Jabber on iOS – ChatSecure and ZOM

I value my privacy and have no intention to put apps on my devices whose first act is to scrape my phone book. That’s why I’m a heavy user of  ‘Conversations‘, an open source mobile chat app for Android with end-to-end encryption. Unfortunately, Conversations is only available for Android. There are some iOS Jabber apps available as well but I always found them lacking in one way or the other and could thus not recommend them to iPhone users. Until now!

A few years ago I saw ChatSecure for the first time but it only had an initial and rough implementation of the OMEMO end-to-end encryption protocol and was lacking functionality in several respects. Over the years, it seems to have matured quite a bit, however, and when I recently tested it again, I was very positively surprised!

The Push Problem

The big problem with iOS is that apps have a hard time keeping a TCP connection open in the background as the operating system frequently throws these connections under the bus to extend battery live. Instead, apps have to use a centralized push server to get information while they are in the background or while the phone is locked. So while I was not looking, Jabber XMPP server extensions have become available to deal with this. As I am not an iOS user, however, I don’t want to have them on my private Jabber server.

Jabber Servers With iOS Push and Easy Sign-Up

The solution: When installing ChatSecure on an iOS device, it offers a number of servers that have the push information extension installed. The first one on their list is called ‘ZOM‘ and seems to be somehow related with the ChatSecure project as the service is mentioned in their blog several times. I tried to find out some more details on their relationship but I didn’t really find out too much. Something to be perhaps followed up. In addition to supporting the iOS server push extension, registration is also very simple, no email confirmation required. In other words, getting started is as simple as downloading ChatSecure from the store, selecting a username and then typing in the Jabber IDs of friends. Yes, the last step is the most complicated one that many normal users will have some trouble with, but that’s the price to pay for privacy. As Jabber is a federated system, ZOM users can communicate with all other users on other Jabber servers so global connectivity is assured.

Things I Noticed When Using ChatSecure For A Few Days

I ran ChatSecure on an iPhone for a few days and all messages I sent from Conversations on my Android phone were delivered. Some took a few minutes when the iPhone was in deep sleep but they arrived eventually. Picture messaging also worked very nicely and all messages were OMEMO end-to-end encrypted. Deep sleep seems to be a very deep sleep on iOS as the user was shown as ‘offline’ on other devices. When sending a message to the user on the iOS device, however, the availability indicator always came back.

While delivery notifications work, ChatSecure does not yet have the ‘message read’ indication implemented so the sender only knows the message has been properly received but not if it has already been read. Another small thing that I found lacking is that the resolution and size of images is not reduced before they are being sent.

So while there are a few things that I hope will make it into a future version, the current shortcomings don’t stop me anymore from recommending ChatSecure to my friends with iOS devices. Kudos to the people at ChatSecure, this is fantastic progress!