this post was submitted on 03 Feb 2024
426 points (96.9% liked)

Privacy

31991 readers
801 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I've been working really hard to research and rank messaging apps by their privacy. The more green boxes the better.

I plan to turn PrivacySpreadsheet.com into a place for privacy data on everything from cars to video games. It's all open source too on GitHub.

Not trying to advertise, I just put a lot of time into researching all this, and I want to share it since I think others could benefit.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 8 points 9 months ago (3 children)

I think that information for XMPP is inaccurate. I use it for private communication. E2E encryption is on by default in Conversations, messages are removed from a server if MAM is off.

[–] [email protected] 10 points 9 months ago (2 children)

Dino, Gajim turn on OMEMO by default & even the TUI Profanity prominently displays [unencrypted] in red at the top by default nudging you to pick OMEMO, OTR, or PGP for end-to-end encryption. The protocol is generic on purpose & meant to be extended with encryption which in the case of private chat applications, is now defacto. Much in the same way, TLS isn’t required since there are application that don’t require it, but defacto, all guides for setting up a XMPP server for chatting applications will suggest TLS where some servers have options like s2s TLS required or it won’t talk to the other server.

Seems weird that there’s a big, red no even when all the defaults point in the direction yes for human-to-human chat. Much in the same way some values are wrong like apps & servers being open source when there very much are proprietary XMPP servers out there like WhatsApp & Zoom. There’s also a reason Tails OS comes with Dino (or Pidgin) & every dark web guide explains how to connect to XMPP thru Tor + OMEMO/OTR, because it can be secure & anonymous enough for criminals & whistleblowers while being lightweight & decentralized.

[–] [email protected] 2 points 9 months ago (1 children)

It's always crickets when the issue of improper poor ranking of XMPP is addressed in these threads..

[–] [email protected] 2 points 9 months ago

Everything has to be new & shiny or it’s bad. XML bad, JSON good. /s