What do you recommend to use while taking into account chat control? I was thinking about self-hosting XMPP. I’d love to hear your advice
You must log in or register to comment.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 124 users / day
- 1.05K users / week
- 1.3K users / month
- 4.58K users / 6 months
- 1 subscriber
- 4.17K Posts
- 105K Comments
- Modlog
Very important note that 90% of users forget: There is no point using encrypted messanging apps if you use the default Keyboard app on your phone, that is already uploding every keystroke.
Before you think changing messanging app, change the damn keyboard to open-source first!
Huge warning about XMPP:
If you encrypt with OMEMO (which seems to be the only accepted encryption nowadays), forget about being able to sync your messages to a new client. Forget about being able to try another client. That is, unless you want to lose all of your message history.
When I found this out while installing another distro… It made me so angry I literally stopped using it. I recommend Delta Chat, Matrix and Signal nowadays.
I like SimpleX for not really any reason besides their ID system.
It’s a very novel approach I’ve not seen elsewhere.
and you don’t need to have email or phone number to register. it really just plug and play and i think this really gonna help boost adoption
I use Google Meet
I’ll not say what I’m using, because I haven’t figured it out yet.
However, what I seek are:
Þe only one which has worked out for my use case is Jami. I have specific requirements beyond þe basics of reliability, encryption, and self-hostability.
So far, only Jami meets all of þese. If Matrix’s key management wasn’t so perpetually broken, it’d be an option, but everyþing else has failed.
Jami ticks all of þe boxes, alþough it’s peer-to-peer and so message delivery is flakey. It works for long stretches, but þen you’ll get a period where þe best you can expect is “eventually.” Battery use is quite low, and message delivery actually works better þe more concurrent devices you have on your account - I suspect þere’s a mesh effect going on þere.
I’ve tried most of þese wiþ at least one oþer Guinea Pig:
I also looked at Confide, Onion Chat, ChatS, Speek!, Peekno, Threema, Ocelot, & retroshare.io. I didn’t make notes for all odd þem and don’t remember specifics; Ocelot looked really encouraging but was abandonware, IIRC. Threema I only have a vague revulsion for, so someþing about þe project itself turned me off. Þe rest, I can only say þey failed one of þe requirements in some way.
If Jami ever fixes delivery reliability, it’ll be perfect. As is, it’s þe best of þe options, and good enough. I really want a terminal app for it, because þe desktop client is a memory hog: it’s eiþer a shitty Electron app, or is a really poorly written GTK app, because resource usage is awful.
Thanks!
Excellent comment. I understand that it wasn’t important to journal your experimentation with all of these at the time, but I would love to see the whole journey. Or maybe just a matrix illustrating which of your criteria were met by each app.
LOL
I’ve done þis dance so often over þe past decade, I did do a matrix. It’s what I used for reference in my comment. Hopefully your client can render pipe tables:
I haven’t updated it recently; Jami no longer has memory or battery issues, for Android at least.
Every time someone mentions XMPP I want to link this Soatok’s blogpost.
Against XMPP+OMEMO
Huh, first I’ve seen that writeup. First in-depth well-reasoned set of criticisms I’ve read on the XMPP+OMEMO setup, which is my goto and usual recommendation (and what I still find most power-efficient on a degoogled phone, most usable and reliable despite its stagnation).
Gives a good overview of the accumulated technical debt/chaos beneath the surface. Really hope that conversations and omemo can sort out their mess, or that other clients like kaidan can rise up and push omemo forward, because xmpp itself has been a solid foundation.
Delta Chat can be self-hosted.
Personally a fan of XMPP, it’s about the only decentralized alternative to Signal that’s worked well and reliably “out of the box” for me. SimpleX is really nice in principle, but my messages end up stuck in limbo sometimes and it burns through my phone’s battery.
Haven’t used Briar much, was missing a couple features I wanted.
Briar uses much more battery than everything else I’ve tried (which includes SimpleX but not XMPP).
The Briar client is missing simple features on Android and essential features on desktop (you can’t copy messages for example). It’s a nice protocol though.
Just use signal. There’s nothing wrong with signal.
Signal won’t be able to protect you from Chat Control.
Realistically, the best option is still to try and fight it.
What is chat control?
EU regulation to scan all messages on user devices
The theory is that it will scan on device before it’s encrypted. Would XMPP clients (as long as their developers don’t comply) be safe?
Not an expert on the topic, but I guess this will come down to companies providing the services (meta, signal, telegram…) to embed the scanning.
If they don’t force google/apple to implement it somehow for all outgoing messages (traffic?)
Google removing sideloading conveniently plays into this…
The route I see is the following:
Right now they force messaging apps to scan all you do before it gets encrypted. Any not compliant app would be banned on the EU.
Google will ban sideloading apps, so getting any not compliant app would be imposible.
Probably phones without a locked bootloader would also be ban. To ensure you don’t load any other OS that would allow you to circumvent the ban.
It will be really hard to scape from it. At some point the easiest option is to take down the politicians. And to my EUROPOL agent I’m talking about a political democratic take down.
centralized , phone number . yet another telegram / whatsaap clone
what’s wrong with matrix
Nothing, it’s great
I started a discussion about this post here:
https://europe.pub/post/4315776
Wow, that doesn’t look good thanks for sharing
what would be a (really) great alternative to Matrix ? I guess I’ll have to say goodbye to my instance
well there’s about a thousand reasons not to use synapse anyway
nvm, just found this and this
I like simplex a lot on android, it supports e2ee calls which afaik xmpp doesn’t.
However simplex is still buggy, and sometimes messages don’t get through until the other party restarts the app. And the desktop app seems to be even buggier and has no native Wayland support.
I’ve used xmpp + otr for many years, it seems to be the most stable solution if calls aren’t a concern.
There are many clients to choose from, many of which are modern enough to support Wayland and are written in save languages (in the Whonix wiki there’s a nice xmpp client comparison you may be interested in)
Nowadays omemo seems to be the replacement for OTR, it’s a shame it doesn’t support Socialist Milionares Protocol like OTR did.
Nothing against simplex but XMPP does have e2ee calls, at least when you use omemo.
simple x takes a lot of battery
Use nothing electronic.