CoyIM compared to other chat clients

Feb 17, 2022

The CoyIM team is getting ready to release version 0.4 of CoyIM. This is our largest release ever and we are very proud of it. A lot of work has gone in to improve and polish this program. Our hope is that many new people will find out about CoyIM and be interested in trying it out. But a normal question as part of this is how CoyIM is different from other chat clients out there. So in this article we want to provide some short and specific differences between CoyIM and some of the most well known alternatives. Of course, there are hundreds of chat clients out there, and we would never be able to cover them all. And most clients have a huge amount of differences from each other - and it wouldn’t really be useful for anyone if we tried to write up all these differences. So instead, we will try to only cover the most important differences according to the aspects that we as the CoyIM developers find the most important. While reading this, it is useful to remember that CoyIM was not created to be a general purpose messenger that can do anything and everything. We want CoyIM to first and foremost be a secure messenger. So the biggest difference compared to all of the alternatives in this list is one based on features and philosophy. All of these clients have more features than CoyIM. And all of them are focused on gaining more users by adding more features. So if you only want the biggest difference, this is it. Otherwise, let’s jump in and look at some specific examples. These come in no particular order.

WhatsApp

On the surface, the most important difference between CoyIM and WhatsApp is that WhatsApp is primarily for mobile phones, while CoyIM only runs on desktops. WhatsApp does have support for a desktop client that uses your mobile phone account. The technology used for this desktop version uses browser technologies that make it easy to create an attractive experience, but also leads to a large attack surface. CoyIM is written without use of these technologies to reduce the risk. Outside of this, there are a few major aspects between CoyIM and WhatsApp that radically impact the security. First, WhatsApp is proprietary. This means that we can’t inspect the source code and we have no way of knowing what it actually is doing. We don’t know whether it implements things correctly, whether it has back doors or other security problems, and we don’t know what else it can do. WhatsApp is owned by Meta (the company formerly known as Facebook), and the closed nature of the product makes it hard to feel comfortable in trusting the application for anything sensitive.

WhatsApp does use end-to-end encryption for all messages. Or, it says that it does. We don’t actually know, because we can’t see the source. There might exist ways in the application to turn off or weaken this encryption, which we can’t see. The end-to-end encryption that WhatsApp uses is based on the Signal protocol which in general is very good. There have been some minor problems relating to deniability, but nothing major. The cryptographic algorithms used in this protocol are actually stronger than what is used in the version of OTR that CoyIM uses. WhatsApp also allows users to verify their contacts if they want. All of this is good. Sadly, all of this work is diminished by the fact that WhatsApp will log all your messages and often insist that you turn on backups of these logs. These backups are not encrypted, which means that WhatsApp will still have access to all your messages if you turn this on.

WhatsApp is a centralized system, which relies on phone numbers for accounts. In comparison, CoyIM uses accounts where the name can be almost anything. You can create accounts on different servers and still talk inbetween them. And you can have more than one account on the same machine. What this means is that in order to talk to someone with WhatsApp you have to reveal your phone number. It also means that the WhatsApp servers are a single point of failure. In comparison, with CoyIM you can create a completely anonymous account for talking to someone, and you won’t have to reveal any personal information with this account. And since XMPP is federated, even if some servers go down, you will still be able to chat using CoyIM - assuming that your own server and the server of your contact is still available. CoyIM and XMPP does not have a single point of failure. Finally, related to anonymity - using Tor on a mobile phone is not very easy, and it’s not clear whether it’s even possible to run WhatsApp over Tor. That means the WhatsApp servers will always know your IP address and your phone number.

In summary, even though WhatsApp has end-to-end encryption, the other aspects of the chat client means that WhatsApp does not protect you in any meaningful way, while CoyIM does the opposite.

Signal

Out of all the mobile phone messaging applications, Signal is the one we would recommend if you have to use a mobile phone. Just as WhatsApp, it uses the Signal protocol for end-to-end encryption, but in comparison, it is open source, which means we can be reasonably comfortable that the encryption does what we think it should do. In Signal, there doesn’t exist a way to send messages unprotected, which is great. On the other hand, just as with WhatsApp, Signal does require a phone number for an account, and the infrastructure for Signal is also centralized. This leads to the same problems as with WhatsApp, which CoyIM in comparison does not have.

Signal started out being very focused on the security of the experience, but over time more and more features have been added that sometimes make us uncomfortable. The last big one was support for a crypto-currency inside of the application. While this might be useful in some situations, adding this kind of complexity to the chat application means that using the application gets more and more risky.

When comparing to CoyIM, the most important differences relates to Signal being a mobile application while CoyIM is for desktops. Secondly, Signal uses phone numbers for accounts, while CoyIM supports any kind of XMPP account - and you can use as many accounts as you want inside one application. And finally, Signal is centralized while CoyIM is federated, meaning that Signal has a single point of failure that CoyIM doesn’t have.

Telegram

When it comes to mobile applications to be wary of, Telegram is at the top of the list. It shares many fundamental problems with WhatsApp and Signal - most importantly being that it is centralized, and that it requires a phone number as an account identifier. And while the mobile application itself is open source, the server side infrastructure is not. And while all these are problems, the biggest issue with Telegram is really that it is not end-to-end encrypted by default. This is something quite surprising to many people. For some reason, the idea that Telegram is encrypted is a very common misconception. Telegram does have support for end-to-end encryption with your contacts, but it’s not turned on. You have to manually turn it on for each person you want to talk with securely. And worse, Telegram doesn’t use an established protocol for this encryption. Instead, the developers came up with their own protocol. And while this protocol doesn’t have any obvious issues, the design of it is strange, in a way that makes cryptographers quite uncomfortable.

So, while CoyIM is fully open source, only parts of Telegram are open. CoyIM allows you to create any kind of XMPP account and use more than one, while Telegram is restricted to one account based on the phone number. As mentioned above, CoyIM is federated and does not have a single point of failure, while Telegram is completely centralized. Finally, CoyIM uses a well-established protocol for end-to-end encryption, which is turned on for every conversation by default, while Telegram uses a strange homegrown protocol, and only when you explicitly turn it on - otherwise the content is completely unprotected.

Pidgin

Out of all the options in this comparison, Pidgin is probably ony of the closest options you can get to CoyIM. In fact, as we described in another article, problems with Pidgin were exactly what lead to the creation of CoyIM. Pidgin is a desktop program with support for all major platforms. And also as CoyIM, Pidgin allows you to use XMPP for your accounts. And you can install a plugin to support OTR for end-to-end encryption. You can also configure Pidgin to run over Tor. And finally, Pidgin is open source, just as CoyIM. From these perspectives, it might look like Pidgin and CoyIM are very similar. But there exists some important differences. As you can see from the above, all the different security measures that CoyIM provides out-of-the-box are things you will have to install and configure yourself with Pidgin. This means that by default, users will have very low security, unless they manage this situation themselves.

The other big difference is in the implementation choices. Pidgin is a fairly large C program. It supports a huge amount of functionality, and it has a plugin system. This leads to a large amount of complexity, and also an increased attack surface. This was really the main reason why CoyIM is something that had to be written from scratch, instead of just changing Pidgin a little bit.

In summary, Pidgin has many similarities in what is ultimately possible, but the difference here is that you’ll have to make those choices yourself. And even if you make the correct choices in all possible places, Pidgin is written in a fundamentally insecure environment and with a philosopgy that leads to a huge attack surface.

Gajim

In many ways, Gajim is similar to both CoyIM and Pidgin. It runs on all the major platforms. It is open source. And it allows you to use XMPP. Several years ago, Gajim had support for end-to-end encryption using OTR, but this support has now been removed. Instead, Gajim supports two other technologies for end-to-end encryption. One of these is openpgp, which reuses protocols for email encryption in a chat environment. And while this might work, it also has some issues. In practice, it is not used by a large amount of people. The other alternative is called OMEMO, which is based on the Signal protocol. The encryption in this protocol is stronger, but once again, the protocol has some design issues which to the CoyIM developers seem questionable. For this reason, we choose OTR instead of OMEMO.

Gajim is written in Python, which is a memory safe language - just as Golang is (which is the language CoyIM is written in). That means that it is certainly a safer application than Pidgin, since many of the security issues are simply not possible. On the other hand, Gajim has a similar philoshopy to Pidgin in terms of functionality. Gajim supports several different communication protocols, and many other features. It is a general purpose messenger, not one with a security focus. And you might wonder about the support for several different end-to-end encryption protocols. This is managed using a plugin system. Which once again mean that the user has to make the choice, and configure things before they have a secure setup.

Just as in the comparison with Pidgin, this lack of security by default, and a focus on adding more features, are the two biggest differences in comparison with CoyIM. In addition to that, the choice of encryption systems is also different. Just as with Pidgin, you can configure Gajim to use Tor, but it doesn’t happen by default.

Matrix / Element / Riot

In later years, Matrix has become one of the largest replacements for XMPP out there. Several clients exists for different platforms, including mobile applications. And while Matrix is primarily focused on group chat of different kinds, it does also support one-to-one conversations. In general, Matrix is an open protocol. It is decentralized. The implementations are mostly open source, and it’s available for all major platforms. Finally, you can use Tor with the regular clients, just as you can with CoyIM. The big difference is that once again you have to configure it yourself.

Matrix does support end-to-end encryption. The protocol is based on the Signal protocol, and there are some innovative improvements in how you can verify your peers. All good in theory. In practice, our team has never been able to get it working well. Over and over there are synchronization problems and other issues that lead to unreadable messages and full resets of cryptographic keys. We have even seen worse things. This means that for us, the encryption has basically been too problematic to use.

The main desktop client for Matrix is based on web technology, just as some of the earlier options. This brings in a lot of complexity and an increase in attack surface. Finally, Matrix clients tend to add a lot of support for various optional things, in order to provide a better user experience. This also increases the attack surface. And while it would certainly be possible to build a new client for Matrix without these problems, the current ecosystem seems more focused on attracting users than to build from a secure-by-default foundation.

In summary, while in theory the Matrix end-to-end encryption should be as good or even better than what CoyIM issues, in practice we have seen many issues with the implementations, making it almost useless. The implementation choices once again emphasizes features instead of security, and that’s also seen in the choice of implementation technology. Finally, some security options are available, and you can make it more secure - but this is something the user has to manage.

Slack

In general, Slack is quite different from CoyIM. It’s mostly focused on channels containing groups of people. It runs on all the major platforms, both desktop and mobile phone. But fundamentally, it serves a very different need than CoyIM. On top of that, it is not open source. It is centralized. And it does not use end-to-end encryption. For all these reasons, it’s not really possible to make a closer comparison between Slack and CoyIM. Almost every aspect is different between the two.

Facebook Messenger

One of the most common ways that people communicat is through Facebook. Facebook allows you to send messages directly through the Facebook website, but also through the Facebook Messenger mobile application. You can send Facebook messages on the desktop using the website. Facebook and Facebook Messenger are both proprietary and closed. By default, they don’t use any kind of end-to-end encryption either, although an optional feature to use it is available. Facebook is centralized and its servers are a single point of failure. Facebook is also specific about their accounts - in theory you are not allowed to create anonymous or pseudonomous users. In practice, some people still do this, but it can lead to problems of various kinds, including the closure of the account. For these reasons, you can’t really communicate in an anonymous way using this technology.

In comparison with CoyIM, Facebook and Facebook Messenger are not end-to-end encrypted by default. They are closed, while CoyIM is open. It has a single point of failure, while CoyIM does not. Finally, anonymous or private accounts are not really possible with Facebook, while CoyIM makes it very easy.

Skype

You might remember that Skype was one of the earliest voice-calling applications. It is still one of the best options out there for calling from a computer to a regular phone number. But Skype also allows you to chat, which is why it’s included in this list of comparisons. As many other of the options on this list, Skype is clsoed source. It is also privately owned and managed by one company (Microsoft). For this reason, it is a centralized system. One of the benefits of Skype is that it allows you to create user accounts with any kind of name, although Microsoft might ask for more information when creating the account. However, compared to some of the other closed systems, it might still be possible to use Skype for private accounts. Up until very recently, Skype did not support end-to-end encryption, but this was finally added in the end of 2018, by using the Signal protocol. However, just as with many other alternatives, you have to turn it on. And since the clients are closed source, it is not possible to verify that it is done correctly and without back doors.

In summary, most of the negatives in comparison with CoyIM are very similar to many of the earlier comparisons. The only thing that makes Skype slightly better is the potential for creating users in a slightly more anonymous way, but even this is not as powerful as CoyIM where new anonymous accounts are just a few clicks away.

Summary

Most alternatives out there are centralized and proprietary. CoyIM is open and federated, meaning that we don’t have a central point of failure. It also means that you if you want, you can verify that CoyIM does exactly what it’s supposed to do. Because CoyIM is federated, there are no restrictions on the kinds of accounts you can create. It is completely open for you to make a hundred different anonymous users for communicating with all your friends.

In the case of the closest alternatives to CoyIM, the biggest difference is found in the implementation philosophy which leads to a large amount of features, lots of code complexity and a huge attack surface, while at the same time forcing the user to make the decisions on how to improve their security, instead of just defaulting to the most secure behavior.

As CoyIM has existed for 7 years at the time of writing, and the 0.4 release is coming soon, it is still clear that the alternatives out there simply can’t protect you as well as CoyIM. We really wish that this would be different - we would like there to be many applications out there with the same philosophy as us, since that would mean everyone would be better protected. But so far, this doesn’t seem to be the case.