I understand that it may be problematic sometimes but this was very smooth. I didn’t even say anything.
A: what’s your number for the whatsapp group Me: I don’t have whatsapp because of facebook. B: ok, we have to use signal then A: ok
And that was it. Life can be very easy sometimes
Let’s say I work in an IT area (but not infosec)
Should have used Matrix
No, Matrix isn’t the best in terms of privacy. It is a metadata disaster and most other platform are a lot more performant.
Matrix is developed by a for profit entity, a group of venture capitalists and having a spec doesn’t mean everything. The way Matrix is designed is to force into jumping through hoops and kind of draw all attention to Matrix itself instead of the end result.
XMPP is the true and the OG federated and truly open solution that is very extensible. XMPP is tested, reliable, secure and above all a truly open standard and decentralized it just lacks some investment in better mobile clients.
What most fail to see is that XMPP is the only solution that treats messaging and video like email: just provide an address and the servers and clients will cooperate with each other in order to maintain a conversation. Everything else is just an attempt at yet another vendor lock-in.
People need to get this through their heads, XMPP is the only solution for their problems.
On the contrary, you need to understand that your own needs and priorities do not match everyone else’s, and that XMPP is not a good fit for every use case.
(Your rant was amusing, though. I hadn’t seen one like that in a couple weeks.)
While I agree with your point just tell me what Matrix does better? It’s better at being overly complicated? Or at being more propriety?
Nobody owes you their time or their patience. If you want help understanding something, I suggest you tone down the fearmongering, manipulative, adversarial comments. If you’re just looking for a fight, kindly go elsewhere.
XMPP isn’t any better in terms of metadata. OMEMO is an afterthought that slaps on to XMPP. Many metadata are still attached to the message. The threat model only protects the content and doesn’t guard aginst metadata and traffic analysis. Even OMEMO extension is still in experimental status. Not to mention, users still need to signup an account using their email.
Honestly, I think SimpleX is better in everyway. No account required, minimal metadata (at least from the technical whitepaper and other sources I read), fully open source (AGPLv3), an ok mobile and desktop client, and audited. The register friction is almost non existance. You just need to install, set a name, and off you go. The only worry I have with them is they took VC funds.
ADD: XMPP is still better for company internal communication, especially when compliances require conversation archiving.
A few SimpleX shortcomings beyond what you noted, in no particular order:
It does have some neat design ideas. I don’t consider it ready for general use, but I look forward to seeing how it develops.
agree with your general sentiment. I’ve actually been using it and its very rough around the edges, in addition to being “slow” feeling overall, and I’m just testing it out between one other person and myself on other devices. it’s not something I can recommend to anyone yet, but definitely keeping my eye on it.
XMPP is way more open and interoperable than all the solutions available, it works like email any user can can talk to any other and doesn’t depend on a some proprietary / closed service centrally owned by anyone. That’s a good selling point.
XMPP doesn’t really force users to sign up with email address, it just happens that XMPP addresses use the same format, many public servers will give you an address like [email protected] that is never mapped to a real email address and only works for XMPP. The decision to actually ask people for their real addresses is up to who owns the server and won’t be directly exposed on the XMPP network.
Omemo sucks
XMPP is great but it’s dead.
It is as dead as we want. There’s no reason to reinvent the wheel, probably the only thing that XMPP lacks is a bunch of money into a very good, cross-platform (but native) client like Telegram has that actually works 100% of the time and a bunch of large scale public servers to handle regular users who don’t want to host their own. Also… easy registrations and setup on said client.
For a regular user and most privacy aware people, they just don’t care if the protocol is Matrix, Signal or XMPP - they just want a good end user experience and a solid thing, that’s what XMPP lacks today and it’s all client side.
Bottom line is: XMPP as a protocol is great, lacks someone with vision and money to drive it into mass adoption.
I’m pretty sure an encrypted chat platform is possible with ActivityPub. In fact, sup is an instant messenger that will be encrypted and federated using the ActivityPub protocol. It’s being made by dansup, the creator of PixelFed.
Why reinvent the wheel, tweak a protocol, implement a ton of software when you can just use the tested, tried and true XMPP?
Does XMPP support voice/video calls?
Yes, Jingle.
https://xmpp.org/about/technology-overview/#jingle
Yes, very well.
Yes…
For a team of 20 people matrix is way overkill imo
XMPP on the other hand…
I once setup a entire matrix server for my school club that comprised of 4 people because one of our members couldn’t use discord lol
deleted by creator
There would be room for expansion. What about an IRC then?
Depends. Since this is seen as an out-of-band coms option for work, there is a good chance you will want encryption for only folks in the room either for accidental company secrets leaked or to shit talk folks outside the room. IRC, the best you get is TLS.
I’m going to join OP’s company next and say I can’t use signal because phone companies. Then they’ll upgrade to Wire or Matrix
Not great