You have to trust the servers with your metadata, and that the servers have their inter-server communication locked down, but at least you can choose/operate servers.
Some clients are a bit flaky with their e2e encryption defaults or from a UI perspective it is easy to send an unencrypted message (in a new chat for example) before noticing that was how it was set.
There are a few XEPs the server needs which enable things like OMEMO, efficient mobile data/battery use, offline and multiple device deliverability, file transfers, etc. Audio/video calling has various requirements as I think xmpp only facilitates the setup of the call.
XMPP lacks good clients and suffers from fragmentation of protocol standards implementation
“Protocol fragmentation” is not a valid complaint about XMPP – it’s like complaining that ActivityPub is fragmented; but that’s not a problem: you use the services (Mastodon, Lemmy, Kbin, etc) built with it which suit your needs, mostly interacting with that sector of the federation (eg, Lemmy+Kbin), but get a little interoperability with other sectors as a bonus (eg, Lemmy+Mastodon).
MP Bob Katter would disagree that crocodiles are non-political: https://youtu.be/_ih1EuMLspY
If that’s the main problem then that’s easy to solve! Simply use a free public xmpp server.
I mention the self- and paid-hosting options because businesses tend to like having a sevice agreement backed by a contract, and may have additional specialised requirements not provided by free services (xmpp or otherwise).
It’s a talking-head video presentation on a well-known video publishing website.
Given your browser couldn’t show anything useful from that webpage, @kugmo@sh.itjust.works offered a solution: just feed the URL into mpv, which happens to be excellent at playing audio/video from web pages if you also have yt-dlp installed.
Huh? Why not use K-9 or Fair Email?
They’re both excellent email clients.
Conversations on Android and Siskin on iOS.
One non-techie parent has Siskin running on their iPhone and it hasn’t skipped a beat in years of messaging using omemo-encrypted XMPP. For servers, they’re on tigase.im and I’m on conversations.im.
Here’s a guide on optimum siskin settings; I don’t know if defaults are better now or not.
Conversations.im is free on fdroid but it’s well worth paying something to the developer directly.
Yep. Really need to compare the best-practice XMPP clients (e.g. Conversations, Siskin), not half-developed clients more suited to the XMPP landscape of 20 years ago. – Just as Matrix’s ranking in the table is high because only the state-of-the-art clients are considered – there are plenty of Matrix clients which don’t support e2ee, for example.
This list of mistakes isn’t exhaustive, but extending from poVoq’s mentions, here are some things XMPP(conversations) does actually have positive findings for:
I’m not sure there’s much differentiation between any apps when it comes to “What can the apps hand to police?”; if the police have physical access to your device and app, they have access to everything you do on that device/app.
Something from here, if you want an Android device: https://wiki.lineageos.org/devices/
Here are the github repository, issues and comments immortalised for posterity in IPFS:
The issues and comments are in github json format – if anyone wants to collate them into a human-readable text or html file, please do so.
Edit: Its immortality of course depends on you to access and pin the content.
[…] The researchers discovered that even if individual users turned off data tracking and didn’t share their own information, their mobility patterns could still be predicted with surprising accuracy based on data collected from their acquaintances.
“Worse,” says Ghoshal, “almost as much latent information can be extracted from perfect strangers that the individual tends to co-locate with.”
In many (most?) jurisdictions it is illegal to make a recording of a conversation either which you are not party to, or without consent of all parties involved; sometimes with consideration towards whether there was reasonable expectation that the conversation be private. Even when legal, there are often restrictions on how that recording can be used.
The laws aren’t always written specific to audio/video recording (not that always-recording by google/apple/amazon/etc isn’t a problem already…) – how does such surveillance figure in to existing legislation around the world?
That rules it out for me then. I like to use XMPP+OMEMO with about 4-5 clients which I can continue a conversation with at any time. Main mobile, tablet, desktop, other desktop, and backup mobile which is usually switched off. (Even if a device has been missing for too long and run out of OMEMO keys, the keys sync up again once I send a message with it.)