Threema–Secure Messaging Without Registering a Phone Number or Email Address

I had never heard of Threema before, but it popped up in a list of secure messenger applications that doesn’t require a phone number or email address.

HIGHEST ENCRYPTION STRENGTH

Threema end-to-end encrypts all your communication, including messages, voice calls, group chats, files and even status messages. Only the intended recipient, and nobody else, can read your messages. Threema uses the trusted open source NaCl cryptography library for encryption. The encryption keys are generated and safely stored on user’s’ devices to prevent backdoor access or copies.

. . .

FULL ANONYMITY

Each Threema user receives a random Threema ID for identification. A phone number or email address is not required to use Threema. This unique feature allows you to use Threema completely anonymously – no need to give up private information or to open an account.

It looks like the biggest concern with Threema’s security model is the fact that its source code is closed source.

AnonAddy.Com

AnonAddy.com is an anonymous email forwarding tool.

First, you create a username which is then used to create a subdomain such as “randomuser.johndoe.anonaddy.com”. If you don’t want the username revealed, you can also generate UUID aliases

You can then create aliases on the fly to use as email addresses when signing up at sites or for sending emails. The forwarding email address acts as a catchall so you can have an unlimited number of unique email addresses (I use something like this with another service so I can use a unique email address for every service).

Emails sent to any of those aliases get forwarded on to whatever email address you’ve designated.

The paid versions of AnonAddy.Com also allow users to set up custom domain names and additional usernames.

betrusted.io

betrusted.io is a project aimed at building a secure enclave device that connects to existing networks (such as a WiFi) to provide extremely secure communications channels for users.

betrusted aims to create a hardware system that features a secure enclave tied directly to hardware input and output mechanisms that eliminate, as much as possible, the possibility of a MITM between the user and the secrets within the enclave. Signal’s double-ratchet protocol complicates the lives of network-snooping interlopers, but is still vulnerable to keyboard loggers and screen scrapers. betrusted should provide a simple solution for individuals in high-risk situations to not only secure their private keys, but also to secure the flow of information between the users and their private keys.

. . .

Betrusted is not a phone: it is a secure enclave with auditable input and output surfaces. Betrusted relies on sharing your existing connectivity – such as your phone or cable modem – to access the Internet. Say you’re on the road and you want to securely message a friend. You would tether betrusted to your phone’s wifi, so that the phone is just an untrusted relay for encrypted messages coming too and from betrusted. The only place the decrypted messages will ever appear is on the trusted screen of a betrusted device.