Yeah, people complain about some Windows games not working, but it easily blows any console out of the water.

Raddle.me and lobst.rs are non-federated alternatives.

Lol, confidently saying stuff you obviously have no idea about and just believing Signal’s “trust me bro” nonsense. Have fun using that honeypot.

(Those “security researchers” you are referring to have no access to the Signal infrastructure and usually only look at the cryptographic algorithms used by Signal, which are indeed good and used by other systems as well these days).

A timing attack is extremely realistic when you control one of the end devices which is a common scenario if a person gets arrested or their device compromised. This way you can then identify who the contacts are and with the phone number you can easily get the real name and movement patterns.

This is like the ideal setup for law inforcement, and it is well documented that honeypot “encrypted” messengers have been set up for similar purposes before. Signal was probably not explicitly set up for that, but the FBI for sure has an internal informant that could run those timing attacts.

There are some mitigations in place, yes, but Sealed Sender on a centralized platform is snake-oil as someone with server access can easily do a timing attack and discover who communicated with whom.

If you are even remotely involved in any activist type of things, you certainly don’t want this US government honeypot have your phone-number and device id.

Apparently this is using face recognition technology from Russia 🤷

Probably not, but you can likely improvise by binding the audio mute to a button in your OS.

You cam try https://jami.net/

But I also think Mumble is the better solution, but of course not p2p.

Also included: XMPP account on the same address, but it would be nice if they would keep their Ejabberd a bit more up to date.

Yes in a local database, not a distributed one.

The main difference is that XMPP (like most other federated systems) is based on passing messages, so if a new server joins a chat, it gets send messages from that point onwards.

In Matrix that is different. When a new server joins a chat it exchanges the entire database for that chat, and for DAG consistency reasons this means all the metadata since the chat was first created, often years ago.

Matrix is not really a chat system, but rather a distributed database that pretends to be a chat system. As a result all servers participating in a room get a full copy of the room metadata all the way back to when the room was created, which is a serious privacy issue.

This is not a general problem of federated systems though, and XMPP for example basically only shares the metadata that other participating servers strictly need to function.

No, it still requires a phone number, but you can hide your phone numbers from other users now.

https://slidge.im/ with an XMPP server.

This is odd because I know a few mainland Chinese people that use XMPP without problems (and afaik without a VPN).

Sounds like your server got blocked for another reason?

Well, instead of leaking metadata to Signal, AWS, Cloudflare, Google/Apple and your ISP, like Signal does, RCS only leaks it to your ISP /s

You can easily redirect xmpp to port 443 which is not blocked by most firewalls. If you have problems with firewalls or public wifis your xmpp server is misconfigured.

The actual military grade (xmpp based) messengers implement security lables, meaning messages are tagged with the required security clearance and if you invite random people to a chat they can’t see the messages.

The server can swap to a modified JS that exfiltrates the e2ee key and thus allows the server owner to decrypt the messages, or in more advanced encryption schemes add additional keys without you knowing and achieve the same thing.

Yes you can juryrig something like that with cookies, but it is highly fragile and browser based e2ee is basically a scam anyways as the server serving the website can always swap out the javascript that decrypts the messages.

e2ee is not really compatible with what you want due to necessary key management, and once you drop that there are so many possible options for what you want that I don’t want to list them all here.

Yes, in theory, but in praxis no because self-hosting the sync server alone still depends on the centralized auth server from Mozilla, and self-hosting that as well is possible but complicated. It’s sadly a mess, and you might be better off not using Firefox sync at all.

As for your other question, depends on the specific addon, but usually no.

The cheapest way would be to buy a domain from OVH and use their free offer of a 5gb single email address that is included with each domain.

You still need to log into their servers and thus provide them a lot of meta-data, like IP addresses, when and approximatly where you are using your browser, on how many devices etc.

I could pretty effectively prevent it from being used for mass surveillance.

And a future you might decide differently.

Hmm yeah, I thought this is about organisation internal discussion. Of course if it is just a mailbox for outsiders to use, you could just configure some forwarders so that multiple people get the emails and can respond from their own account if necessary.

Selfhosting email specifically is quite hard. Not so much technically, but because of how a few large providers have cornered the market and drop most self-hosted emails reaching them with the excuse of fighting spam.

Hosting a forum that requires login credentials (incl. 2fa etc.) is quite easy though. But I guess that wouldn’t work as a way for outsiders to contact you.

I am confused why you would use a single email address instead of a mailinglist.

It is also possible to set up a private forum with mailinglist capabilities.

Generally speaking it is better to find a trust worthy host, or host on your own hardware than trying to repurpose some public service and hope e2ee alone is sufficient.

Igalia is currently working hard on making it easy to use Servo as an embeddable browser engine similar to how Chromium can be used.

The problems of doing that with Gecko, the browser engine that powers Firefox, is main reason why there are so few alternative browsers based on it.

Uh, did your account get hacked?

That’s like literal AfD propaganda you are repeating here.

And while there is some very limited truth to the first (but he has had similar competences on state level for many years), the “opposition newspaper” is like an actual extreme right wing rag and the legal process is still ongoing, the courts just ruled that the minister of interior overstepped her official competence by trying to shut it down in the legal grey area way she tried doing it.

This is not either or. You can store things only until the recipient comes online and then delete it (but Matrix specifically doesn’t do this and conceptually can’t due to its design).

Some comment by the Element CEO on Hackernews, sorry I don’t have a link right now.

But since it would be optional I am not sure why you worry about that. It wouldn’t change the status quo, which is already bad.

Well… there has been some recent museings about something like that from the CEO of Element, but it would effectively cause a two class federation where some servers can not work independently of others (likely in reality mainly servers running on EMS infrastructure, a bit like how in Bluesky you can’t really work fully independent of their infra, and yes Bluesky was explicitly mentioned as inspiration for that idea).

Having those two options fully independent would basically mean reimplenting xmpp in json as an incompatible alternative protocol and that would make little sense IMHO.

While Synapse isn’t great, the problem is that the Matrix protocol is over-designed for a very specific purpose (distributed rooms), that comes with a severe performance penalty but most people don’t actually need this for chat.

Its one of these cases of a neat idea on paper, but ultimately a solution looking for a problem.

That said, Matrix isn’t that bad overall, but there are better options like XMPP.

https://f-droid.org/en/packages/dev.theolm.wwc/

Does something similar.

Basically Matrix is to Xmpp, what Bluesky is to ActivityPub. Which all the various issues both technically and related to VC and crypto-currency funding.

In addition Matrix uses a federation model that is extremely inefficient, making it hard to run your own server once you have a few users that join larger rooms. And as a side effect of this inefficient federation model that replicates the database onto all participating servers, it tends to centralize all the metadata on the servers (run on AWS under UK jurisdiction) hosted by the for-profit company that is behind Matrix.

And last but not least they rugpulled everyone very recently and made the only fully functional server implementation open-core to upsell larger servers to their proprietary hosted offering.

Why would Matrix be the only option? XMPP is significantly better. You can either sign up on a public server or pay a small sum to have your own private server for you and your family for example on https://snikket.org/ or I think https://jmp.chat/ also includes optionally a small server in the subscription.

Easy, become a vtuber with a voice altering software 😎

No bridges are not end 2 end encrypted. The best you can do is host the server and bridge in your own home and thus have the bridge “end” in a secure location.

If your friends and family are not very technical, then Matrix is probably a bad idea as it tends to be quite in your face about all sorts of technical issues especially with the encryption keys and so on. It works ok usually once everything is set up though.

XMPP is IMHO the better option as the mobile apps are easier to understand and the e2ee usually works out of the box and stays out of the way unless you specifically want to mess around with it. For a friends & family server I recommend setting up https://snikket.org/ or rent a server from them cheaply.

There are also good bridges for XMPP, but setting them up requires more understanding of self-hosting.

This, although you should probably mention that the full version is gratis on F-droid.

Hmm, has been a while since I last tried PCSX2, but isn’t there a module for it in Retroarch these days? Usually that works better.