[chadsix]

> if you have to reason about how the operator will handle legal threats, you shouldn't bother reasoning about the messenger at all.

That's true.

You need to run your own platform people. XMPP is plenty simple, plenty powerful, and plenty safe -- and even your metadata is in your control.

Just self host. There's no excuse in 2024.

Wake up people!

Why should the arrest of someone else affect YOU?

[nrr]

"You need to run your own platform people." What problem does this solve?

I'm someone who's been on the business end of a subpoena for a platform I ran, and narcing on my friends under threat of being held in contempt is perhaps the worst feeling I'm doomed to live with.

"XMPP is ..." not the solution I'd recommend, even with something like OMEMO. Is it on by default? Can you force it to be turned on? The answer to both of those is, as it turns out, "no," which makes it less than useful. (This is notwithstanding several other issues OMEMO has.)

[immibis]

Note in particular that the Ethernet connection to xmpp.ru/jabber.ru's server was physically intercepted by German law enforcement (or whatever-you-think-they're-actually-enforcing enforcement), allowing them to issue fraudulent certificates through Let's Encrypt and snoop on all traffic. This was only noticed when the enforcement forgot to renew the certificate. https://news.ycombinator.com/item?id=37961166

[zaik]

> The answer to both of those is, as it turns out, "no"

This is not true, it depends on the client. Conversations has OMEMO enabled per default.

[nrr]

I don't see any practical difference between "it depends" and "no" here.

[MattJ100]

This is like saying we shouldn't use TCP/IP because it's not encrypted. How it actually works is that encryption is enforced by the application - indeed the only place you can reasonably enforce it. See for example the gradual phasing out of HTTP in browsers by various means.

What this means in practice is that you shouldn't focus on whether XMPP (or Matrix, or whatever) protocols are encrypted, but whether the applications enforce it. Just as there are many web browsers to choose from, there are many messaging apps. Use (and recommend) apps that enforce encryption if that's what you want.

[nrr]

I'm not sure I agree, particularly given that there's some incentive for us to get our relatives using these messenger protocols and clients. The Web made it work because everyone came together and gathered consensus (well, modulo some details) that enforcing HTTPS is, ultimately, a good idea given the context.

So far, I'm not seeing that same consensus from the XSF and client vendors. If the capital investment can be made to encourage that same culture, the comparison can perhaps be a little closer.

[zaik]

The consensus comes from the people using the clients, not from the standards bodies. It's the same for HTTPs, where the users (in this case the server admins) decided it would be a good idea to use encryption.

There are even apps like Quicksy which have a more familiar onboarding experience using the mobile phone number as the username, while still being federated with other standard compliant servers. There is little reason to use walled garden apps like Signal these days.

[dylan604]

As if it were that simple. Where are you going to host that self-hosted instance? What protections against law enforcement inspections do you have? What protections against curious/nefarious hackers? How are you going to convince every single person you interact with to use it?

Gung-ho evangelists rarely convert like a reasonable take on the subject does

[godelski]

  > Just self host. There's no excuse in 2024.

I hate to break it to you, but there's plenty of excuses. We live in a bubble on HN.

May I remind you what the average person is like with this recently famous reddit post:

https://archive.is/hM2Sf

If you want self hosting to happen, with things like Matrix, and so on, the hard truth is that it has to not be easy for someone who can program, but trivial for someone who says "wow, can you hack into <x>" if they see you use a terminal

[maqp]

You're assuming end-to-end encryption doesn't exist, and that the only way to be safe is to have someone close to you self-hosting.

Self-hosting is terrible in that it gives Mike, the unbeknownst creepy tech guy in the group 100% control over the metadata of their close ones. Who talks to whom, when etc. It's much better to either get rid of that with Tor-only p2p architecture (you'll lose offline-messaging), or to outsource hosting to some organization that doesn't have interest in your metadata.

The privacy concern Green made was confidentiality of messages. There is none for Telegram, and Telegram should have moderated content for illegal stuff because of that. They made a decision to become a social media platform like Facebook, but they also chose not to co-operate with the law. Durov was asked to stop digging his hole deeper back in 2013, and now he's reaping what he sow.

[niutech]

Or better use a P2P IM like Jami: https://jami.net

[sroerick]

Sadly, you still have to pipe all messages through Apple’s notification API if you want notifications on iOS

[cpach]

Metadata? Yes. The plaintext of the messages is not piped through the notification API.

https://www.medianama.com/2023/12/223-signal-push-notificati...

[sroerick]

Wasn’t this the exact rhetoric used to justify PRISM during the Snowden revelations?