1. You may refer to this step-by-step tutorial in German on how to set up UnifiedPush as the notification provider for Molly: https://kuketz-blog.de/messenger-wechsel-von-signal-zu-molly-unifiedpush-mollysocket-ntfy. ↩

2. Forward secrecy is where keys are rotated very frequently, so that if the current encryption key is compromised, it does not expose past messages as well. ↩↩↩

3. Future secrecy (or post-compromise security) is a feature where an attacker is prevented from decrypting future messages after compromising a private key, unless they compromise more session keys in the future as well. This effectively forces the attacker to intercept all communication between parties since they lose access as soon as a key exchange occurs that is not intercepted. ↩↩

您正在查看 Privacy Guides 的 正體中文 版本，由我們在 Crowdin 上出色的團隊翻譯。如果您發現錯誤，或在此頁面上看到任何未翻譯的部分，請考慮提供幫助！ 訪問 Crowdin

You're viewing the 正體中文 copy of Privacy Guides, translated by our fantastic language team on Crowdin. If you notice an error, or see any untranslated sections on this page, please consider helping out!