Zangi: No Phone Number, Closed Box
Zangi: No Phone Number, Closed Box
Zangi is a messenger that gets one thing right โ and then asks you to trust it on everything else.
That one thing is real. Zangi replaces the phone number with a Zangi ID. No telco leash. No SIM-card identity handle baked into the protocol. This is a structural win over Signal, which remains chained to the phone-number model despite its otherwise excellent encryption architecture.
But a single structural win does not make a private messenger. It makes a messenger with one good idea and a black box around the rest.
The LINDDUN Score
Zangi scores +1 on the LINDDUN scale. For context: Briar and Cwtch score +21. SimpleX scores +12. Session scores +10. Signal scores +6. Matrix scores +5. Telegram scores -7. WhatsApp scores -17.
Zangi at +1 sits between Matrix and Telegram. Better than the mass-market surveillance machines. Not close to the serious privacy tools.
Here is the breakdown:
| Letter | Threat | Score | Why |
|---|---|---|---|
| L | Linkability | +1 | Zangi ID replaces phone number โ no telco tether. But proprietary protocol, centralized servers. You cannot verify what is actually linked across sessions because you cannot inspect the code. |
| I | Identifiability | +1 | No phone number is a genuine win. Pseudonymous Zangi ID. But IP addresses hit their servers. Israeli jurisdiction means government access is structurally baked into the threat model. |
| N | Non-repudiation | +1 | End-to-end encryption by default. Messages are theoretically deniable. Theoretically. |
| D | Detectability | -1 | Centralized servers. No Tor integration. Traffic patterns observable at the network level. An adversary can see you are using Zangi, even if they cannot read the content. |
| D | Data Disclosure | 0 | This is the kill shot. Zangi claims end-to-end encryption via their proprietary Streaming Control Protocol. They claim โno data collection.โ They claim โyour data lives only on your device.โ But: zero independent audits. Zero open source. The protocol is a black box. The encryption could be solid. It could also be broken. We have no way to know. This is not a negative score โ it is a null score. Unverifiable claims cannot earn trust. |
| U | Unawareness | 0 | Marketing says โprivateโ and โno data collection.โ Users may reasonably assume Signal-level trust. The proprietary, unaudited nature of the protocol is not adequately disclosed. |
| N | Non-compliance | -1 | Israeli company. Israel has robust surveillance laws, mandatory data retention regimes, and Five Eyes-adjacent intelligence sharing agreements. Centralized infrastructure. Business model involves selling the platform to enterprises, which may involve different data handling for corporate customers. |
Total: +1
The Israeli Problem
Zangi is developed by an Israeli company. This is not a minor jurisdictional footnote. It is a structural fact about the threat model.
Israel operates one of the most sophisticated surveillance apparatuses in the world. Unit 8200 โ the IDFโs signals intelligence unit โ is comparable to the NSA in capability and reach. Israeli law provides the state with broad powers to compel technology companies to cooperate with intelligence gathering. The surveillance ecosystem is tightly integrated with the American Five Eyes network.
This does not mean Zangi is compromised. It means Zangi operates in a jurisdiction where compromise is a standing possibility, backed by legal compulsion, sophisticated technical capability, and institutional proximity to global intelligence infrastructure.
A proprietary, closed-source, unaudited messenger headquartered in Israel is a messenger where the encryption could be excellent and the state access could still be total. The two are not mutually exclusive. The encryption protects against third parties. It does not protect against the company that controls the update server.
This is the fundamental asymmetry of centralized, closed-source messengers: you trust the company not to betray you, and you have no mechanism to verify that trust.
Where Zangi Fits
In the LINDDUN messenger table, Zangi slots in at rank 9:
| Rank | Messenger | Total |
|---|---|---|
| 1 | Briar, Cwtch | +21 |
| 3 | SimpleX | +12 |
| 4 | Session | +10 |
| 5 | Threema | +9 |
| 6 | Wire | +8 |
| 7 | Signal | +6 |
| 8 | Matrix | +5 |
| 9 | Zangi | +1 |
| 10 | Telegram | -7 |
Better than Telegram. Worse than Matrix. The no-phone-number architecture is a bright spot surrounded by unverifiable claims and a jurisdiction that invites state actors into the trust model.
What Would Fix It
Zangi could climb this ranking significantly with three changes:
-
Open source the protocol. Publish the SCP specification. Let the cryptography community inspect it. Signal does this. SimpleX does this. Even Matrix does this. Closed-source encryption is security theater until proven otherwise.
-
Submit to independent security audits. Hire a reputable firm. Publish the results. This is table stakes for any messenger that claims to be private.
-
Address the jurisdiction. Incorporate a privacy-preserving architecture that reduces trust in the company: federation, onion routing, or at minimum a transparency report that discloses government requests.
Until then, Zangi is a messenger with one good idea and a locked room around the rest. The good idea is real. The locked room is not acceptable.
The Doctrine
The Zangi case reinforces the core LINDDUN lesson: end-to-end encryption is not privacy. It is one component of privacy. A messenger can encrypt your messages perfectly while still exposing your identity, your metadata, your usage patterns, and your existence on the network to the company that runs the server and the state that owns the jurisdiction.
A private messenger should minimize trust. Minimize stored data. Minimize identifiers. Minimize metadata. Minimize corporate discretion. Minimize the number of throats an empire can choke.
Zangi minimizes identifiers. That is good. It does not minimize trust. That is not enough.
The correct posture toward Zangi is the same posture toward any closed-source, unaudited messenger with centralized infrastructure in a surveillance-heavy jurisdiction: use it if you must, but do not confuse it with a bunker.