On a side note, I was just recommending Telegram as alternative to WhatsApp (but I did mention that we need to enable Private chats for E2E). It is definitely not an ideal UX.
As mentioned in a comment to one of your posts, the GNUnet people have probably gone the furthest in the quest to obfuscate metadata. Unfortunately, to this day no usable messenger application has come out of this, partially because GNUnet has largely been a research project.
As for applications in use today that address the metadata problem, have a look at Signal's Sealed Sender feature: https://signal.org/blog/sealed-sender/
As for recommending Telegram for secure messages, I side with the sibling comments ("Don't").
Since you seem to focus on decentralized protocols, I should add: In practice, while we all like federated and p2p apps for the freedoms & this warm fuzzy feeling they provide us with, by default they tend to have a much greater attack surface when it comes to metadata. This is because, compared to a centralized approach, metadata is openly available to far more parties. As a result, 3-letter agencies often won't even need a warrant to get their hands on the metadata: They can simply run traffic analysis and/or participate in the network themselves.
> I was just recommending Telegram as alternative to WhatsApp
If you care about privacy and security, please don't. Defaults matter, and private chats are effectively unusable for anyone using more than one device or needing group chats. And that's not even considering their strange home-baked cryptography.
I am recommending both. The problem is that Signal (which I use along with the other messaging apps) is that it is not feature rich as the other 2 and Signal is not popular so ppl download it just to interact with one person (Me) whereas Telegram has more user base.
Well you hating on a feature you don't have to use doesn't affect my opinion about the well thought out security design around the rest of the application. I have zero sympathy for the distributed Ponzi scheme that is cryptocurrency, but nothing in Signal has gotten worse with the feature.
I don't care for crypto bullshit, and I was not too happy to hear that Signal joined that party, but it turns out you don't run into this as a Signal user if you are not specifically looking into it.
I don't believe they lost any credibility with this, I thing people don't know about it for the most part, or don't care for the majority of the remaining part.
Is Session's also good? They had this cryptobro stuff from the beginning so I never paid attention despite their claims that security is on par with Signal and the like (probably not the SGX and sealed sender bits, but the message contents encryption). Nobody ever talks about it but yesterday they apparently got a million users. Makes me wonder whether to start paying attention
For metadata you first want to remove the obvious identifiers, phone numbers, names. You'd want to use something like anonymous@jabbim.pl for your IM account.
Next, you'd want to eliminate the IP-addresses from server, so you'd want to connect exclusively through Tor. So you'd set the IM client proxy settings to SOCKS5 localhost:9150 and run Tor client to force your client to connect that way. This is error-prone and stupid but let's roll with it for a second.
Now jabbim.pl won't be able to know who you are, but unless you registered your XMPP account without Tor Browser, you're SoL, they already know your IP.
A better strategy is to use a Tor Onion Service based XMPP server, say
4sci35xrhp2d45gbm3qpta7ogfedonuw2mucmc36jxemucd7fmgzj3ad.onion (not a real one), and you'd register to it via IM client. Now you can't connect to the domain without Tor, so misconfiguring can't really hurt.
So that covers name and IP. We'll assume the content was already end-to-end encypted so that leaks no data.
Next, we want to hide the social graph, and that requires getting rid of the server. After all, a server requires you to always route your messages through it and the service can see this account talks to this account, then to these ten accounts, and ten minutes later, those ten accounts talk to ten accounts. That sounds like a command structure.
So for that you want to get rid of the server entirely, which means going peer-to-peer. Stuff like Tox isn't Tor-only so you shouldn't use them.
For Tor-only p2p messaging, there's a few options
https://cwtch.im/ by Sarah Jamie Lewis (great, really usable, beautiful)
https://briarproject.org/ (almost as great, lots of interesting features like forums and blogs inside Tor)
>On a side note, I was just recommending Telegram as alternative to WhatsApp
Don't. Telegram and WhatsApp both leak meatadata, but WhatsApp is always end-to-end encrypted. Telegram is practically never end-to-end encrypted. I'd use WhatsApp over Telegram any day. But given that unlike WhatsApp, Signal is open source so you know the encryption works as advertised, it's the best everyday platform. The metadata free ones I listed above are for people in more precarious situations, but I'm sure a whistleblower is mostly safe when contacting journalists over Signal. Dissidents and activists might find Cwtch the best option however.
I was recently very curious about this question and asked similar ones here:
https://news.ycombinator.com/item?id=41267877
https://news.ycombinator.com/item?id=41270863
On a side note, I was just recommending Telegram as alternative to WhatsApp (but I did mention that we need to enable Private chats for E2E). It is definitely not an ideal UX.
https://barac.at/essays/on-leaving-meta