I am a firm believer that there are many privacy techniques you should focus on before encrypted messaging because they will offer you much more “bang for your buck,” things like good passwords, two-factor authentication, and even encrypted email. That said, I still believe that encrypted messaging is a critical part of a well-rounded privacy and security strategy. While the vast majority of our day-to-day conversations may be benign, it can still offer a lot of insight into who we are as people – our routines, likes, and personal thoughts. This information – mundane or not – is worth protecting.

  • poVoq@slrpnk.net
    link
    fedilink
    arrow-up
    0
    ·
    5 months ago

    XMPP, for example, does not enable end-to-end encryption by default

    Why always these false myths? The most popular XMPP mobile clients do enable it by default.

      • poVoq@slrpnk.net
        link
        fedilink
        arrow-up
        0
        ·
        5 months ago

        The article you linked is a highly misleading nothing burger. And enforcing e2ee at protocol level is a bad idea for many reasons.

          • The Cuuuuube@beehaw.org
            link
            fedilink
            English
            arrow-up
            0
            ·
            5 months ago

            Messengers are not protocols. They use protocols. Most XMPP clients use the same encryption scheme Signal does only without being dependent on a single specific server, allowing users to spread out. I recommend reading about the differences between targeting developing a platform and developing protocols. Once you do, you’ll see XMPP+Encryption in a better light than anything like Signal. The main problem in the current moment with XMPP+Encryption us that it isn’t where the people are. Us tech weirdos can start the push into that space a little bit, but we need “Normies” to adopt to, and for that we need to be clear on what were talking about. Comparing XMPP to signal doesn’t make sense. Comparing Cheogram to Signal does. And in the latter, cheogram frankly blows Signal out of the water for real privacy and security considerations

    • The Cuuuuube@beehaw.org
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      I immediately had my suspicions this article might contain some bullshit when I saw it was published by the new oil…

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          0
          ·
          5 months ago

          It isn’t easy to setup and the core protocol is dated. You can add all sorts of extensions but at the end of the day the core system is old. It feels weird to push it over Matrix. If you want something simple use IRC as you can setup encryption.

          • EngineerGaming@feddit.nl
            link
            fedilink
            arrow-up
            0
            ·
            5 months ago

            Encryption support in IRC clients is WAY behind XMPP. The one I have seen consistently is OTR in form of an add-on, and even that people rarely install. Although IRC is indeed what I prefer for public groupchats.

            Matrix seems to be doing the same thing but consumes more resources. And as for setup - I have done that, it is indeed pretty easy, easier than Matrix.

        • 0x0@programming.dev
          link
          fedilink
          arrow-up
          0
          ·
          5 months ago

          And fully open-source and relying on standards from the get go.

          Gee i guess it ain’t cool, that’s why…

      • matlag@sh.itjust.works
        link
        fedilink
        arrow-up
        0
        ·
        5 months ago

        XMPP is so bad it was the baseline for Whatsapp. You know: that minor platform that feels like IRC and never took off. A lot of the techno around you are old stuff that evolved, “new” techno usually comes with new unexpected issues. Then they mature, get better and… old?

    • toastal@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      5 months ago

      Right? It is a generic protocol for all sorts off communications, some of which don’t require encryption. Yet every modern chat client for human-to-human communication has OMEMO, OTR, & PGP encryption options.