[infosechandbook]

> Signal operators can also inject messages to people.

Did you check this, and can you demonstrate a server-side message injection so that the Signal clients display the injected message correctly, leaving the recipient vulnerable to spoofed messages? Would be nice to see for the security community.

> What holds true in both systems is that if someone does this, it's detectable thanks to E2EE.

What also holds true: One system enforces E2EE; for the other system E2EE is optional, depends on the client, and while spoofing could be detected thanks to E2EE, all clients we checked didn't detect it (Gajim, Conversations, Psi+, Profanity).

[Andrew_nenakhov]

If you start with an argument 'non trusted server admin can do things to my xmpp', it's strange that you don't apply same logic to Signal admins, who control the server and ship an app to you which you can't really verify.

[infosechandbook]

> If you start with an argument ..., it's strange that you don't apply same logic to Signal admins

Where is this 1-to-1 comparison you demand in the OP's original article?

Security: They mainly highlight TLS and experimental OMEMO as the main security features of XMPP. TLS is also present in Signal, and OMEMO is based on the Signal Protocol, which is enforced for Signal. So comparing this 1-to-1 in OP's article, Signal wins as these security features aren't optional but enforced and more mature.

Privacy: This section in OP's article addresses distinct things to then somehow claim XMPP is private. Let's compare them:

XMPP is an open standard -> Doesn't this apply to Signal, too? Some developers claim not to track users -> Same applies to Signal. OMEMO adds security -> explained above, already in Signal. Decentralized -> The first difference, and here we can write another article on why decentralization doesn't magically add any security or privacy. Users can choose a username, doesn't need phone number -> Second difference, which doesn't apply to all XMPP clients as some may require your phone number, and if we assume people can choose a non-identifiable username, then we can also assume people can choose a non-identifiable phone number. User may not be identifiable -> Another vague statement without any explanation that we can just assume the same way for Signal. Presence status shared with others (without mentioning that server admins can see this, too) -> Signal comes without this feature. Only nicknames exposed in MUCs (again without mentioning what MUC admins and server admins see) -> Signal lets users decide if they want to share their phone number and username with groups. User is the only one deciding about/controlling their account and personal data (how can this be ensured if this data is exposed to the server and other users) -> Again a vague statement without any explanation. So Signal users can also decide about their data.

Then, OP's article suddenly ends without going into any details. The article finishes with "phone numbers, centralization bad; username, decentralization good." This isn't balanced at all.

> Signal admins, who control the server and ship an app to you which you can't really verify.

If we write exactly the same about XMPP, people immediately state, "XMPP clients and servers are open source, everybody can look at their code." So let's apply the same logic to Signal. If you don't want to apply this logic, then yes, we can't also verify if we connect to a malicious/manipulated XMPP server even if its source code is open. The same applies to apps. And Reproducible builds don't come with this guarantee, too.

[topdancing]

> XMPP is an open standard -> Doesn't this apply to Signal, too?

Signal is the opposite of an open-standard, there's a single server implementation and basically three clients (Android, iOS, desktop) and they discourage people from using other clients. Best way to think about Signal is that it's just WhatsApp with some marketing on top.

Meanwhile, I can link a raspberry pi anywhere in the world to my XMPP server with a few lines of Python and some libraries.

> Some developers claim not to track users -> Same applies to Signal.

Both cannot be verified by the users, but as an admin, I can verify that my server isn't tracking users.

> Decentralized -> The first difference, and here we can write another article on why decentralization doesn't magically add any security or privacy.

It does certainly help not to have all of your eggs in a centralized basket, both in terms of privacy and reliability.

> Users can choose a username, doesn't need phone number -> Second difference, which doesn't apply to all XMPP clients as some may require your phone number

Do not know of a single XMPP client that requires a phone number - some random server out there, maybe.

> and if we assume people can choose a non-identifiable username, then we can also assume people can choose a non-identifiable phone number. User may not be identifiable -> Another vague statement without any explanation that we can just assume the same way for Signal.

You'll find most people will tell you that you need ID these days to get a SIM card. Creating a new XMPP account takes less than 5 seconds.

> Presence status shared with others (without mentioning that server admins can see this, too) -> Signal comes without this feature.

The user can disable these, personally I find them useful on my server and miss it sometimes when I use Signal.

> Only nicknames exposed in MUCs (again without mentioning what MUC admins and server admins see) -> Signal lets users decide if they want to share their phone number and username with groups.

Signal doesn't, all phone numbers of group members are visible to people within the group.

[infosechandbook]

> I can link a raspberry pi anywhere in the world to my XMPP server with a few lines of Python and some libraries.

Once again, "I, as a tech-savvy person, can operate my highly-customized XMPP setup everywhere", while ignoring that most people do not run their own servers.

> they discourage people from using other clients

This was discussed numerous times various platforms and proven wrong.

> I can verify that my server isn't tracking users

As discussed before on this page, most XMPP users don't run their own XMPP server but use a public XMPP server on the internet. Nobody can check whether this public XMPP server tracks its users without accessing the server itself.

> all of your eggs in a centralized basket, both in terms of privacy and reliability.

So, do you assume the Signal network infrastructure consists of a single server?

> Do not know of a single XMPP client that requires a phone number

At least Quicksy (from the Conversations developer who bragged in a public video about copying WhatsApp/Signal) and Kontalk require a phone number. They even market the phone number requirement as a benefit in comparison with other XMPP clients.

> most people will tell you

I could just claim the opposite. Without any sources, it remains an assumption.

> Signal doesn't

Signal does. You wrote, you use Signal. Did you ever join a Signal group? There is a dialog when entering a group the first time.

[topdancing]

> Once again, "I, as a tech-savvy person, can operate my highly-customized XMPP setup everywhere", while ignoring that most people do not run their own servers.

I said "my server", but the exact same code could be pointed at a different server by simply changing the username/password. Compare this to having to port a codebase from Signal to WhatsApp/Slack/whatever.

I'm also just using a standard ejabberd-based deployment, nothing highly-customized about it. Have you tried a Signal server deployment? I have, and THAT is the definition of highly-customized.

> This was discussed numerous times various platforms and proven wrong.

Alternative clients exist, but they are heavily frowned upon by the community - as a lot of the functionality they add (disappearing messages, view once media) depend on people using the official clients and not custom ones that could simply ignore this functionality.

> As discussed before on this page, most XMPP users don't run their own XMPP server but use a public XMPP server on the internet. Nobody can check whether this public XMPP server tracks its users without accessing the server itself.

That's fine, same thing applies to Matrix/Signal/WhatsApp/pretty much any messaging service out there.

> So, do you assume the Signal network infrastructure consists of a single server?

Functionally - although it is clustered - it is a single server, run by a single team - and it has gone down multiple times in the past few years.

And when it does go down: good luck using that Signal client to talk to anyone over it (SMS doesn't count as it has zero security on Signal and isn't even available on the iOS client). At least with XMPP, I can point the same client to some other server and potentially continue a conversation with someone somewhere else, with the exact same OMEMO/PGP encryption.

That is why decentralized/federated is better than "all your eggs in one basket" centralized. Centralization provides one with convenience, right up until it stops working and then it becomes a massive inconvenience.

> At least Quicksy (from the Conversations developer who bragged in a public video about copying WhatsApp/Signal) and Kontalk require a phone number.

The whole point of Quicksy is to allow people to try XMPP and find contacts easily with their number before they then move on to using actual JID-based accounts.

And he's more than free to brag about what he does - he's the one that spent the time; writing code and extensions and then released the thing to the public as free and open-source code.

> Signal does. You wrote, you use Signal. Did you ever join a Signal group? There is a dialog when entering a group the first time.

This is your Signal PROFILE name, not a username. You can quite clearly see this described in Settings -> tap the top bit with your number and read the text at the bottom.

People can still see your phone number by simply clicking on your user in the group member list. Signal, at the current time[0], has zero username functionality.

[0]: https://twitter.com/moxie/status/1480643863970816001

[infosechandbook]

Just one question as the rest was discussed numerous times before:

> At least with XMPP, I can point the same client to some other server and potentially continue a conversation with someone somewhere else, with the exact same OMEMO/PGP encryption.

How do you just "continue a conversation with someone somewhere else" when your XMPP server goes down?

Typically, you register an XMPP account on an XMPP server. If this server is offline, your account is unreachable as the account is managed by the XMPP server not by your client. Therefore, you can't use this account anymore. So you need to go to another XMPP server, register a new XMPP account, and then try to find your contacts again (which may be cached by your client or not). Finally, you have to convince "someone" that this is just you with another account on another server. There is also no verified E2EE anymore. If "someone" uses the same now-offline XMPP server, "someone" also needs to find another XMPP server.

How is this different from "when Signal goes down one uses a completely different instant messaging system", apart from using another client?

> That is why decentralized/federated is better

And we already explained (also several times) that XMPP is de-facto centralized as the vast majority of users only use a tiny number of XMPP servers hosted by an even smaller number of hosting companies. Which means: If one of these hosting companies blocks XMPP traffic (e.g., if a rogue state starts censoring) or one of these XMPP servers goes down, a huge part of XMPP users is affected.

[zaik]

> Do not know of a single XMPP client that requires a phone number

Here is the only one I know: https://quicksy.im/

[infosechandbook]

Yes, Quicksy from the Conversations developer who bragged about copying main features of WhatsApp and Signal.

Another one is Kontalk, https://www.kontalk.org/.

Both XMPP clients require a phone number, and both present the phone number as a benefit in comparison with other XMPP clients without this requirement.

[zaik]

It's a trade-off. If you are unwilling to provide a phone number you can choose any other XMPP provider and still can communicate with friends who use Quicksy/Kontalk. You simply don't have this freedom if you use WhatsApp or Signal.

[Andrew_nenakhov]

I'm arguing with your comments, not the article. Comparing Signal with XMPP is silly. It's like saying 'Firefox is more secure than XML'.

Signal is a product, XMPP is a protocol. That said, XMPP can be potentially used to build communication products that are far more secure than Signal because of a simple virtue of being able to control all components of a service instead of relying on someone else to run a server for you.

And no, this is not the same as verifying the code of Signal, because with your custom XMPP deployment you need to verify your code once, and not worry about the server admin adversary, while on Signal you will have to verify updates every single time.

[infosechandbook]

> Comparing Signal with XMPP is silly.

Could you please add your statement to any other comments by XMPP proponents that state "XMPP is better than Signal because ..."?

Plus, could you also consider this for all of your own comparisons of XMPP and Signal?

> XMPP can be potentially used

Again, a lot of guessing and assumptions what could be in a perfect XMPP world, but nobody finds nowadays.

> with your custom XMPP deployment

This isn't a unique property of XMPP.

[topdancing]

> Again, a lot of guessing and assumptions what could be in a perfect XMPP world, but nobody finds nowadays.

The German police and British health service would say that their XMPP implementations are pretty secure implementations:

- https://twitter.com/inputmice/status/1203611711967813633

- https://hellopando.com/ / https://www.erlang-solutions.com/case-studies/pando-health-c...

[zaik]

> XMPP is an open standard -> Doesn't this apply to Signal, too?

The Signal protocol is neither an open (you cannot propose changes or extensions in an open process) nor has it been submitted to an standards body.

> Some developers claim not to track users.

With Signal you have to trust a single entity not to track you. With XMPP you have the freedom to choose that entity (including choosing yourself).

> if we assume people can choose a non-identifiable username, then we can also assume people can choose a non-identifiable phone number

This is just dishonest. It's a lot harder to obtain a non-identifiable phone number than to think of a random username.

[infosechandbook]

> The Signal protocol is neither an open (you cannot propose changes or extensions in an open process) nor has it been submitted to an standards body.

Who defines "open standard" in the first place? There is no global definition for this.

> With Signal ... With XMPP ...

Another person just claimed comparing both is silly. There are already other comments addressing the rest of your statement.

> non-identifiable phone number ... random username

You compare distinct properties in your own statement. "non-identifiable" isn't the same as "random". If you want to get a random phone number, you can just buy any SIM card. Is this nitpicking? Maybe, but nitpicking is also including in dozens of "XMPP is better than Signal" statements in the comment section. There are already other comments addressing the rest of your statement.

[topdancing]

> Who defines "open standard" in the first place?

Most people on here would say: https://en.wikipedia.org/wiki/Internet_Engineering_Task_Forc...