Secure Tool Comparison: Signal v. Wire

TL;DR: Wire doesn’t make you use your phone number as your identifier, which is huge IMO. But Signal has the best security track record and doesn’t store your contacts on its servers, unlike Wire.

Somewhat longer version:

Signal

Pros

  1. Best security track record of any encrypted messaging app, period (yay Moxie Marlinspike)

  2. Doesn’t store your contacts on their servers

  3. Employs perfect forward secrecy (PFS) with asynchronicity – 2 things we have wanted in messaging systems for a long time but never had

    • PGP allows for asynchronous, encrypted communications (usually via email)
    • OTR gave us PFS but only for synchronous mediums, normally instant messaging
    • Thank you Moxie and his design of the Signal protocol, previously called “Axolotl”
  4. Enables encrypted voice calls

  5. Code has been audited

Cons

  1. Uses your phone number as your identifier

    • Can’t receive Signal messages without handing out your phone number
  2. The Linux desktop version is increasingly shitty

    • It works on new Ubuntu installs and not so well elsewhere
  3. Voice calls only support up to 2 people

Wire

Pros

  1. Doesn’t use your phone number as an identifier, and in fact doesn’t even require that you hand over your phone number at all

  2. Also employs PFS + async messaging

    • Protocol directly inspired by Signal
  3. Supports encrypted voice calls between more than 2 people

  4. Code has been audited

Cons

  1. Stores your contacts, in plaintext, on their servers

  2. Security track record is pretty good, I believe, but not as good as Signal’s, which is close to perfect