Better than Signal?
Javcek Session is pretty decent but has some bugs. I use it occasionally but the biggest issue for any secure messaging platform is if I only have one or two contacts on it and everyone else I talk with can't be bothered to use it, there's little value. I use signal, session and even whatsapp, they have their own strengths and weaknesses but are all far superior to sms.
I like signal, it has a larger user base, a low barrier for entry and despite a lot of concern about having to provide a phone number, is quite secure.
GrapheneLover
Agreed, xmpp is great.
[deleted]
Javcek Yep
- Edited
My family and I have been using Session for a year or so.
All in all, we prefer Signal, for fewer annoying things, but like the onion routing and the no phone number requirement of Session.
However, I will try Session again. It doesn't require any registration and that's what I care about most. It doesn't make it a problem for me to set up an account on Matrix but for my family members it would be an added inconvenience.
[deleted]
Javcek set it up for them, all they have to do is use it. No excuse.
I have set up a matrix server to use with my family. It runs great !
Which Matrix client are you using?
I like the approach Snikket is taking. It's not reinventing the wheel. XMPP, which is very well tested, robust, lightweight and has proven it can be extended for new usages as the world evolves throughout the years. With OMEMO for robust, secure and private E2EE. Built on top of existing popular server (Prosody) and clients (Conversations and Siskin) and contributing back to upstream. All with a consistent branding for easier adoption by non techies. I wish it was more popular so that it coul get more funding, collaborators and a larger ecosystem for easy deployment of servers etc.
I wish all the effort that was spent towards building the bloated, complex and complicated Matrix would have been spent extending XMPP further, building more servers, clients and gateways.
brightjob4495 May i ask, could you mention some benefits of XMPP over matrix? I do not know neither very well, i only heard that they are similar
brightjob4495 Finally some sense, there is imo nothing better than XMPP.
Why XMPP?
Server entity and app entity are 2 different things, reducing any kind of supply-chain attacks since the signing keys of the server are not the signing keys of the application.
XMPP server (prosody) can be hosted as a hidden service on the Tor network, making it impossible for someone to locate the physical server. Perfect for anonymity use-case. In this use-case XMPP becomes onion routed and you cannot leak your IP address.
XMPP doesnt need any identifying information from the client, you simply need to make a username@servername,something and create a password. That's it! No phone number, no email, no nothing!
XMPP is very lightweight and doesnt need a lot of resources to host the server on unlike matrix, a simpel VPS or raspbery pie is enough to host the server on for thousands of users.
XMPP has the ability for END 2 END encrypted chats and file sharing thanks to OMEMO, which is a Signal fork and audited. XMPP supports OMEMO for private chats and also for private group chats!
XMPP has also the option for federation by enabling server2server connections, though for those who want privacy they can disable that of course.
Hathaway_Noa Well i must say you got me interested there, could you please provide me with a link as to how to setup an onion xmpp?
- Edited
Signal recently announced new "quantum resistant" features.
OMEMO, which is a Signal fork
I'm definitely curious - what might it look like for OMEMO to inherit these "quantum resistant" features from upstream?
[deleted]
PMUSR Olvid makes huge questionable claims, which seems like marketing stuff to make you pay 10$ per month.
Also refer to this Reddit comment: https://www.reddit.com/r/privacy/comments/14wovyz/comment/jrjhtbv/
Olvid is in the game since 2019. They have and are close to good cybersecurity French experts. Olvid is used by the RAID (elite tactical unit of the French police).
They are open to bug bounties.
As a startup they have chosen agressive marketing to attract attention and build a sustainable business model, namely with professionals that can pay them. For individuals the app is free, and 4.99€ / month to be able to call people.
A problem raised is that Olvid is using AWS. The Olvid answer is that their security model does not trust the servers.
I think that the biggest problem of Olvid is that it is not internationally mature enough so that people around the world take the time to look into the matter.
They seem focused to conquer the French environment first. They have not survived yet a big exposure at an international scale like Signal so that we challenge well their credibility.
As of now I would not necessarily recommend Olvid compared to the other solutions, just saying that this option exists.
Do I understand correctly that Signal uses XMPP?