The COVID-19 crisis has seen a huge growth of interest in video conferencing and group video chat apps as people harness technology to maintain personal relationships with friends, family, and work colleagues.
Unfortunately, the apps most people turn to for this – such as Zoom, Facebook Messenger, Houseparty, Google Hangouts, and the like – are neither particularly secure nor private when it comes to group video calls.
In this article we explore the video conferencing options available for those who value true privacy and security. As usual, our core criteria for this that apps:
- Are open source so they can be independently checked for bugs and examined to ensure they are doing what they say they do.
- Use end-to-end encrypted and/or are self-hosted so that no third party can access your data.
Please note that the following list is not really intended to be in any particular order. Each of these apps does things its own way, so it's up to you to decide which one best fits your video conferencing needs.
FYI about Signal
Signal supports one-to-one video chat, but not group chat. A ticket for this much-anticipated feature has been raised, but there is currently no word on when it might be implemented.
The best open source video conferencing apps
While there is something to be said for commercial video conferencing apps that might excel in feature sets, integrations, and handling of bandwidth, our open source selection provides the best privacy on the market. And best of all, they are completely free.
Jitsi Meet is a free and open source video conferencing platform. Apps are available for iOS and Android (including from F-Droid), but arguably the biggest pull is that you can video conference in your browser without the need for any sign-up or downloads.
All you need to do is visit the website, start a call, and send your contacts a link to the meeting room. Meeting room names are randomly generated by default to reduce the risk of being “zoombombed,” or you can choose your own meeting name. You can also set a password for additional security.
One-to-one video and audio calls are end-to-end encrypted using DTLS-SRTP. Group calls are also encrypted using DTLS-SRTP, but because group functionality is built on top of WebRTC, decryption is performed on the server the meeting is hosted on (and is therefore not e2ee).
This can be heavily mitigated against, however, by self-hosting your own server. Setting up a server is very easy and downloads are available for all major mobile and desktop platforms. A true e2ee group chat solution is also in the works, with a demo available for those interested in helping to put it through its paces.
In use, we were impressed by the audio and video quality in calls. We noticed a few frame drops, but the picture was sharp and the audio (HD with Opus) clear. Video up to 1080p resolution (HD) is supported, although this can be reduced if bandwidth is an issue.
Jitsi Meet supports screen sharing (an essential feature for business use), Google Calendar, and Office 356 integration (via browser extension), and even seamless Slack integration.
One advantage of not being true e2ee is that Jitsi Meet scales well. There is no limit to the number of people you can invite to a chat and adding multiple people has a minimal effect on performance. It, therefore, shouldn't be too surprising that the popular Matrix / Riot.im messaging platform uses a Jitsi plugin to enable video conferencing in its rooms.
Wire is an open source end-to-end encrypted video conferencing platform aimed at business use. It has recently caused concern, however, thanks to the aggressive way it now markets its premium products (to the point where it is not clear when you visit the website that a free option even exists).
But it does, and despite a great deal of confusion on the matter, free users can group video chat. No matter which plan you choose (Free, Pro, or Premium), group video chats are limited to four participants.
This is undoubtedly due to the fact that in order for Wire to e2ee everything, each datastream must be individually encrypted. This eats up a great deal of bandwidth and therefore limits scalability.
As with its text messages, Wire chats are encrypted using Proteus, an early iteration of what went on to become the Signal protocol. The platform got off to a somewhat rocky start. But the conclusions to a series of independent audits of Wire products are reassuring. Indeed, along with Signal, Wire is the only messenger recommended by Edward Snowden.
To use Wire, you must sign-up for an account using an email address that can be verified. Clients are available for most major platforms, with experimental Linux support via DEB and AppImage binaries, or installation via the Debian repo.
You then create a chat room, to which you can invite other Wire members. Once in a chat room you can start a video call with up to four participants, for which we found video and audio quality to be high.
As a business-oriented product, Wire fully supports features such as screen sharing, screen recording, and meeting scheduling.
Jami is a 100% free and open source video chat and group collaboration tool. It is also fully end-to-end encrypted and distributed. That is, it is peer-to-peer, and therefore doesn’t need a centralized server to function.
Jami uses a communications protocol based on Session Initiation Protocol (SIP), and is compatible with other SIP internet phones and clients. Although the core service is truly P2P, Jami uses an OpenDHT server with a blockchain to help identify and find devices over the P2P network.
The OpenDHT server also pushes notifications to mobile users via the Google or Apple Store mechanisms, although this can be turned off. Under limited circumstances, Jami may also fall back onto a TURN server (which can be self-hosted) to traverse firewalls and the like when P2P connections fail.
To use Jami, you must download its apps – available for all major platforms (with DEB and RPG packages available for Linux, or, as a member of the GNU Project, it can be downloaded through many distro's “app stores”). You need to create an account, which is local only, although it can be transferred to other devices;
To have a group video chat you must first start a video chat with one user and then invite users to join in.
Since Jami uses e2ee for all calls, each call must be individually encrypted using TLS 1.3 with perfect forward secrecy and signed with an RSA key.
It is in the nature of P2P technology that connection quality can be highly variable, but image and sound quality seemed good in our tests. One of us noticed reduced image quality with more than one caller, but this didn’t seem to affect the rest of us.
Those with the hardware to support it (such as using Windows with newish Nvidia graphics card) should see improved video quality thanks to newly added support for the HEVC codec.
One issue we had was that Jami didn’t recognize this writer’s external webcam on his Ubuntu system, but that is all somewhat par for the course with Linux. One of our team members had to adjust some settings for his camera, but once this was done everything worked well.
We think it fair to say that Jami is a little rough around the edges, but for a truly decentralized, P2P, open source, e2ee system, it all works remarkably well.
Interestingly, Jami's P2P nature makes Jami much more scalable than Wire, since no strain is put on a centralized server. The result is that you can invite an unlimited number of participants to a video group chat. Business users, however, should note that scheduled meetings and screen sharing are not supported.
As we examine in our full Nextcloud Review, Nextcloud is an open source cloud storage solution that features an increasingly comprehensive set of bells and whistles. One of these is Nextcloud Talk, a built-in messenger and video conferencing add-on that is now enabled by default on all Nextcloud platforms, and via standalone Android and iOS apps (with push notifications).
Nextcloud can either be self-hosted on your own hardware or on rented server space, or you can sign-up for a pre-configured hosted account from a selection of cloud services (we have a setup guide for both options here).
Free hosted accounts (which take minutes to set up) are more than sufficient for running group chats, although e2ee is usually a premium option for hosted accounts. End-to-end encryption is still at the experimental stage in Nextcloud, but already appears to be quite robust.
All connections (including VoIP and video connections) to the Nextcloud server are secured using HTTPS. Nextcloud Talk uses WebRTC, so the administrator of the Nextcloud server can access chats on that server, which is a point to be aware of if using a non-e2ee hosted solution. If the server is self-hosted and/or e2ee encrypted, though, this is a moot point.
To start a video conference, the server administrator creates a room, to which they can invite their contacts or guests via a URL that can be opened in any browser (or in the Nextcloud/ Nextcloud Talk mobile apps). Rooms can be password-protected.
Video and audio quality was good (although perhaps not excellent) in our tests, and both scheduling and easy screen sharing are supported. The fact that Nextcloud Talk occurs on your very own Nextcloud server also means scalability is good: “A typical private Nextcloud Talk setup should handle dozens of calls with each up to 4-6 participants.”
BigBlueButton is self-hosted open source group collaboration software that allows you to share your webcam with other room participants. Although designed primarily as a platform for online learning, this makes it a great Zoom replacement.
A demo version, hosted on a shared public server, is available, which is more than sufficient for holding casual (insecure) group video meetings.
At the time of writing (during the COVID-19 lockdown) a surge in demand has resulted in a temporary 60-minute limit and screen recordings being disabled on this server, but this does, of course, not affect users who self-host.
Serious users will need to host the software on their own server, which must be running Ubuntu (16.04 LTS at the time of writing, although BigBlueButton will move to 18.04 and further as new versions are released).
Connections to the server can (and should) be configured to use HTTPS encryption. Calls (and other stuff) are not e2ee encrypted, as such, but since the server is self-hosted, this is not a problem.
Once a server is running, you can create as many chat rooms as you like, each of which can be accessed in the browser via a simple shared URL. We found audio and video quality to be great, and there is no limit to the number of webcams that can be shared.
As an educational platform, BigBlueButton supports an advanced range of features that are also very handy in home or office environments. These include screen sharing, a multi-user whiteboard, breakout rooms for team collaboration, group polling, and more.
Setting up self-hosting BigBlueButton (as opposed to the very easy casual use of its public server) is really a job best left to an IT professional; but from an end-user perspective, BigBlueButton is very easy to use and offers the greatest array of features we've looked at in this article.
What to look for in video conferencing software
As already noted, if privacy and security are key issues in your choice of video conference app, then you should choose an open source solution that uses either robust end-to-end encryption, or is self-hosted.
Please see here for why open source is so important. End-to-end encryption means your conversation is encrypted on your device and can only be decrypted by the intended recipients. Even if the chat is hosted on a third-party server, e2ee means whoever runs the server cannot access your chats,
Of course, if you run the server the chat is hosted on anyway, it doesn’t really matter whether the chat is end-to-end encrypted as long as the connection to the server is encrypted. This is why self-hosting a chat server is an acceptable alternative to true end-to-end encryption.
Video and voice quality are obviously important, but just as important is ease of use. Simply clicking on a shared URL is much easier than installing an app and signing up for the service, for example.
If you are using video conferencing software for business meetings, then most users will find features such as meeting scheduling and screen sharing (which allows you to share PowerPoint presentations and the like) all but essential.
How to stay secure when using video conferencing apps
Unlike closed source apps such as Zoom and Houseparty, which have hit the headlines big time of late for their multiple security lapses and worrying privacy policies, the open source and e2ee/self-hosted solutions discussed in this article are all built from the ground-up with privacy and security in mind.
Some of them offer hosted solutions for quick and easy access. Given the nature of these services, they are almost certainly more dedicated to maintaining your privacy than the likes of Zoom, Houseparty, Facebook, and Google, and are therefore fine for casual use.
But if you are serious about privacy (for example, you discuss sensitive business matters on video calls) then you should self-host rather than trusting any third party with your valuable data.
To prevent “zoombombing,” most of the apps here allow you to set a password for your meetings, which should be securely communicated to intended participants. Do it. Signal messenger is a great option for this.