I understand that it may be problematic sometimes but this was very smooth. I didn’t even say anything.
A: what’s your number for the whatsapp group Me: I don’t have whatsapp because of facebook. B: ok, we have to use signal then A: ok
And that was it. Life can be very easy sometimes
No, Matrix isn’t the best in terms of privacy. It is a metadata disaster and most other platform are a lot more performant.
Matrix’s E2EE does not, however, encrypt everything. The following information is not encrypted: Message senders, Session/device IDs, Message timestamps, Room members (join/leave/invite events), Message edit events, Message reactions, Read receipts, Nicknames, Profile pictures
Matrix is developed by a for profit entity, a group of venture capitalists and having a spec doesn’t mean everything. The way Matrix is designed is to force into jumping through hoops and kind of draw all attention to Matrix itself instead of the end result.
XMPP is the true and the OG federated and truly open solution that is very extensible. XMPP is tested, reliable, secure and above all a truly open standard and decentralized it just lacks some investment in better mobile clients.
What most fail to see is that XMPP is the only solution that treats messaging and video like email: just provide an address and the servers and clients will cooperate with each other in order to maintain a conversation. Everything else is just an attempt at yet another vendor lock-in.
People need to get this through their heads, XMPP is the only solution for their problems.
People need to get this through their heads, XMPP is the only solution for their problems.
On the contrary, you need to understand that your own needs and priorities do not match everyone else’s, and that XMPP is not a good fit for every use case.
(Your rant was amusing, though. I hadn’t seen one like that in a couple weeks.)
While I agree with your point just tell me what Matrix does better? It’s better at being overly complicated? Or at being more propriety?
XMPP isn’t any better in terms of metadata. OMEMO is an afterthought that slaps on to XMPP. Many metadata are still attached to the message. The threat model only protects the content and doesn’t guard aginst metadata and traffic analysis. Even OMEMO extension is still in experimental status. Not to mention, users still need to signup an account using their email.
Honestly, I think SimpleX is better in everyway. No account required, minimal metadata (at least from the technical whitepaper and other sources I read), fully open source (AGPLv3), an ok mobile and desktop client, and audited. The register friction is almost non existance. You just need to install, set a name, and off you go. The only worry I have with them is they took VC funds.
ADD: XMPP is still better for company internal communication, especially when compliances require conversation archiving.
I think SimpleX is better in everyway.
A few SimpleX shortcomings beyond what you noted, in no particular order:
- No multi-device support.
- Adding contacts requires sharing somewhat large links (as either text or QR code) which can be inconvenient.
- Messages are lost if not retrieved soon after they’re sent. (I think it’s 21 days by default. I’ve had vacations longer than that.)
- No group calls.
- Group messaging is full-mesh, meaning that as a group grows, the network traffic will balloon faster than it would with any other topology. This is generally bad for high-traffic groups, but it might be okay if they stay small or everyone always has great unmetered connectivity.
- The claim to not have user IDs is misleading at best, and outright false in group chats.
- The desktop app uses Java, which will be unappealing to more than a few people. (To be fair, several other messengers use Electron, which is also unappealing to more than a few.)
It does have some neat design ideas. I don’t consider it ready for general use, but I look forward to seeing how it develops.
XMPP is way more open and interoperable than all the solutions available, it works like email any user can can talk to any other and doesn’t depend on a some proprietary / closed service centrally owned by anyone. That’s a good selling point.
XMPP doesn’t really force users to sign up with email address, it just happens that XMPP addresses use the same format, many public servers will give you an address like username@server.example.org that is never mapped to a real email address and only works for XMPP. The decision to actually ask people for their real addresses is up to who owns the server and won’t be directly exposed on the XMPP network.
It is as dead as we want. There’s no reason to reinvent the wheel, probably the only thing that XMPP lacks is a bunch of money into a very good, cross-platform (but native) client like Telegram has that actually works 100% of the time and a bunch of large scale public servers to handle regular users who don’t want to host their own. Also… easy registrations and setup on said client.
For a regular user and most privacy aware people, they just don’t care if the protocol is Matrix, Signal or XMPP - they just want a good end user experience and a solid thing, that’s what XMPP lacks today and it’s all client side.
Bottom line is: XMPP as a protocol is great, lacks someone with vision and money to drive it into mass adoption.
