• AceKat
    link
    fedilink
    arrow-up
    18
    arrow-down
    1
    ·
    3 years ago

    I constantly see this argument but let’s face it, it’s very unlikely that enough people will ever switch to something like Matrix. I like decentralization and the matrix protocol is brilliant, but it brings many problems:

    • Many people will have to care enough to host their own servers (which now is not remotely as common as it should be) otherwise everyone will just use the biggest severs, weakening the advantages of decentralization
    • It’s way harder to implement new features that people care about
    • People are not used to Element’s UI and there aren’t clients good enough to compete with Telegram, Whatsapp or even Signal
    • The performance wouldn’t be as good exept for the biggest servers, causing centralization again
    • If people don’t use it, it becomes useless, which is the same problem other alternatives have. This means that people must want to change naturally to it, meaning clients, ease of use and performance would have to be at least on par with what they’re using at the moment

    On the other hand, Signal:

    • Is very similar to the way Whatsapp works, which is what most people are used to
    • The Android and iOS clients are getting better with time (the desktop client needs to abandon electron but it’s hard with only few developers and it’s a lot of work)
    • The protocol is robust and audited
    • It doesn’t leak metadata, as Matrix does
    • Even if it’s centralized and Signal runs their servers on AWS, the only useful information third parties could gather are timestamps and the recipient of the message, not even the sender
    • It’s easy to jump on Signal, the network of contacts already exists and you wouldn’t need to ask for usernames or email addresses
    • Don’t foget that the clients and the server are open source, and even if the Signal Foundation decides to stop working on Signal, shutting down the services (VERY unlikely), we could fork the projects and bring them back up

    Centralization can be problematic, but if it’s done correctly the pros may outweigh the cons, and in my opinion this is the case for Signal, but I’d happy to be proved wrong in future

    • Looki
      link
      fedilink
      arrow-up
      3
      ·
      3 years ago

      The performance wouldn’t be as good exept for the biggest servers, causing centralization again

      In my experience, self hosted matrix is way faster than matrix.org ^^

      • AceKat
        link
        fedilink
        arrow-up
        3
        ·
        3 years ago

        It depends on what hardware you host it. Most people can’t affort powerful hardware. My experience with self-hosted matrix on a raspi 4 and on an old desktop pc hasn’t been great, and the problems grow with the number of users

    • Lynda
      link
      fedilink
      arrow-up
      4
      ·
      3 years ago

      I wonder how much longer until governments require corporations to Know Your Customer, especially if they offer crypto.

      • Sr Estegosaurio
        link
        fedilink
        arrow-up
        2
        ·
        3 years ago

        Afaik there was some shady stuff with Signal. Idk if it’s even true, but I think that centralisation just sucks for privacy and just by having common sense this is an issue. I think that signal it’s a pretty good alternative compared to Whatsapp, Instagram Direct, Facebook Messenger or SMS (if someone uses that) . But I think that we need to move to a decentralized alternative.

    • bluebell
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      3 years ago

      Yeah signal is good, but the thing I dislike about it is that its centralized and you don’t actually have the option to run your own server. Maybe one of the forks of session like session is a good alternative. But I feel like Signal is the best alternative to things like Whatsapp and Facebook messenger and it is arguably a lot more user friendly that matrix and XMPP.

      • poVoq
        link
        fedilink
        arrow-up
        5
        arrow-down
        1
        ·
        edit-2
        2 years ago

        deleted by creator

        • nasp
          link
          fedilink
          arrow-up
          5
          ·
          edit-2
          3 years ago

          Conversations is indeed a far better alternative here…

          • It uses a very popular protocol, xmpp
          • works with e2e encryption for text, files, video, audio,
          • it can be self hosted,
          • it’s fully open source, and has a couple of popular forks (like blabber)
          • devs got no funding from intelligence agencies (like matrix has)
          • it’s highly efficient (unlike matrix) and runs on the cheapest of vps servers / raspberry pi
      • Lynda
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        3 years ago

        You can run your own Session server, if you stake it. But Session is about relaying messages, so its not an exclusive server. And because a node is staked, I’m skeptical where Lokinet/Oxen is going (sounds like there’s eventually going to be a business model somewhere in there).

        I think the future needs to go towards something serverless. P2P has its drawbacks (offline messages and battery usage). Server based communication has dependence on someone else’s infrastructure. Blockchain might be a solution, combined with either something like Signal Secret Sender, Whisper, or Tor/Lokinet/I2P/relay. Not sure…but I believe it can be a lot better than what we have.

        Matrix and XMPP is just not streamlined enough for mass adoption like Signal is. If Signal removes the phone number requirement, that will be HUGE. But keep in mind, Signal could easily be blocked.

      • CHEF-KOCH
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        3 years ago

        I think the ability to run your own server could be added in the future, if they want that. The beauty about software is that most stuff can be fixed.

    • CHEF-KOCH
      link
      fedilink
      arrow-up
      4
      ·
      edit-2
      3 years ago

      XMPP had the issue that it did not supported Video and file-sharing as we know it today. They created more XEPs to address it but the client mess made it impossible for people to really use it. There was no OTR for group-chats implemented nor originally planned and other things.

      Above mentioned things changed but in the meantime people switched.

      • nasp
        link
        fedilink
        arrow-up
        3
        ·
        3 years ago

        Video, voice , files - all e2e ecrypted now on conversations (xmpp) using OMEO

        Works well

    • Looki
      link
      fedilink
      arrow-up
      7
      ·
      3 years ago

      Funny thing is, every time Matrix is proposed as an alternative for Slack/Discord, people say the opposite, i.e. that Matrix is more a replacement for WA/Signal/TG.

      After using Matrix for a while, IMO it’s closer to a personal messenger, since you have less focus on collections of channels (Servers, Categories) and more on single groups and PMs. True, there is Spaces and Threading in Beta, but that is a pretty recent development in the Matrix world.

      But the lines get blurrier anyways, so I don’t think it’s useful to discern between these two kinds of messaging platforms any more

    • nachtigall@feddit.de
      link
      fedilink
      arrow-up
      5
      ·
      3 years ago

      I share your view that XMPP is superior to Matrix as replacement for WhatsApp (which actually uses XMPP internally but does not participate in federation) in the context of personal/direct 1:1 messaging.

      The reason, though, is more technical. Matrix works like a globally synchronized database - it duplicates the message history to all participants of a chat and is stored on the server which makes it incredibly complex, expensive and error prone. XMPP rather works like a simple relay - the message is only stored until delivery. This makes the server part way more lightweight and adminstration easier as you don’t run out of memory as fast as with matrix. (See more)

      Regarding the clients I don’t like either. Element is too Slack-ish and the more modern clients like FluffyChat are quite buggy. Conversations one the other side looks outdated with a design from like 2015. I would like to see it adopting more recent iterations of material design such as cards or rounded corners.

      After all both protocols unfortunately leak considerable meta data :/

      • nasp
        link
        fedilink
        arrow-up
        4
        ·
        3 years ago

        Very good break-down.

        Besides the meta-data leaking, I would always use xmpp Conversations app over anything else. I don’t find it too outdated UI wise, but I’m no expert in this area. It does feel intuitive - somewhat like watsapp. But the blabber fork does a sligthly better job in UI

      • federico3
        link
        fedilink
        arrow-up
        2
        ·
        3 years ago

        Matrix works like a globally synchronized database

        And, among other issues, this is why it leaks tons of metadata and allow for easy correlation attacks and social graph discovery.

  • ferret
    link
    fedilink
    arrow-up
    12
    arrow-down
    2
    ·
    edit-2
    3 years ago

    I daily drove Matrix for a while and honestly, the UI/UX isn’t so good. Signal is the only platform I can reasonably get people on, and it’s just a better user experience (stickers, nice look, fast messages, link previews, etc.).

    I’m honestly sick of people saying some alternatives are great for everyone when they still have work to do, you can’t even easily make encrypted groupchats on there. So much fragmentation, so little polish - still love the devs but like, be realistic

    • SeerLite
      link
      fedilink
      arrow-up
      4
      ·
      3 years ago

      you can’t even easily do encrypted groupchats on there

      I’m curious about this. You’re not the first one to say this, but it’s been the complete opposite experience for me. The “Create room” dialog has encryption enabled by default. All group chats I’ve been in (where there aren’t any bridge bots to other services) work perfectly well with encryption enabled.

      I agree the UI/UX sucks though. I’ve been waiting for it to get better for a while but lately I’ve been considering just moving to Telegram.

      • ferret
        link
        fedilink
        arrow-up
        5
        ·
        edit-2
        3 years ago

        Right now I’m using Signal for people I personally know and Matrix for some big communities (it’s fine for that). I wouldn’t recommend Telegram because of privacy concerns, though it definitely does have the advantage of a large userbase. But I think Signal has a comparable UI/UX to Telegram so it’s worth making it work

    • ᗪᗩᗰᑎ
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      3 years ago

      a better user experience (stickers, nice look, fast messages, link previews, etc.). I’m honestly sick of people saying some alternatives a Hard agree. Additional some of his points don’t make sense, like his stance on “what if a better app ever appears” - like, who cares? If there’s a significantly better app, suggest it, if there isn’t, why caution people about something that doesn’t exist?

      He also brings up the point about LibreSignal being shut down by Moxie but doesn’t bring up the fact there are 3rd party clients that exist, which the devs are aware about, but haven’t been shut down/blocked and its been years.

      Anyways, I would disagree with the message as Signal is currently the best private and cross-platform SMS/text replacement available.

    • TaiAurori
      link
      fedilink
      arrow-up
      4
      ·
      3 years ago

      I imagine when someone says Matrix and “UX/UI isn’t good” they usually mean Element, which is the most popular of the multiple clients available (one example being Fluffychat which I hear is somewhat simpler in UX), but choice of client usually doesn’t fix fundamental problems with the protocol itself, so pick your poison.

      On the bright side, it seems the Element team recently started really picking up on the complaints yearning for a good fix-up of the Element UX, so the original issue itself might change up soon.

  • nasp
    link
    fedilink
    arrow-up
    9
    ·
    3 years ago

    I would like to thank the good people of Lemmy here, who helped me avoid the logistical nightmare of setting up a matrix server, and instead choose xmpp. It’s been so fun and easy to get my family on my xmpp server using Conversations/blabber app. Resource usage is minimal, and it works very easily.

  • the_tech_beast
    link
    fedilink
    arrow-up
    9
    arrow-down
    1
    ·
    3 years ago

    Great article and it is strange that Moxie doesn’t really like Signal forks using their servers. Isn’t what Moxie doing against the license of the project?

    Signal is great but as written in the article there are problems with it. But the great thing about Signal is that it is really simple to use and there is nothing to really set up.

    Element on the other hand has a kind of complicated UI. I am fine with the UI but I often hear new people complaining about it.

    The matrix protocol is great and I love the decentralised aspect of it.

    If you install the app on another device, sometimes old messages in an encrypted room won’t appear and then you have to request a key from another session, get the device verified, etc. This process is kinda difficult to understand for me.

    • ReK2
      link
      fedilink
      arrow-up
      6
      ·
      3 years ago

      Matrix is awesome, but guys try to not use the one node out of thousands(matrix.org) choose another node of people you trust, also avoid using vector.im other than that… matrix FTW.

    • ChinaNumberOne
      link
      fedilink
      arrow-up
      5
      ·
      3 years ago

      Isn’t what Moxie doing against the license of the project

      no. you can moderate your own signal server however you want, moxie own the signal.org server and doesn’t allowed unofficial clients to use it

      having said that, you could argue that it goes against the idea of the license and foss software in general

  • krolden
    link
    fedilink
    arrow-up
    8
    arrow-down
    1
    ·
    3 years ago

    yeah right there’s no way to convince the signal users I know to switch platforms yet again. I tried getting some to switch to xmpp which is much simpler than setting up a matrix account and they wouldn’t do it.

    • lionelcr
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      3 years ago

      I chose matrix over signal because of the centralization problem. That being said, I could convert some friends and family to use matrix but a lot of people went to (or already were on it) signal.

      After a few months I decided to install a signal bridge on my matrix server so I guess I’m having kind of best of both worlds, even though it’s not a perfect solution, it is one acomodating both sides.

      EDIT: it really bothered me to use my personal phone number as well so I use an other number I had laying around

      • krolden
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        3 years ago

        Well the phone number requirement is one of the best parts of signal IMO. Makes it much easier to find your contacts that are also using signal. Plus there’s no account to create.

        I just use both and its been fine for me.

    • Bilb!
      link
      fedilink
      arrow-up
      2
      ·
      3 years ago

      You’re basically competing with “Simply download the app (Signal) and use it.” That’s a tough thing to motivate anyone to do, and I can’t articulate in a convincing way to anyone I know why it’s better. In practical terms as far as they’re concerned, Matrix are XMPP are not any better and my preference that we didn’t use siloed centralized services is purely abstract to them.

  • CHEF-KOCH
    link
    fedilink
    arrow-up
    11
    arrow-down
    5
    ·
    edit-2
    3 years ago
    • Matrix has no SMS support, it is a weak argument but it is one because some people prefer All-in-One Apps instead of installing 1000 apps.
    • You can use Signal with burner Sim, the old argument … but but it uses your phone number is nonsense.
    • You can use Signal forks that work without phone number like e.g. Molly.
    • It is correct that Matrix uses AWS, azure and co. as servers, however the metadata impact those servers can see or use or abuse is not given. This is proven, same like that the code is considerable good enough. From what I know the Matrix clients … none of them nor the protocol got audited.
    • Skipping each time a new player pops up instead of fixing the existent protocols and clients is not for everyone a solution.
    • Most Matrix clients, at least on Desktop suck, it ends up with using alternative clients and then there is the problem of fragmentation and that those clients might even be more insecure or do not implement all feature.

    I use both Matrix and Signal and they both suck in terms of usability and alternatives clients with better GUIs and resource usage.

    Claiming over and over and over Matrix is the solution when it is not and had multiple times already incidents is cringe. There is metadata leakage, there is the group chat encryption problematic and and and, I do not even mention all problems. It will take years to address all of this.

    • pinknoise
      link
      fedilink
      arrow-up
      4
      ·
      3 years ago

      You can use Signal with burner Sim, the old argument … but but it uses your phone number is nonsense.

      It’s not that easy to get anonymous SIM-cards in many countrys. Also it’s just incredibly inconvenient and insecure. (enables easy impersonation)

      But yes most matrix clients (and servers) suck big time.

      • CHEF-KOCH
        link
        fedilink
        arrow-up
        2
        arrow-down
        3
        ·
        edit-2
        3 years ago

        You can buy SIMs online via Monera and Bitcoin.

        It is really that easy, I do not post websites because it is a gray-zone but Google it and you find entire phones without SIM tracking and websites connected to it selling only the SIMs. Every scammer use this method.

        How is that insecure if I may ask. There is no attack scenario, SMS is simply not designed to be secure, you know that before you can send something. Impersonation is on all anonymous networks like Session a problem, this is not an exclusive SMS or Signal problem. God knows how many CHEF-KOCH fakes I already encountered on Telegram and Session. I stopped counting.

        Also secure networks like Session do not stop someone from data exfiltration attacks or if you leak information yourself others can use against you. SO those networks and so-called alternatives are by no means any real alternative, Signal is designed for friends, not strangers. My friends have my real-name and my phone number, not sure about your friends…

        • pinknoise
          link
          fedilink
          arrow-up
          2
          ·
          3 years ago

          You can buy SIMs online via Monera and Bitcoin.

          I know, there are also sms-gateways and if you’re in the EU you can use a SIM from another EU country for quite cheap. It’s still inconvenient, may leak your location and is probably illegal.

          Impersonation is on all anonymous networks like Session a problem

          Using a mobile number as ID gives a false sense of authenticity. Signal only shows tiny warnings when someones “security code changes” when it should block further communication and show a warning that cannot be clicked away without knowing the implications.

          Also secure networks like Session do not stop someone from data exfiltration attacks or if you leak information yourself others can use against you.

          It’s impossible to defend against this at the software level.

          Signal is designed for friends, not strangers.

          Is your communication with friends less sensitive than that with strangers?

          • CHEF-KOCH
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            3 years ago
            • Farming data without opt-in is also illegal and no one cares.
            • Using no authentication at all is also false sense of authenticity because you do not know who you are talking too which disqualifies Session. Another problem is you need to trust others servers, joining them without any chance to verify that these servers are not a honeypot or alt-right.
            • I agree there is no network nor software which prevents data exfiltration attacks. But this shows that the main issue is on users end, not the network.
            • My point is that you to 100 Percent already shared sensitive information, so there is no privacy intrusion if you use Signal. Signal is proven to be secure and the metadata stuff on the servers are so minimal that the feds cannot do anything at all with it. I do not see to suggest other IMs who had leaks in the last + there are no audits or evidence that it is really as secure as you think it is.

            Verification, at some point will so or so become a part in the EU, if not via SMS than age check, ID or whatever they come up with. The dream that you can be fully anonymous than this is what this is about ,not privacy, will end so or so, thanks to alt-right people who abuse every anonymous network to share illegal material, to scam others. The privacy argument is for most nothing but an excuse and the Govt is also not stupid and can see that. How is it helpful suggesting software or alternatives that are ore complicated to setup and you never know who you are talking too better, I do not see it, you run into more problems if you trust anonymous strangers, besides you can block on every Android phone at least Contacts and SMS permission without root if you dislike those permissions or features - some networks or alternatives do not even allow that.

            There are problems on both ends, not only centralization and decentralization does not solve all of mentioned problems. No beginner wants to setup his own server to just chat, and no one I know does that, so at the end of the day it anyway ends up trusting a random stranger with your data because you use his server, network with your data.

            I think Signal is good for beginners, like ever software it is not perfect and like every network nothing is fully anonymous. I do not see how Matrix beats simplicity, functionality and usability - right-now - over Signals for beginners. In fact by default depending on what server you are connected too on Matrix you are less secure. There is absolute no verification, so complaining about that Signals verification process is not perfect while Matrix ones is not existing or flawed is weird.

  • 0x90
    link
    fedilink
    arrow-up
    3
    arrow-down
    2
    ·
    edit-2
    3 years ago

    Removed by mod

    • Halce
      link
      fedilink
      arrow-up
      2
      ·
      3 years ago

      Shame is, Revolt refuses to support any kind of federation…

    • Lynda
      link
      fedilink
      arrow-up
      1
      ·
      3 years ago

      I hope they eventually become multi-platform, and good support.

  • Lynda
    link
    fedilink
    arrow-up
    2
    arrow-down
    2
    ·
    3 years ago

    Skip Signal, skip Matrix, go independent, go P2P.

      • Lynda
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        3 years ago

        Tox is well implemented, but we need something that can handle messages when a recipient is offline, and something that won’t consume a lot of energy on a mobile device. Regardless of what options we have today, we need to push for the next gen of P2P, not accept less.

          • Lynda
            link
            fedilink
            arrow-up
            1
            ·
            3 years ago

            I didn’t like Briar because it isn’t cross platform. I didn’t like Jami because the configuration is confusing and the UI on Linux is not good. Tox has issues, but I’m over Tor. It is simple…and very fast…even over Tor. Status.im is another to take a look at. They may have solved the offline issues. Like I’ve said, there still a lot of room for a new generation of messengers.

              • Lynda
                link
                fedilink
                arrow-up
                1
                ·
                3 years ago

                Status is something I’m trying to better understand. It solves the P2P problem of offline messages, but I haven’t tried the mobile version to measure battery consumption. I would assume the battery usage is better because Status doesn’t require to be constantly online.

                I think there needs to be a mind set change for these types of apps. The big shift is to refer to these apps/platforms as decentralized/distributed. Decentralization/distributed includes messaging + currency + websites. Status is also built with Ethereum. So if they have the technology already built, it would seem logical a lot of these apps/platforms are going to include similar crypto/blockchain features. And if you don’t like the dapps and wallet, you can disable the features in the app. So far I haven’t seen a downside.

    • federico3
      link
      fedilink
      arrow-up
      1
      ·
      3 years ago

      Use Briar, the only messaging system that protects your metadata and does not need servers.

  • Lynda
    link
    fedilink
    arrow-up
    4
    arrow-down
    5
    ·
    3 years ago

    I think it would be nice to have a consumer focused document covering:

    • Product risks.
    • Roadmap of where we want to go.
    • Feature implementation matrix of where we want to go.
    • I would also like to know the challenges to what we want (feasibility? pros/cons?)

    In addition: I don’t want to depend on servers.
    I don’t want the risk of self hosting a server. I don’t want a server that can be blocked. I don’t want to trust client/server code. I don’t want people/admins to know who I am talking to. I don’t want people/admins to know where I’m talking from. I don’t want admins to know about groups, the subject, or the members. I don’t want to depend on an organization that can be controlled by government or ideology. I don’t want to depend on anything that can be shutdown.

    Status and Session seem to be the next evolution (though still not perfect).