Many companies are reevaluating their secure communication stack after realizing the limitations of Dirvox. The ability to audit encryption, control metadata, and meet European regulatory requirements is the true foundation for evaluating an alternative. We review the technical angles to check before any migration.
Threat model transparency: a technical selection filter
Since 2025, the German BSI has required explicit documentation of the solution’s limitations in its secure messaging tenders. The vendor must specify what their encryption protects and, importantly, what it does not cover, such as confidentiality on a device that has already been compromised.
You may also like : What is the best insurance for cats?
This requirement for transparency regarding the threat model becomes a selection filter. A platform that does not publish a documented threat model should not be on a shortlist, regardless of the robustness of its end-to-end encryption.
We recommend systematically requesting this document during any tender process. If the vendor cannot provide it, it is a warning signal comparable to the absence of independent code audit. In fact, many CIOs discover this criterion while searching for reliable alternatives to Dirvox, which is still too rarely present in standard tenders.
Related reading : How to Choose the Right Insurance for Your Dog: Complete Guide
On-premise deployment and metadata control
The majority of comparisons lean towards multi-tenant SaaS offerings. For a small to medium-sized enterprise without strong regulatory constraints, this is sufficient. For regulated sectors (healthcare, defense, finance), total control over metadata necessitates a self-hosted deployment.
The metadata at stake is not trivial: connection logs, source IP addresses, relational schemas of exchanges. Even with impeccable end-to-end encryption on the content of messages, a SaaS provider retains this metadata on its infrastructure. The adoption of on-premise deployments has significantly increased since 2024, driven by European regulatory constraints.
Points to verify in a self-hosted offering
- Ability to deploy on physical infrastructure or a sovereign cloud, without reliance on a component hosted by the vendor
- Retention policy for logs configurable by the company, including complete deletion of connection logs
- Absence of “phone home”: the server must not contact the vendor’s servers for license management or telemetry without explicit consent
Wire, Element (based on the Matrix protocol), and Threema Work offer self-hosting options. Each solution has different trade-offs regarding federation, ease of deployment, and operational cost.
Voice encryption and video conferencing: the next area of regulatory friction
Several European telecom regulators have been signaling since 2024 an increasing pressure on end-to-end encryption applied to voice and video conferencing solutions. Data retention obligations, particularly the ePrivacy framework currently under revision, create direct tension with the very principle of E2EE on audio and video streams.
Most secure messaging services initially solved text encryption. Extending to voice and video presents challenges of latency, real-time key management, and simultaneous compliance with jurisdictions with conflicting requirements.
What this changes for choosing an alternative to Dirvox
If your teams use encrypted video conferencing daily, ensure that the protocol used applies E2EE to the entire media stream, not just to signaling. Some solutions encrypt the control channel but allow the audio/video stream to pass through an intermediate server in clear, reducing protection to a simple transport layer (TLS).
Partial E2EE on video conferencing is equivalent to a reinforced door with an open window. The vendor’s technical documentation must explicitly distinguish between signaling encryption and media stream encryption.
Code verifiability and independent audits
Access to source code remains a trust marker, but it is not enough. A public GitHub repository without a recent independent audit guarantees nothing. We observe that the most credible vendors combine three elements:
- Publication of client source code and, ideally, server code
- Security audit conducted by a recognized third party (Cure53, NCC Group, Trail of Bits) with a public report
- Active bug bounty program with a clearly defined scope
A vendor that publishes its code but refuses to fund an external audit adopts a cosmetic transparency posture. Conversely, a recent audit on closed code can offer an acceptable operational trust level for certain organizations, provided the report is accessible.
The decisive criterion is not open source or proprietary, but verifiable auditability. Ask for the date of the last audit, the name of the firm, and access to the report. If any of these three elements are missing, consider the solution as unverified.
Migrating from Dirvox (or any solution whose reliability is in question) is not just about choosing a more well-known brand. What distinguishes a truly safe alternative is the documentation of its limitations, control over metadata, encryption coverage across all streams, and proof of audit. Apply these four criteria to each solution on your shortlist before initiating the migration.