this post was submitted on 17 Sep 2023
146 points (82.9% liked)

Privacy

32130 readers
1210 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 1 year ago (4 children)
[–] [email protected] 17 points 1 year ago (1 children)

He is dodgy af. Doesn't want any Signal forks (Molly being the only one tolerated) and won't let them connect to the server. That's why the open source version LibreSignal was shut down. He also doesn't want Signal to be on F-Droid, a store which only allows 100% free/open source software.

Take everything coming out of his mouth with a grain of salt.

[–] [email protected] 4 points 1 year ago

Totally agreed the project's actions against the community are shit. From a LibreSignal issue:

I understand that federation and defined protocols that third parties can develop clients for are great and important ideas, but unfortunately they no longer have a place in the modern world.

This sounds like a jaded, cynical individual. It's hilarious, sad, probably even delusional. How do they think the Internet and their operating systems work in this "modern world"? Magic fairy dust? It's difficult, thankless work put in by loads of people around the world despite enormous commercial pressure to do otherwise. Over decades. I respect Signal's work, but it's boneheaded attitudes like moxie's which impede progress, especially for the younger generations.

[–] [email protected] 10 points 1 year ago (2 children)

And an objection by the author of a popular XMPP client: https://gultsch.de/objection.html

[–] [email protected] 1 points 1 year ago (1 children)

That’s a good response I hadn’t read before - thanks. Still so relevant 7 years on.

[–] [email protected] 4 points 1 year ago

And since that time, XMPP has improved significantly (more integrated with other protocols, more efficient client and server implementations, bridges from and to activitypub, more approachable, easier to self-host...), but Signal.looks to have ... stagnated? Well... the crypto payments/web3 shady stuff aside :)

[–] [email protected] -5 points 1 year ago* (last edited 1 year ago) (1 children)

of a popular XMPP client

10k downloads for a hideous outdated app is popular now?

[–] [email protected] 2 points 1 year ago (1 children)

FYI that's an app that's used by the German police and in several other "sensitive" contexts where users won't just pull it from the play store :) ISIS even had their own fork at a point.

[–] [email protected] 1 points 1 year ago (1 children)
[–] [email protected] 1 points 1 year ago (1 children)
[–] [email protected] 1 points 1 year ago (1 children)

that website is broken beyond belief, I can't confirm anything

talking about the police site, not the mastodon link

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

It really took me a second to figure out: https://www.bundespolizei.de/Web/DE/Service/Mediathek/Jahresberichte/jahresbericht_2020_file.pdf , click on the PDF link, hop to page 48. But even without that, do you really believe that the developer of the app, who's making a living of it, would commit financial suicide by lying so openly about such a trivial thing? Either way, with or without Conversations, XMPP is used by millions of users daily: https://www.rst.software/blog/22-companies-using-xmpp-and-ejabberd-to-build-instant-messaging-services
https://xmpp.org/uses/instant-messaging/

[–] [email protected] 0 points 1 year ago (1 children)

Huh interesting, I actually had no idea those big apps used XMPP. Would it be easy for them to add e2ee if they wanted to?

[–] [email protected] 2 points 1 year ago

It depends, E2EE is mostly a client thing and most of them implement OMEMO as a standard: https://omemo.top/

OMEMO is XMPP's take on the double ratchet algorithm (very similar to Signal's), MLS is in the works as the hot new cross-protocols standard (but is inferior to OMEMO:2 when it comes to metadata encryption), PGP is often an option for the cases where perfect forward secrecy isn't desired, and OTR is still used in niche cases when you want E2EE across protocols.

In fact, E2EE was a thing in XMPP world since about 10 years… before Signal existed.

[–] [email protected] 5 points 1 year ago

Yeah and that doesn't change the fact that decentralization is better for freedom

[–] [email protected] 2 points 1 year ago (1 children)

"It’s what Slack did with IRC, what Facebook did with email, and what WhatsApp has done with XMPP". Doesn't he also notice a certain thing in common? Y'know, that they turned hostile?

[–] [email protected] 3 points 1 year ago

For sure he notices; the author runs their own email server and founded a direct competitor to WhatsApp. The author is making the point that what each of those have done - build proprietary software around federated protocols - is a financially lucrative business model. I'm sad to agree.

FWIW my opinion is that Signal's actions against these clients is petty and just shit. Thankfully, elsewhere we can see things happening differently: the interaction between Tailscale, Headscale and Wireguard gives me hope. Sourcehut is a cool project too.