*Permananently Deleted*
trash
29

Permananently Deleted

You don’t need to talk friends if you don’t have friends.

*internal cries

@Gwynne
creator
5
edit-2
25d

deleted by creator

blue_penquin
12
edit-2
3M

You have to trust the instance admin you are joining; the same goes for Lemmy/Mastodon/XMPP. The instance owner can see your IP address, your devices, email etc. They can act on your behalf - so basically they have a fair amount of control over your account. But they cannot see any encrypted content. These issues are a bit hard to solve in case of something like Matrix often at performance costs; same goes for the metadata issue.

If you want to self host you can run a de-federated instance for only personal use or you can run it as a onion hidden service - this way the metadata issue is solved. But note that Synapse is pretty resource intensive.

manemjeff
23M

This is not true, knowing that you can verify yourself before talking to others and they can’t just willinilly act on your behalf because they’re not coming from the same device.

blue_penquin
2
edit-2
3M

Verification of own/others’ devices is optional; it won’t prompt to setup if you aren’t using something other than Element or an E2EE capable client. Someone might have an account with cross-signing disabled or if it is enabled the new device will show up as unverified then there are chances/edge cases where they can be tricked into verifying that device; this way they’d also have control over encrypted content. Also admins have control over the password+login; they can delete the old one add a new password and it’s hash to the database then login using those and chat using someone else’s account on a public room. These are the reasons why it is always recommended to host one’s own instance or trust the instance you are joining.

This is an example of MITM in case of XMPP; Matrix would be very similar if the person doing it is the server admin.

poVoq
9
edit-2
3M

Matrix has the problem that room state (containing a lot of Metadata) gets replicated and stored indefinitely on every homeserver any user connects with or connects to. This is a feature™ for enabling distributed chat rooms, but comes at a serious privacy cost.

As most of the matrix network centers around the UK based official servers, you can be pretty sure your metadata will end up on those servers one way or the other and the privacy protection in the UK is very weak. Furthermore, most Matrix homeservers by default use the centralized identity service also hosted in the UK on the official servers.

@Gwynne
creator
3
edit-2
25d

deleted by creator

@disrooter
73M

So why not Jami? (https://jami.net/)

It’s P2P so no servers and it’s a GNU project.

@jazzfes
63M

I tried this a few times, but for me it never worked reliably. Are you using it as a day-to-day kind of thing? Family and friends?

@Gwynne
creator
2
edit-2
25d

deleted by creator

@Gwynne
creator
1
edit-2
25d

deleted by creator

poVoq
7
edit-2
3M

Only if you self-host and the other person is also using an account on your server (or another trusted server).

Edit: also note that Synapse has pretty hefty system requirements and the database quickly grows using many gigabytes of data.

@Gwynne
creator
3
edit-2
25d

deleted by creator

@scrote
53M

Mirage supports multiple accounts. It’s still in alpha but worth keeping an eye on. Most features work (including E2EE), but a couple are missing (emoji reactions aren’t shown/usable, and if someone edits a message it is instead shown as a new message).
Fractal currently does not support E2EE or multiple accounts, but E2EE is coming in their new branch (Fractal-next) and multiple accounts are on their to-do.

@Gwynne
creator
3
edit-2
25d

deleted by creator

@dragonX
23M

This²

poVoq
43M

I am not aware of one. But why not XMPP? Is is easier to self-host, works nicely over Tor and most clients have multi-account support. It also produces much less metadata and usually does not store it longer than necessary.

@jazzfes
13M

What would be a good way to host your own XMPP server for messaging and video? I tried setting up ejabbert but didn’t get it to work for video… setting up a synapse server on the other hand was easier.

Any other options? Or good ejabbert guides for that matter?

poVoq
23M

You set up both synapse and jitsi-meet? Because Matrix does not natively support video at all and simply uses the XMPP based Jitsi-meet for it. Also did you setup your own identity service for Synapse? Because without both, you didn’t really self-host matrix :p

In general though, getting video to work with STUN/TURN is a bit more involved. But this is a general issue and also happens if you self-host video support with Matrix.

But you might have better luck with https://snikket.org/ which tries to include everything and is based on Prosody.

@Echedenyan
13M

How is XMPP compared with SIP+SIMPLE in that?

poVoq
4
edit-2
3M

Could you explain a bit better what you mean? SIMPLE might be somewhat comparable purely as a protocol, but for all practical purposes is isn’t comparable to XMPP as there are no good clients and no federated network.

@Echedenyan
1
edit-2
3M

There is federated network and good client. Linphone is an example. Jitsi (not Jitsi Meet) is other.

You can send messages to any SIP account using SIMPLE.

poVoq
13M

Weeeelll, technically. But there is no where near the same ecosystem as for XMPP. Also I don’t think there is e2ee for SIMPLE.

@Echedenyan
1
edit-2
3M

Every business here use SIP-Phones (calls only though), mostly with propietary implementations but is something very extended at business and institutions level.

poVoq
13M

Yes I am aware that there are a lot of SIP phones, but are you seriously comparing that to XMPP? That is like saying WhatsApp is the same as snail-mail :p

@Echedenyan
1
edit-2
3M

Jejejejejeje.

BTW, LIME is specific from Linphone though.

https://wiki.linphone.org/xwiki/wiki/public/view/Lib/Features/LIME/

I make the comparison because they don’t add modifications to the protocol itself. These closed networks use to be compatible with any SIP public infraestructure in comparison what people do with XMPP which even being connected, there could be a lot of incompatible things.

I consider SIP and SIMPLE simplicity a feature in comparison with other protocols.

BTW, SIP can be used P2P as well as SIMPLE. If I remember use to be mostly that with STUN help and a SIP Proxy Server for registering users and notifications.

@Echedenyan
13M

There is, it is called LIME.

@linkpop
13M

XMPP does calls as well: https://blog.wirelessmoves.com/2020/05/xmpp-voice-and-video-calls-with-conversations-a-dream-come-true.html

You could also combine an XMPP server you manage with something like Asterisk to then allow your XMPP clients to do SIP calls through that, though that is a bit involved.

@Echedenyan
13M

The XMPP calls are set in Jingle XEPs. AFAIK, there are big stability issues even with the XEPs for STUN/TURN discovery.

@linkpop
1
edit-2
3M

Your experience may vary, but on my personal XMPP server with it’s own STUN/TURN server using conversations.im - calls pretty much Just Work (edit: I’ve only tried a call with a siskin client outside of conversations and that worked too).

@Gwynne
creator
3
edit-2
25d

deleted by creator

poVoq
23M

For me e2ee on XMPP with OMEMO works fine, never had problems with it. But I guess your best experience will be if both sides use the Conversations client on Android.

is there a good matrix client for multiple accounts?

Take a look at this link: https://matrix.org/clients-matrix/

It has a comparison of clients features at the bottom. Some of them allow multiple accounts. Not all clients support E2EE tho.

fatboy
23M

use xmpp?

Yeah. Why the downvotes.

@khaonuts
banned
23M

comes down to your own personal needs and how you maintain opsec. matrix is a great option for privacy if you host your own server. joining an instance might be less reliable for stringent security needs and concerns about specific attack vectors. the encrypted chat they have is good regardless, and its a better option than signal or many other chat/messaging protocols. matrix servers do a lot, its a decentralized protocol.

be real about your security needs and outline them. what are attack vectors you are concerned about? what are you trying to keep safe? what threat actors are you concerned about? answering these types of questions will help you outline your needs and choose/use technology which meets those needs

@Gwynne
creator
1
edit-2
25d

deleted by creator

@2wT
23M

Matrix does not keep metadata completely private.

I don’t get why you are concerned about your IP address, every service you use will be able to see your IP so if you want to hide it use TOR.

@Gwynne
creator
1
edit-2
25d

deleted by creator

blue_penquin
3
edit-2
3M

Matrix clients does support connecting to Tor. For example Quaternion,Mirage has this;Element doesn’t have a UI for it (it is on the roadmap) but you can use it on a browser or on desktop use the cli flag --proxy-server and on Android use Orbot in VPN mode. It also depends on the homeserver whether they allow connecting through Tor or have a policy against that. Multiple accounts too are on the roadmap for Element: on browser you have to use containers or separate profiles; on desktop use the --profile flag.

@Gwynne
creator
2
edit-2
25d

deleted by creator

blue_penquin
3
edit-2
3M

See here. This is the issue tracking the UI for proxy too. The flag comes from Chromium; you can’t use a http+password proxy though since Chromium doesn’t support that too.

@Gwynne
creator
1
edit-2
25d

deleted by creator

@2wT
1
edit-2
3M

deleted by creator

@noobda
banned
-2
edit-2
3M

removed by mod

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 30 users / day
  • 93 users / week
  • 193 users / month
  • 595 users / 6 months
  • 2953 subscribers
  • 1498 Posts
  • 6653 Comments
  • Modlog