Mastodawn

Kloud Apr 17, 2024

come chat with us online, your options are:

- unencrypted faang client
- other unencrypted faang client
- other other unencrypted faang client
- encrypted faang client that is likely backdoored
- $20 profile microtransactions and constantly changing UX
- client with optional encryption and requires a phone number
- encrypted by default client that also requires a phone number
- 35 year old protocol lacking a lot of QOL features that people still use for some reason
- 25 year old protocol that nobody can agree on which extensions to use
- "unable to decrypt message"

That one Fedi creature

@Jenetrix

Me: "hey, your FOSS project is cool, do you have a group?"
them: "Yes, on Discord... wait, where did you go?"

That one Fedi creature

@Jenetrix the numbers are going 🤯

Jen, Enbymilf Apr 17, 2024

@fuzzylinuxuser

@Jenetrix well, #XMPP just works...

Try @monocles / #MonoclesChat and @gajim / #Gajim.

They just work and do proper #E2EE!

Otherwise consider #IRC for bublic chats and #SelfHosted #Zulip for organization chats...

@kkarhan @Jenetrix @monocles @gajim both of those protocols are in fact in this list :p
also, my experience with XMPP (including Gajim) was incredibly flaky and the inability to reliably keep any history across a pool of changing devices was what ultimately made me quit using it tbh

laalsaas Apr 16, 2024

@darkphoenix @Jenetrix @gajim @monocles @kkarhan Idn't gajim the client that needs a plugin for omemo?

vascorsd Apr 16, 2024

@laalsaas @darkphoenix @Jenetrix @gajim @monocles @kkarhan last releases it's included.

nullenvk Apr 16, 2024

@darkphoenix @Jenetrix @gajim @monocles @kkarhan that must've been a misconfigured server tbh.
I had problems with cross-device history synchronization on tchncs.de and some other instance, but once I switched to an instance ran by a friend, the experience suddenly got 10x better (and ofc, cross-device history synchronization started working even on OMEMO-encrypted MUCs)

XMPP

Open source deployments with love! Find your home at tchncs.de

tchncs.de

@[email protected] @Jenetrix @gajim @monocles @kkarhan I'll have you know I misconfigured that server myself tyvm
but more seriously, it seems like there's no solid way across platforms to get old history to a brand new device joining the pool. And, sorry, but that's a hard non-negotiable requirement for me.

vascorsd Apr 16, 2024

@darkphoenix @Jenetrix @gajim @monocles @kkarhan the experience on xmpp absolutely sucks on any client still. Just create an account on a server, login into a device like the phone and then login on another computer or even a third device as another computer and it all goes insane with broken history, failed to read messages, last read sync, random keys on the account without understanding from which device they are, needing to approve... It's insane. I kinda miss keybase that just worked.

uncomfy Apr 17, 2024

@kkarhan @Jenetrix @monocles @gajim i havent seen someone in my circle using xmpp or maybe i just dont know

Csepp 🌢Apr 18, 2024

@kkarhan @Jenetrix @monocles @gajim I literally had unfixable encryption issues with XMPP, so it "just working" is a bit of a stretch, unless they somehow miraculously fixed multi-device and group encryption in the last 3 years.
Had to fully disable encryption, because nothing was getting through.

@csepp @Jenetrix weird...

Sadly without any data or error reports neither @monocles nor @gajim can actually diagnose or fix the issue...

To me that sounds like someone MITM'ing comms....

@Jenetrix
> 25 year old protocol that nobody can agree on which extensions to use

There were updates made to fix that, and the devs talk to each other.
https://xmpp.org/about/compliance-suites/
👍

Compliance Suites | XMPP - The universal messaging standard

About There is a growing number of XMPP Extension Protocols (XEPs) that provide different building blocks for XMPP-based applications. XMPP software developers are confronted with the challenge of finding the right combination of XEPs for a given …

Deividas Paukštė

@Menel @Jenetrix Me and my bf are self hosting the 25 year old protocol and it’s pretty good so far. Conversations, the Android client just got an update to Material 3, so it actually feels modern too. The only thing I miss from using Fluffychat is all my neofoxes

mxk Apr 16, 2024

@Menel @Jenetrix conversations works well, but is there any client with a comparable feature set/maturity for iOS and OSX by now?
Last time I checked this wasn't the case.

@mxk
There is snikket / siskin trying too.
And it seems @Monal is getting quite good with the features. But I don't know people with iPhones and didn't test any of it myself.
Snikket is developing a Building kit for xmpp apps, to make it easier in the future to develop xmpp clients.

Christoph Egger Apr 17, 2024

@Menel
Monal was quickly getting there while I was still having apple devices (circa 2021) and seems to have taken the remaining milestones since then. Also active project with helpful people around
@mxk @Monal

vyivel Apr 16, 2024

@Jenetrix i'll take the 35 year old protocol

Jen, Enbymilf Apr 16, 2024

@vyivel i miss 35yo protocol sometimes. its a shame the servers i was on were hella toxic. met a lot of close friends on 35yo protocol tho, including my wife.

kuriko (moved!)Apr 16, 2024

@Jenetrix “this is why we use the number stations technique and just post encrypted messages as numbers on public timelines and decrypt with the one time pad that we exchange in person once every month

// 63405 33974 11028 29475 11007 94751 04751 04001 96481 67017 82900 91751 03861
// please do not try to crack that i either keymashed for three seconds (or you don’t have the one time pad for it :3)

vxo Apr 16, 2024

@kuriko @Jenetrix it needs a spooky fading interval signal

kuriko (moved!)Apr 16, 2024

@vxo @Jenetrix this hits me so hard

blobcatnotlikethisgoogly

bravo

vxo Apr 16, 2024

@kuriko @Jenetrix I still remember when I made that it was because I heard it echoing from a weak distant BGM speaker somewhere and thought, yes, this would be a perfect numbers station interval signal just barely peeking out of the airwaves

The Doctor Apr 16, 2024

@kuriko @Jenetrix Paging @ohkrll... please go to the nearest white courtesy phone..

xrvs Apr 16, 2024

@Jenetrix >faang

amazon and netflix have a chat now?

Mia Rose 🖋️ Second Draft [79%]Apr 16, 2024

@Jenetrix I've written telegram support multiple times because my newly bought sim card number was apparently already in use or something

no answer to this day

alina 🌸Apr 16, 2024

@MiaWinter @Jenetrix telegram support is basically non-existent. if they didn't answer you within 24h after your first message – they probably never will.

i sure hope this will improve once they start making a profit and can focus on users instead of staying afloat...

Mia Rose 🖋️ Second Draft [79%]Apr 16, 2024

@teidesu @Jenetrix has any chatapp ever made a profit tho?

alina 🌸Apr 16, 2024

@MiaWinter @Jenetrix well uhh discord does i suppose

Mia Rose 🖋️ Second Draft [79%]Apr 16, 2024

@teidesu @Jenetrix yea but they had to throw in the kitchen sink in order to make any money

@teidesu @MiaWinter @Jenetrix they make money?
i thougth they just raise some venture capital every few years and are loosing money every other time

Mia Rose 🖋️ Second Draft [79%]Apr 16, 2024

@teidesu @Jenetrix personally, I only need it for some groups, I prefer signal

(but I'm also a biased german)

alina 🌸Apr 16, 2024

@MiaWinter @Jenetrix most of my online presence has been in telegram for almost 5 years already, so uhh
signal sucks because literally nobody is on there + there are like 0 features that i use daily in tg

the fact that it's not e2e by default tbh makes sense because it's cloud-first. there isn't really a way to seamlessly sync private keys across clients, and there isn't a way to recover it if you have no devices logged in left.
which are like, a big part why telegram is actually good.

(but im also a biased russian)

Compromise_bi_flag

@MiaWinter @Jenetrix A less-well-understood address depletion scenario. 😔

James M.Apr 17, 2024

@MiaWinter @Jenetrix I would strongly recommend *against* using Telegram if you're concerned about government-level surveillance. They seem to be aligned with Putin, and I'm not just saying that because they're Russian. The founder and owner Pavel Durov recently interviewed US fake journalist and Putin stooge Tucker Carlson, and even before that the security experts I know warned against using Telegram.

Mia Rose 🖋️ Second Draft [79%]Apr 17, 2024

@jamesmarshall @Jenetrix a lot of local groups and gay people use it, that's my only usecase

And I'm not really concerned about russia spying on my yuri tbh

Erethon Apr 16, 2024

@Jenetrix I'll play devils advocate here and point two things. Encryption for public chatrooms doesn't provide any benefits, it's a public room already. Secondly, e2ee solutions if you don't verify identities/keys out of band provide no security either, you might be being mitm-ed and you won't know it unless you verify each other.

So it's important to note what your usecase is.

Jen, Enbymilf Apr 16, 2024

Compromise_bi_flag

@erethon @Jenetrix I wouldn't necessarily characterize all multiuser chat platforms as "public;" there are plenty of use cases where you have a community chat, but you wouldn't want an uninvited third party intercepting the discussion — marginalized people living under oppressive regimes but wanting or needing to find community springs to mind.

(That said, keeping multiuser plaintext comms off the platform operator's system gets into complicated key management problems, as you touch upon.)

Erethon Apr 16, 2024

@jima I agree, not all multi-user rooms are meant to be public, my comment was specifically about public/open-for-everyone-to-join rooms where encryption doesn't provide any benefits.

Besides the key management problems, another common failure I've seen in various circles is people feeling they're in a safe environment because the chat is e2ee, while also having threat actors (i.e. cops) in the room that can read all messages. As the number of people in a room increases, things get harder.

Compromise_bi_flag

@erethon I would still disagree that encryption provides no benefits, even in the context of open-to-the-public chat.

Just because a chat room can be publicly joined doesn't mean you necessarily want anyone who can sniff your packets to know you're in that chat room, thereby enabling them to join and snoop more directly.

Agreed on the false sense of safety point, however! Definitely worth bearing in mind.

Erethon Apr 16, 2024

@jima You're right and I'm guilty of thinking of some things in an absolute way or making some assumptions.

For example, I assume that the packets are encrypted and people sniffing network traffic won't see your messages. In this context encryption was only meant as e2ee and not transport encryption.

I'm also guilty of thinking this mainly in Matrix terms, where [server admins](https://blog.erethon.com/blog/2022/07/13/what-a-malicious-matrix-homeserver-admin-can-do/) have so much power and there's so much metadata in the "clear" that complicates things.

What a malicious matrix homeserver admin can do

Compromise_bi_flag

@erethon OK, fair! On the e2ee & "public" chats front, totally agreed.

@Jenetrix i hate how i can tell which apps you're talking about without anyone naming them
(i use $20 profile microtransactions and client with optional encryption

)

Pebbles Apr 16, 2024

@frost @Jenetrix furry

𝕹𝖞𝖝 妛彁

:labrys-45-sickle:

@Jenetrix irc is the protocol of choice for girlfailures who have lowered their expectations enough to not expect QOL features from anything

𝓢𝔂𝓭𝓷𝓮𝔂 <3

@Jenetrix I'll take federated gay twitter servers

Lilith Ashley Nyx Arson

@Jenetrix what's the 35 year old one

Rift System Apr 16, 2024

@root @Jenetrix irc

Frog Dorothy Haze (Powered by a DFC-72-F chassis)Apr 16, 2024

@Jenetrix
- messenger
- hangouts
- ???
- what'sapp / RCS
- discord
- ???
- signal(?)
- IRC
- Failed to decrypt OMEMO message.
- Unable to decrypt message.

Jen, Enbymilf Apr 16, 2024

@admin yup, just missing skype and telegram lmao

Frog Dorothy Haze (Powered by a DFC-72-F chassis)Apr 16, 2024

@Jenetrix oh right telegram, duh. also skype still exists??

Jen, Enbymilf Apr 16, 2024

@admin unfortunately, also ms teams fits the bill too :P

Kay Ohtie 🔜 FWA Apr 20, 2024

@admin @Jenetrix I think the one after discord is Telegram, just confusing because it doesn't mention crypto scams or also premium in order to set a status (emoji)