Privacy

31837 readers

175 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

212

The Best Encrypted Messengers in 2024 (blog.thenewoil.org)

submitted 3 months ago by [email protected] to c/[email protected]

128 comments fedilink hide all child comments

I am a firm believer that there are many privacy techniques you should focus on before encrypted messaging because they will offer you much more “bang for your buck,” things like good passwords, two-factor authentication, and even encrypted email. That said, I still believe that encrypted messaging is a critical part of a well-rounded privacy and security strategy. While the vast majority of our day-to-day conversations may be benign, it can still offer a lot of insight into who we are as people – our routines, likes, and personal thoughts. This information – mundane or not – is worth protecting.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 25 points 3 months ago (4 children)

XMPP, for example, does not enable end-to-end encryption by default

Why always these false myths? The most popular XMPP mobile clients do enable it by default.

[–] [email protected] 11 points 3 months ago (1 children)

It was a conscious decision for them not to enforce E2EE by default. https://web.archive.org/web/20211215132539/https://infosec-handbook.eu/articles/xmpp-aitm/

XMPP clients have like 10 different implementations because of that and are not always consistent with each other or even function universally across platforms.

But I'm not an author. That would be @[email protected].

[–] [email protected] -5 points 3 months ago (1 children)

The article you linked is a highly misleading nothing burger. And enforcing e2ee at protocol level is a bad idea for many reasons.

[–] [email protected] 6 points 3 months ago (2 children)

That's what encrypted messagers are...

[–] [email protected] 4 points 3 months ago

Messengers are not protocols. They use protocols. Most XMPP clients use the same encryption scheme Signal does only without being dependent on a single specific server, allowing users to spread out. I recommend reading about the differences between targeting developing a platform and developing protocols. Once you do, you'll see XMPP+Encryption in a better light than anything like Signal. The main problem in the current moment with XMPP+Encryption us that it isn't where the people are. Us tech weirdos can start the push into that space a little bit, but we need "Normies" to adopt to, and for that we need to be clear on what were talking about. Comparing XMPP to signal doesn't make sense. Comparing Cheogram to Signal does. And in the latter, cheogram frankly blows Signal out of the water for real privacy and security considerations

[–] [email protected] 1 points 3 months ago

🙄 you have obviously no idea what you are talking about.

[–] [email protected] 9 points 3 months ago* (last edited 3 months ago)

Right? It is a generic protocol for all sorts of communications, some of which don’t require encryption. Yet every modern chat client for human-to-human communication has OMEMO, OTR, & PGP encryption options.

[–] [email protected] 3 points 3 months ago

I immediately had my suspicions this article might contain some bullshit when I saw it was published by the new oil...

[+] [email protected] -11 points 3 months ago (2 children)

Why are we still pushing XMPP? It isn't the 90s and I don't feel like learning IRC 2.0.

[–] [email protected] 10 points 3 months ago (2 children)

Maybe because it works, is easy to set up, light on resources and still is evolving?

[–] [email protected] 4 points 3 months ago

And fully open-source and relying on standards from the get go.

Gee i guess it ain't cool, that's why...

[–] [email protected] -1 points 3 months ago (1 children)

It isn't easy to setup and the core protocol is dated. You can add all sorts of extensions but at the end of the day the core system is old. It feels weird to push it over Matrix. If you want something simple use IRC as you can setup encryption.

[–] [email protected] 5 points 3 months ago

Encryption support in IRC clients is WAY behind XMPP. The one I have seen consistently is OTR in form of an add-on, and even that people rarely install. Although IRC is indeed what I prefer for public groupchats.

Matrix seems to be doing the same thing but consumes more resources. And as for setup - I have done that, it is indeed pretty easy, easier than Matrix.

[–] [email protected] 2 points 3 months ago

XMPP is so bad it was the baseline for Whatsapp. You know: that minor platform that feels like IRC and never took off. A lot of the techno around you are old stuff that evolved, "new" techno usually comes with new unexpected issues. Then they mature, get better and... old?