this post was submitted on 08 May 2024
219 points (78.9% liked)
Privacy
32165 readers
980 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Agreed. But it is worth mentioning that XMPP with OMEMO seems to be the current gold standard - runs almost everywhere, tons of available (free) servers, secure end to end messages, and fully auditable public source code.
I have used xmpp a lot, but I can't really recommend it to friends and family as a secure messenger. There are too many compatibility issues between clients and servers. If your friend is on a client or server that doesn't support the same encryption protocols, then you can't have a secure chat. Basically there is too much user knowledge and effort required at this time, for xmpp to be a good, secure, general use chat. I very much look forward to this changing. I also really like Matrix, but it is still a bit rough around the edges as of my last check.
I use xmpp all the time. Biggest hurdle for certain fam/friends using xmpp has been certain android builds (samsung) and ios interfering with timely notifications. User knowlege is not a problem as I can recommend the apps that are compatible encryption protocols with mine.
That's great, and I'm happy it's working out for you. It's still kind of a bummer that this open protocol ends up fragmented across all those clients and severs. I've met other Linux enthusiasts online, connected with them via xmpp only to find we can't encrypt our chats. Neither of us wants to give up our preferred client for various reasons, so we have a non-working situation.
Hmm, I see. But isn't there an obvious solution to this? One of you just run two different clients side-by-side?
Sure there are workarounds, but every one of them erases a bit of convenience or is at odds with the benefits of federation. Again, I think XMPP is great, but I wish it was better. As it is now, it doesn't fully meet my needs better than Signal does.
Yea, I hear you. I use both.
Well if only those samsung & ios users that never get my messages until I see them and tell them to open their app had phones that didn't interfere with it running in the background / push notifications it would be working out for me even better, but that's not an issue with the protocol or client but with OS's being hostile to xmpp.
Outside of TLS which most any server uses by default, XMPP or not, the server is not responsible for E2EE. Conversations Compliance & Are We OMEMO Yet have existed for a long while & I never see anyone recommending a client not on these lists so while certain features may be fragmented, the communication essentials have been more or less established for years now. XMPP is an extensible format, and some applications that aren’t for chatting with your friends/family, don’t need many of these features which allows the protocol to morph into something stripped down for the task… which is why the base spec is basically barren, & community XEPs are what folks get behind for adding new features for different use cases.
Agreed on all points. It's not the best solution when I can't get both parties into it successfully.
That's why I still use Signal a good bit.
That may be true, but wake me up when they capture 0.5% of the messaging app market :)