I never liked in first place.

Shady homebrew crypto that once got broken, crowning themselves as "savior of " when nobody can verify the whole stack, and now this: in chats.

Use with proper (like ) or nothing at all. You can't have a realistic expectation of privacy otherwise.

Link by @thenewoil ne

Well, he said (at point 5) there won't be any ads in chats, only in one-to-many channels. So it's not *that* bad, I guess.

Agree with the XMPP part, though.


> Use #XMPP with proper #e2ee (like #OMEMO) or nothing at all. You can't have a realistic expectation of privacy otherwise.

You might want to define what you mean by “realistic expectation”. Because the #XMPP scenario is fundamentally not less vulnerable.

Each platform has slightly different security properties, but for other than casual consumer uses, “nothing at all” is indeed the safe solution.

(XMPP user and former implementor of solutions here)


@0 yeah, I understand it's hard to "standardize" all the same security practices along a federated network, I think that's partly why things like Signal opt not to federate.

At least using something implemented on the client means we can leverage away part of trust of a server operator. This does not makes the communication stack flawless, though, as you said.


@kzimmermann It literally says that there won't be ads in chats, but will have some ad options for channels (that channel owners used via 3rd parties anyways)

@kzimmermann @thenewoil Ads in chats? I didn't read it that way.

On the contrary, it seems Telegram has found a good balance to support development and server infrastructure for 500M users without turning into another Facebook.

XMPP is 100% free, but have you ever thought who's running the infrastructure? Can we really expect end-users to run their own servers? And if we had single-digit users per server, would s2s connections scale to 500M users? I highly doubt it.

@codewiz thank you for the insight. I understand he had a tough choice to make.

On the other hand, though, on of the strengths behind a federation is that nobody needs to be the "backbone" of it. This is not to say that everyone easily can, will or even wants to self-host, but the possibility at least is there - in the code.

But of course, being free to choose is even more important than federating, so if you like Telegram, by all means keep using it - it's just that I won't.


@kzimmermann @thenewoil I quite like Telegram, yes, but I wish there was a way to scale federated networks for the masses. I don't think XMPP would work. Maybe Matrix, if they solve their current reliability issues.

@kzimmermann @thenewoil Years before the Internet became available outside universities, I was running a #FidoNet node, a network of #BBS which allowed users to exchange mail and post to discussion groups.

We were volunteer-driven and funded by donations. More hierarchical and more bureaucratic than the #fediverse: we had elections for administrative roles, a long policy everyone had to agree to, voting for policy changes...

FidoNet reached 20k nodes at its apogee.

@kzimmermann @thenewoil Not sure what I was trying to convey with this... just sharing an old memory, I guess 🥲

Nice! I can only imagine how it was doing that. If we can replicate that model in today's environment it would be great, but would require quite a lot of self organization I guess

@kzimmermann @thenewoil Today it's both easier and harder: no special telco equipment, cheap data, cheap & reliable computers.

But it's harder because user expectations are so damn high. You can't just give a free email account to make them happy. And then there's abuse. Lots of it. If you run a wiki or any publishing platform, it will be filled with spam. And so, running a free service today has become a tedious, thankless job today 😞

People want real-time, fido was batched. We had our share of idiots but using it required tech knowledge and high efforts. Now it's just buying a computer in a shop then start abusing services. Can't tell which is better in the long run though.
Hi from 2:370/15 😏

@kzimmermann @thenewoil

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.