Everyday that passes, I get more and more confident that #Signal is just another bad solution. While trying to get rid of a terrible solution (WhatsApp), we fell for another bad alternative.
- It is super slow in development (despite of all increase in hype and donations and etc.)
- There is no tangible effort to bypass censorship (the TLS docker is a joke as there is no support and development !)
- It is not centralized
- Users don't adopt it because it lacks mainstream features.
There are of course alternatives and guess what, there is ALWAYS A BUT (usually with single T):
- Telegram: it is feature rich, cross-platform, cross-platform desktop app, public rooms, stickers, .... (but still there are concerns about its security/privacy. For example the conversations are not E2EE by default and it should be activated manually.
- Briar: it is secure, it can work even without internet connection. [I haven't used it recently] but perhaps it lacks many whistles and bells telegram has that can attract common people. Another downside is that it does not work on iOS! Any solution that is not cross-platform is practically useless and its adoption by good majority will never happen!
I just found https://movim.eu/ which is @xmpp based and claims to have almost everything #WhatsApp and/or #Telegram provide. The only BUT I have found so far is that there is no iOS app which is weird as I’m not sure if other XMPP iOS clients can support video call and other features.
P.s: for a software that claims FOSS federated solution, it is weird that they don’t have Mastodon account but they have Twitter!
This article touches upon some basic thoughts on what the “next” chat platform should be like:
There are some minor details that I disagree, but as a general structure, it is well inline with what the real next messenger platform should be like.
@xmpp Thanks for the information. I really appreciate it.
It seems @Monal doesn’t have video or voice call which is not a good match for movim.eu, and the siskin.im is product of @tigase which is feature-rich and cross-platform but the source of income and revenue is unclear regarding this app. The licensing and tiers for their servers are ambiguous to me:
To clarify, I don’t mind paying for a service (SUSE / RHEL), but should comply with my principals.
@cos of course, and I have many times discussed it before that the issue with Matrix is that it is not easy for common-man to work with. There is always issues like transferring the encryption keys and validating the sessions and etc. Matrix is great for tech savvy, but it is unusable for normies. When thinking about communication solutions, always consider a 75+ years old person. If they cannot feel comfortable with it, it doesn’t take off as a viable solution. That’s why Telegram is popular.
@cos I’m using Matrix for the past 1.5 years in daily basis with bunch of friends, but even I still have problems with validation of sessions when using Mirage on one computer and element on the other. Riot/element has came a long long way during this past year, but still I don’t see it as a solid solution to try to convert my family to it. It still feels unstable, especially the voice call that is always a coin toss in terms of quality.
@Mehrad ack. I haven't used VoIP much in Matrix. There has been some work on it recently though: https://matrix.org/blog/category/this-week-in-matrix#element-clients
@cos since you brought it up, you might also be interested to know that no messages is actually deleted from the server when user marks a message as deleted unless the server admins do some cleanup. This means that any implementation of auto-expiring message would practically never work. This is another big issue I have with matrix in general.
One good thing though is that the messages are editable after you have sent them unlike @Mastodon #256
@Mehrad This is a highly unpopular opinion, but I think Telegram's opt-in E2EE is a feature and not a bug.
Those who need E2EE for whatever purpose will know how to enable it, and will. Or, they'll use another tool for that job (hello UNIX philosophy).
I'm always wary of putting Swiss Army knife feature-sets on a pedestal. Telegram doesn't claim to be such, and in exchange they offer the best experience of any messenger IMHO with their cloud sync, saved messages, groups, storage, API, etc.
@oedmarap thanks for your comment but imho:
- Privacy and security should never be opt-in. They should be enabled by default and users should be able to disable them.
- Unix philosophy says tools should do one thing and do it good. In case of Telegram we are already waaaay past the “doing one thing” part, plus security is not a feature, it is a base. Any of the following tools do security and on top of that their actions:
SSH, GPG, ClamAV, Sudo, OpenSSL
@Mehrad Yeah I did say it was an unpopular opinion. 🙂
I think that each person's threat model is more important when it comes to the privacy and security features. Everything else is just window dressing on top, and sometimes even feature-creep.
Having said that, my view is that the only way to get around all these "messenger wars" (when it comes to privacy) is to focus on the protocols and not the implementations.
@Mehrad XMPP still is a de facto standard and is quite secure (no SIM required). Matrix is reinventing the XMPP wheel, for better or for worse.
Tangentially, WIRE and Threema are also often overlooked but as I mentioned above, the arguments all seem to center around the window dressing of the apps; which matters more to average users than it does to security professionals.
Ergo every "new" messenger will suffer the same fate — the proverbial tragedy of the commons.
Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.