Use a good messenger like SimpleX. Session has some cons like no perfect forward secrecy, but we give them extra props for being honest about that. Signal is the best mainstream choice by us but Molly is a hardened fork we suggest to users above it. You can get Molly via Accrescent app store which is in the GrapheneOS App Store, so there is a chain of trust between GrapheneOS and Molly. The phone number requirement is a con, but Molly allows running multiple devices on one account so you could even register the number on one device, move to a WiFi-only device and never use the number again.
Perfect Forward Secrecy means that even if an attacker gets the messages and later compromises your device to get the main decryption keys, they can't get the messages which no longer have the session keys on your device. Having messages stored on a server inherently is not a major issue providing it is encrypted, though usually most messengers don't anyway which is favorable. Session not having PFS is a flaw in this front.
The messenger needs an OS that is secure and up to date. The hardware also needs to be secure and receive patches. Desktop OSes like Windows and many Linux distributions are worse overall since they don't forcibly sandbox apps. Any other app can just access the data of your messaging app quite easily on these platforms. Assess if needing to share your messages to other devices like desktops are necessary before you choose to do it.
When using something like a messenger there is always the potential of a sophisticated threat having an exploit for it, the same way people do via Telegram, WhatsApp or others because the app is popular. A secure OS can prevent an exploitation of an app that may work on another OS. GrapheneOS using hardened_malloc, MTE, and other exploit mitigations is a huge help with this because some exploits or exploited apps will crash or not work. We have discovered vulnerabilities in OS components like Bluetooth because of our exploit mitigations crashing when there is bugs on certain Bluetooth devices.
Assure the person you speak to on the other end is also following good security practices. You are only as secure as the least secure person in a group. Don't contact people you don't know that well. Don't click links or open attachments to people you don't know or trust enough. You rely on trusting each person you message to be as honest as you are. If you are very high risk, people may choose to just have a separate device for that purpose too. If you're using something like Telegram or Discord, assume everything you said will be kept and seen by anyone. They are more like public forums than private one-to-one messaging.
High risk GrapheneOS users or those with physical device access as a risk can specifically look at this:
quotingThese details should tell you that if you consider these types of groups (sophisticated adversaries with limitless physical access) as a part of your threat model, then you should:
nevent1q…6ltz
- Use the most recent phone you possibly can
- Upgrade your phone to the newest possible generation as soon as possible after release if you can help it.
- Use the latest version of GrapheneOS ASAP. Do not delay.
- Use a strong, high entropy passphrase to make bruteforcing the device credential impossible if secure element is ever exploited.
- Set GrapheneOS auto reboot time accordingly so encrypted data goes back at rest when the phone reboots, which makes AFU exploitation impossible. The lower the better.
- Enable duress password. Set it to something easy to trigger but not easy to misfire.
- Turn your phone off in a high risk situation, and trigger duress when in a duress situation.
- Disable your radios when not using them (turn off Wi-Fi, use airplane mode, disable NFC, UWB etc.) for attack surface reduction.
- Set an appropriate USB port control or disable the USB port so they aren't able to connect a device to it.
- Use user profiles (application data and user files within profiles are stored encrypted with separate credentials).
- Enable upcoming GrapheneOS security features like second factor authentication unlock when they come out.
- Communicate only over secure messaging. Some apps like Molly (Signal fork) have features to encrypt the app storage with a passphrase, which access to that app's data impossible even when a profile is compromised providing the passphrase is secure enough.
- Become disassociated to data. Learn to only keep files or other data as long as it is necessary. If you have no use for them for a long time, then back it up elsewhere, encrypted. Delete anything you don't have a use for in the present. Your data is not your memories.
- Remember that you are only as secure as the people you trust. If they do not meet your safety or security requirements, don't enable them to do things that could cause trouble.
nevent1q…af3p