this post was submitted on 10 Mar 2026
6 points (100.0% liked)
Privacy
47048 readers
1104 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 6 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It depends on what your threat model is. For example, do you want to mitigate the ability to easily link accounts and other information to you based on a single phone number? If so, then this will help with that assuming you (at least temporarily) use multiple numbers through JMP. On the other hand, if you want your communication to be private then there are better alternatives.
Ultimately, this is similar to using a privacy respecting email provider over gmail. Unless you take some additional precautions, your communications have a similar security/privacy exposure. It can be an improvement (assuming you trust JMP), but it is not the best means of communication in terms of privacy.
Any 3rd party security audit that would help on this specifically?
How not? Cheogram is using xmpp, no? Just using jmp as a 3rd party service to give you a number. Right?
I'm hosting my own xmpp server to have better control over my data, ensuring the in-app texting is secure. Of course over a mobile number of a text recipient, they're still vulnerable to normal carrier bs and therefore so would my messages be exposed. But I think cutting back shows and potential to block the spam calls
That's correct, but the XMPP portion of this communication chain is just your device to the JMP service. Any messages sent or received to another phone number are delivered via SMS/MMS. As a result, those messages can be read by unrelated 3rd parties. I assume something similar is possible for voice calls as well (or at the very least the call start/stop times and the other number on the call can be determined).
Essentially this just shifts trust from a mobile phone carrier to JMP. However, I understand that it may be more challenging to hack a VOIP number than perform a SIM swap attack. Another benefit of JMP for privacy is the more challenging tracking of location for a JMP phone number.
I'm not saying that using JMP is bad. I am saying if you need a secure and private way of messaging someone then this is not the best solution.
I think if anything the appeal to me is to be able to jump ship on a number anytime I feel it's too compromised, with minimal registration requirements-- I.E. personal information. For any communications that are more sensitive, I typically use encrypted mediums.