EDIT: changed to more accurately represent how Matrix operates.
The issue is that due to the way Matrix is structured, it essentially spreads copies of unencrypted metadata to every instance participating in those rooms, So it’s federated, but difficult to actually keep metadata from being spread around even if you don’t federate with the main Matrix server, if any server you do federate with dies, it’ll get spread there. You’d have to be extremely cautious who you federate with to avoid that, or not federate at all, which defeats the purpose.
As an alternative, Movim, which uses XMPP and is also federated, does not spread meta data around like that.
XMPP is a shitshow of its own, very fragmented architecture. different incomplete implementations. each server can chose which features (extensions) to turn on and which not) so you can’t be sure that the person you are trying to talk to on the other server can have access to the same features, like threads or voip.
I have previously read that omemo 2 implementation is insecure. my previous experience with it 4 years ago made me give up after encrypted messages were getting lost when messaging between different clients
there is no one flagship app for XMPP that works cross platefrom and has all features implemented. heck I can’t even find a windows that support voip. and their will be none. cause xmpp has lost all traction.
As for Movim, I hate using web apps. bad user experience in general. add to that I don’t remember it ever having been audited
I have previously read that omemo 2 implementation is insecure.
It’s not insecure. The origin of that myth is this blog, however the creator deleted a response left by one of the OMEMO developers, which explained that the newer versions of OMEMO were essentially open betas, and that when a final stable release is made, only then should the client developers implement a newer version.
The Blog author’s response to deleting that comment was:
“I’ll make an edit later about the protocol version thing, but I’m not interested in having questions answered. My entire horse in this race is for evangelists to f** off and leave me alone. That’s it. That’s all I want.”
there is no one flagship app for XMPP that works cross platefrom and has all features implemented.
The Movim client is installable on all platforms as a PWA, which prevents confusion. But if you use other clients, it is true that they have differing feature support.
heck I can’t even find a windows that support voip. and their will be none.
Movim is that client. It supports Group voice/video calls and screensharing w/ audio share (a recent addition, which currently requires a chromium based browser to share the audio). Sure, it’s not a native app, but neither is Discord (it’s just another Electron app).
We need a federated solution now, otherwise we’ll all just hop to another centralized platform with all the pitfalls that brings.
As for Movim, I hate using web apps. bad user experience in general.
As the video mentions, it’s worth some inconvenience for the privacy, and currently there is no other federated Discord alternative besides XMPP and Matrix (and matrix has way too many issues to even consider, IMHO).
The community adopting Movim or supporting it with donations and bug reports will help it develop and become more polished, and there are efforts to standardize a common XMPP package platform to make deployment simpler and easier. The entire landscape for Discord alternatives all have their downsides, XMPP is the only current option that could become a long-term, permanent solution.
I’ve had matrix and element set up on my personal domain for a while, but I’ve only used them for evaluation so far. The system and network resources used are HUGE…
I’ve been setting up movim and a seperate xmpp server for a little while, and I have some initial opinions:
xmpp (prosody) appears to be much better optimised than matrix (synapse)
matrix and element are much easier to set up
movim is a huge PITA to deploy yourself (especially in a container… you’re basically on your own at the moment)
xmpp requires tcp ports and ssl certs that should be easy to set up… unless you’re on a cgnat network. Matrix can be set up through a cloudflare tunnel with https no problem, but xmpp requires some networking elbow grease.
the mandatory certificates probably make the xmpp network safer?
Even with the mautrix discord bridge copying the exact layout of discord channels into element, movim seems more familiar to me. I haven’t really had enough time to evaluate movim, but it seems like it’s trying to appeal to discord users, and element is clearly not. Element feels like a well funded enterprise tool that is doing its own thing.
commet (with 2 m’s) chat is a very faithful discord clone for matrix, but it’s very barebones.
Either way, I am gonna deploy both and let my friends/discord channel users decide what works best.
I’m rooting for xmpp at the moment, but I will be happy with anything that is self hosted, encrypted and federated.
Hopefully I don’t end up having to maintain both protocols with a bridge!
movim is a huge PITA to deploy yourself (especially in a container… you’re basically on your own at the moment)
Yeah, hopefully the dev or the community work on making it easier to deploy in a container at some point.
but it seems like it’s trying to appeal to discord users,
It is! But that focus is somewhat recent. The dev recently started a funding campaign to accelerate development, and just landed channels with rooms last week, so it’s still rough around the edges, but the pace that they’re implementing this stuff is impressive. They’re later going to work on having drop-in voice rooms as well.
EDIT: changed to more accurately represent how Matrix operates.
The issue is that due to the way Matrix is structured, it essentially spreads copies of unencrypted metadata to every instance participating in those rooms, So it’s federated, but difficult to actually keep metadata from being spread around
even if you don’t federate with the main Matrix server, if any server you do federate with dies, it’ll get spread there. You’d have to be extremely cautious who you federate with to avoid that, or not federate at all, which defeats the purpose.As an alternative, Movim, which uses XMPP and is also federated, does not spread meta data around like that.
XMPP is a shitshow of its own, very fragmented architecture. different incomplete implementations. each server can chose which features (extensions) to turn on and which not) so you can’t be sure that the person you are trying to talk to on the other server can have access to the same features, like threads or voip.
I have previously read that omemo 2 implementation is insecure. my previous experience with it 4 years ago made me give up after encrypted messages were getting lost when messaging between different clients
there is no one flagship app for XMPP that works cross platefrom and has all features implemented. heck I can’t even find a windows that support voip. and their will be none. cause xmpp has lost all traction.
As for Movim, I hate using web apps. bad user experience in general. add to that I don’t remember it ever having been audited
It’s not insecure. The origin of that myth is this blog, however the creator deleted a response left by one of the OMEMO developers, which explained that the newer versions of OMEMO were essentially open betas, and that when a final stable release is made, only then should the client developers implement a newer version.
The Blog author’s response to deleting that comment was:
Which I think shows it was done in bad faith.
You can read a longer response I left in regards to that here, if you’re interested.
The Movim client is installable on all platforms as a PWA, which prevents confusion. But if you use other clients, it is true that they have differing feature support.
Movim is that client. It supports Group voice/video calls and screensharing w/ audio share (a recent addition, which currently requires a chromium based browser to share the audio). Sure, it’s not a native app, but neither is Discord (it’s just another Electron app).
We need a federated solution now, otherwise we’ll all just hop to another centralized platform with all the pitfalls that brings.
As the video mentions, it’s worth some inconvenience for the privacy, and currently there is no other federated Discord alternative besides XMPP and Matrix (and matrix has way too many issues to even consider, IMHO).
The community adopting Movim or supporting it with donations and bug reports will help it develop and become more polished, and there are efforts to standardize a common XMPP package platform to make deployment simpler and easier. The entire landscape for Discord alternatives all have their downsides, XMPP is the only current option that could become a long-term, permanent solution.
I’ve had matrix and element set up on my personal domain for a while, but I’ve only used them for evaluation so far. The system and network resources used are HUGE…
I’ve been setting up movim and a seperate xmpp server for a little while, and I have some initial opinions:
Either way, I am gonna deploy both and let my friends/discord channel users decide what works best.
I’m rooting for xmpp at the moment, but I will be happy with anything that is self hosted, encrypted and federated.
Hopefully I don’t end up having to maintain both protocols with a bridge!
I know that part of the issue is the actual protocol, but you might try alternative matrix servers such as tuwunel for potentially better performance.
Thanks for the link, I’m happy to give it a try.
I just recently migrated all of my stuff to dockerized services, so swapping out pieces should be pretty easy
Yeah, hopefully the dev or the community work on making it easier to deploy in a container at some point.
It is! But that focus is somewhat recent. The dev recently started a funding campaign to accelerate development, and just landed channels with rooms last week, so it’s still rough around the edges, but the pace that they’re implementing this stuff is impressive. They’re later going to work on having drop-in voice rooms as well.
Despite the challenge getting it set up, I have high hopes for movim! I like the direction they’re going now.
I did end up successfully deploying it in a compose stack (despite this issue), and I’ll probably submit a fix if they don’t get to it before I do.
If anyone is interested, I can share the details about how I got it going.