Weird how they are good at digging up the past relationship between the matrix team prior donators with the mosad. but failed to mention not even once that matrix’s biggest advantage is its federated nature.
So imagine you have a selfhosted matrix server and you want to invite a friend over for a chat but this friend already has an account at his other friend’s server. in Matrix he doesn’t have to make an account on every server their interlocutor is in, he just sends his messages, like its done over email, or here on lemmy (fediverse). this is an advantage other software like fluxer of stoat don’t have. and I doubt they will able to add it anytime soon, as the work needed is probably huge and would need years of work to make a proper secure e2e federate messaging solution.
Guy literally told people the criteria he was using, one of which was searching for things like that because that’s the reason for the video in the first place, the Discord exodus due to deep state ties. He admits his knowledge is limited. Weird how hard it is for some people to see things from someone else’s point of view.
Yep, and yet almost anyone who has spent any time on Lemmy knows what I’m referring to (whether they recognize it and do so as a problem is another matter)
I know what you’re referring to, and I agree it’s likely off-putting to many, but not agreeing with the developer’s politics is on an entirely different level compared to suspecting a platform may be developed and compromised by state actors.
I understand the concern, and I find it fishy that the matrix team didn’t try to address that (maybe they did but I just didn’t come across that)
but on the other hand many governments and ministries like the French MOD have deployed matrix locally for their private use. not sure they want to use a software that the mossad can directly tap into
EDIT: changed to more accurately represent how Matrix operates.
The issue is that due to the way Matrix is structured, it essentially spreads copies of unencrypted metadata to every instance participating in those rooms, So it’s federated, but difficult to actually keep metadata from being spread around even if you don’t federate with the main Matrix server, if any server you do federate with dies, it’ll get spread there. You’d have to be extremely cautious who you federate with to avoid that, or not federate at all, which defeats the purpose.
As an alternative, Movim, which uses XMPP and is also federated, does not spread meta data around like that.
XMPP is a shitshow of its own, very fragmented architecture. different incomplete implementations. each server can chose which features (extensions) to turn on and which not) so you can’t be sure that the person you are trying to talk to on the other server can have access to the same features, like threads or voip.
I have previously read that omemo 2 implementation is insecure. my previous experience with it 4 years ago made me give up after encrypted messages were getting lost when messaging between different clients
there is no one flagship app for XMPP that works cross platefrom and has all features implemented. heck I can’t even find a windows that support voip. and their will be none. cause xmpp has lost all traction.
As for Movim, I hate using web apps. bad user experience in general. add to that I don’t remember it ever having been audited
I have previously read that omemo 2 implementation is insecure.
It’s not insecure. The origin of that myth is this blog, however the creator deleted a response left by one of the OMEMO developers, which explained that the newer versions of OMEMO were essentially open betas, and that when a final stable release is made, only then should the client developers implement a newer version.
The Blog author’s response to deleting that comment was:
“I’ll make an edit later about the protocol version thing, but I’m not interested in having questions answered. My entire horse in this race is for evangelists to f** off and leave me alone. That’s it. That’s all I want.”
there is no one flagship app for XMPP that works cross platefrom and has all features implemented.
The Movim client is installable on all platforms as a PWA, which prevents confusion. But if you use other clients, it is true that they have differing feature support.
heck I can’t even find a windows that support voip. and their will be none.
Movim is that client. It supports Group voice/video calls and screensharing w/ audio share (a recent addition, which currently requires a chromium based browser to share the audio). Sure, it’s not a native app, but neither is Discord (it’s just another Electron app).
We need a federated solution now, otherwise we’ll all just hop to another centralized platform with all the pitfalls that brings.
As for Movim, I hate using web apps. bad user experience in general.
As the video mentions, it’s worth some inconvenience for the privacy, and currently there is no other federated Discord alternative besides XMPP and Matrix (and matrix has way too many issues to even consider, IMHO).
The community adopting Movim or supporting it with donations and bug reports will help it develop and become more polished, and there are efforts to standardize a common XMPP package platform to make deployment simpler and easier. The entire landscape for Discord alternatives all have their downsides, XMPP is the only current option that could become a long-term, permanent solution.
I’ve had matrix and element set up on my personal domain for a while, but I’ve only used them for evaluation so far. The system and network resources used are HUGE…
I’ve been setting up movim and a seperate xmpp server for a little while, and I have some initial opinions:
xmpp (prosody) appears to be much better optimised than matrix (synapse)
matrix and element are much easier to set up
movim is a huge PITA to deploy yourself (especially in a container… you’re basically on your own at the moment)
xmpp requires tcp ports and ssl certs that should be easy to set up… unless you’re on a cgnat network. Matrix can be set up through a cloudflare tunnel with https no problem, but xmpp requires some networking elbow grease.
the mandatory certificates probably make the xmpp network safer?
Even with the mautrix discord bridge copying the exact layout of discord channels into element, movim seems more familiar to me. I haven’t really had enough time to evaluate movim, but it seems like it’s trying to appeal to discord users, and element is clearly not. Element feels like a well funded enterprise tool that is doing its own thing.
commet (with 2 m’s) chat is a very faithful discord clone for matrix, but it’s very barebones.
Either way, I am gonna deploy both and let my friends/discord channel users decide what works best.
I’m rooting for xmpp at the moment, but I will be happy with anything that is self hosted, encrypted and federated.
Hopefully I don’t end up having to maintain both protocols with a bridge!
movim is a huge PITA to deploy yourself (especially in a container… you’re basically on your own at the moment)
Yeah, hopefully the dev or the community work on making it easier to deploy in a container at some point.
but it seems like it’s trying to appeal to discord users,
It is! But that focus is somewhat recent. The dev recently started a funding campaign to accelerate development, and just landed channels with rooms last week, so it’s still rough around the edges, but the pace that they’re implementing this stuff is impressive. They’re later going to work on having drop-in voice rooms as well.
Weird how they are good at digging up the past relationship between the matrix team prior donators with the mosad. but failed to mention not even once that matrix’s biggest advantage is its federated nature.
So imagine you have a selfhosted matrix server and you want to invite a friend over for a chat but this friend already has an account at his other friend’s server. in Matrix he doesn’t have to make an account on every server their interlocutor is in, he just sends his messages, like its done over email, or here on lemmy (fediverse). this is an advantage other software like fluxer of stoat don’t have. and I doubt they will able to add it anytime soon, as the work needed is probably huge and would need years of work to make a proper secure e2e federate messaging solution.
Guy literally told people the criteria he was using, one of which was searching for things like that because that’s the reason for the video in the first place, the Discord exodus due to deep state ties. He admits his knowledge is limited. Weird how hard it is for some people to see things from someone else’s point of view.
Uh what the fuck how about any connection to mossad should be a death sentence for a software project
So should some of Lemmy’s, and yet here we are.
Tbf, there were no alternatives at the time when most people moved here. Now there is one with Piefed, I really should move my server.
There is no known state or corporate connection to Lemmy or Piefed, unlike Matrix.
Yep, and yet almost anyone who has spent any time on Lemmy knows what I’m referring to (whether they recognize it and do so as a problem is another matter)
I know what you’re referring to, and I agree it’s likely off-putting to many, but not agreeing with the developer’s politics is on an entirely different level compared to suspecting a platform may be developed and compromised by state actors.
I understand the concern, and I find it fishy that the matrix team didn’t try to address that (maybe they did but I just didn’t come across that)
but on the other hand many governments and ministries like the French MOD have deployed matrix locally for their private use. not sure they want to use a software that the mossad can directly tap into
I wouldn’t put any stock into that as a metric of if it’s safe or not, since France was happy to buy a contract for Pegasus, another Israeli surveillance software adopted widely by EU governments such as France, Germany, and Spain.
EU governments were also happy to adopt Microsoft products despite the security implications, and even way back in the 80’s used Promis, which had a known US/Israeli backdoor in it (there’s a really great documentary about Promis on netflix, surprisingly, though I’d recommend sailing to watch it, yarr).
EDIT: changed to more accurately represent how Matrix operates.
The issue is that due to the way Matrix is structured, it essentially spreads copies of unencrypted metadata to every instance participating in those rooms, So it’s federated, but difficult to actually keep metadata from being spread around
even if you don’t federate with the main Matrix server, if any server you do federate with dies, it’ll get spread there. You’d have to be extremely cautious who you federate with to avoid that, or not federate at all, which defeats the purpose.As an alternative, Movim, which uses XMPP and is also federated, does not spread meta data around like that.
XMPP is a shitshow of its own, very fragmented architecture. different incomplete implementations. each server can chose which features (extensions) to turn on and which not) so you can’t be sure that the person you are trying to talk to on the other server can have access to the same features, like threads or voip.
I have previously read that omemo 2 implementation is insecure. my previous experience with it 4 years ago made me give up after encrypted messages were getting lost when messaging between different clients
there is no one flagship app for XMPP that works cross platefrom and has all features implemented. heck I can’t even find a windows that support voip. and their will be none. cause xmpp has lost all traction.
As for Movim, I hate using web apps. bad user experience in general. add to that I don’t remember it ever having been audited
It’s not insecure. The origin of that myth is this blog, however the creator deleted a response left by one of the OMEMO developers, which explained that the newer versions of OMEMO were essentially open betas, and that when a final stable release is made, only then should the client developers implement a newer version.
The Blog author’s response to deleting that comment was:
Which I think shows it was done in bad faith.
You can read a longer response I left in regards to that here, if you’re interested.
The Movim client is installable on all platforms as a PWA, which prevents confusion. But if you use other clients, it is true that they have differing feature support.
Movim is that client. It supports Group voice/video calls and screensharing w/ audio share (a recent addition, which currently requires a chromium based browser to share the audio). Sure, it’s not a native app, but neither is Discord (it’s just another Electron app).
We need a federated solution now, otherwise we’ll all just hop to another centralized platform with all the pitfalls that brings.
As the video mentions, it’s worth some inconvenience for the privacy, and currently there is no other federated Discord alternative besides XMPP and Matrix (and matrix has way too many issues to even consider, IMHO).
The community adopting Movim or supporting it with donations and bug reports will help it develop and become more polished, and there are efforts to standardize a common XMPP package platform to make deployment simpler and easier. The entire landscape for Discord alternatives all have their downsides, XMPP is the only current option that could become a long-term, permanent solution.
I’ve had matrix and element set up on my personal domain for a while, but I’ve only used them for evaluation so far. The system and network resources used are HUGE…
I’ve been setting up movim and a seperate xmpp server for a little while, and I have some initial opinions:
Either way, I am gonna deploy both and let my friends/discord channel users decide what works best.
I’m rooting for xmpp at the moment, but I will be happy with anything that is self hosted, encrypted and federated.
Hopefully I don’t end up having to maintain both protocols with a bridge!
I know that part of the issue is the actual protocol, but you might try alternative matrix servers such as tuwunel for potentially better performance.
Thanks for the link, I’m happy to give it a try.
I just recently migrated all of my stuff to dockerized services, so swapping out pieces should be pretty easy
Yeah, hopefully the dev or the community work on making it easier to deploy in a container at some point.
It is! But that focus is somewhat recent. The dev recently started a funding campaign to accelerate development, and just landed channels with rooms last week, so it’s still rough around the edges, but the pace that they’re implementing this stuff is impressive. They’re later going to work on having drop-in voice rooms as well.
Despite the challenge getting it set up, I have high hopes for movim! I like the direction they’re going now.
I did end up successfully deploying it in a compose stack (despite this issue), and I’ll probably submit a fix if they don’t get to it before I do.
If anyone is interested, I can share the details about how I got it going.