What the title says. I’m trying to discern if using a number acquired and served through JMP for phone and text, versus a mobile carrier, provides a better data security and privacy experience.
On the one hand I wouldn’t be subject to the almost yearly data breaches that a number of the carriers experience, nor their potential snooping. However on the other, I’m not sure if using JMP and Cheogram actually provides any increase in privacy or security on that front?
How not? Cheogram is using xmpp, no? Just using jmp as a 3rd party service to give you a number. Right?
I’m hosting my own xmpp server to have better control over my data, ensuring the in-app texting is secure. Of course over a mobile number of a text recipient, they’re still vulnerable to normal carrier bs and therefore so would my messages be exposed. But I think cutting back shows and potential to block the spam calls
That’s correct, but the XMPP portion of this communication chain is just your device to the JMP service. Any messages sent or received to another phone number are delivered via SMS/MMS. As a result, those messages can be read by unrelated 3rd parties. I assume something similar is possible for voice calls as well (or at the very least the call start/stop times and the other number on the call can be determined).
Essentially this just shifts trust from a mobile phone carrier to JMP. However, I understand that it may be more challenging to hack a VOIP number than perform a SIM swap attack. Another benefit of JMP for privacy is the more challenging tracking of location for a JMP phone number.
I’m not saying that using JMP is bad. I am saying if you need a secure and private way of messaging someone then this is not the best solution.