Announcement

Collapse
No announcement yet.

Kaidan Joins KDE As A Jabber/XMPP Chat Client

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #21
    Originally posted by Termy View Post

    I think it's mainly lack of features and comfort. As much as i love the idea of freedom, i must admit that the likes of signal, Riot, XMPP don't come anywhere near telegram or wire in regards of Images, Videos, Link Previews/quickviews, stickers and overall polish. As most people don't really care too much about FOSS, they just see the downsides of the truly free chat-options - and if you are the only one of your friends using them, they are kind of pointless :/
    Delta Chat ftw

    Comment


    • #22
      Originally posted by thebear View Post
      Is this (Conversations) a viable option to e.g. Signal?
      Absolutely. OMEMO over XMPP provides state of the art security, also for end-to-end encrypted group chats.
      Conversations does not require any proprietary server, and no matter which domain/server you create an account on, you can chat with everyone on other servers as well. Support for sending images and audio works fine.

      Comment


      • #23
        Originally posted by gbcox View Post
        You might want to consider Telegram.
        The show-stopper for Telegram is that it requires centralized servers for communication. If we know anything, than that centralized communication is never robust, long-lived and secure (at least in terms of meta-data exposure).

        (Just look at the shit that recently occurred to the "Internet Radio" users, whose "Silicon Frontier" chip sets all rely on a centralized station list service that not only eavesdrop on your listening habits, but also suddenly went away.)

        Comment


        • #24
          Originally posted by dwagner View Post
          The show-stopper for Telegram is that it requires centralized servers for communication. If we know anything, than that centralized communication is never robust, long-lived and secure (at least in terms of meta-data exposure).
          Telegram servers are decentralized and spread worldwide for reliability and speed. As far as security is concerned, I'm not aware of any breach of Telegram's security. As I mentioned in an earlier post, the app has been banned in Russia because the Russian Government wanted their security keys and Telegram refused. If Russia hasn't been able to hack into Telegram, that illustrates their security methods are good enough IMO.

          Comment


          • #25
            Originally posted by FishB8 View Post
            XMPP came about before smart phones. It uses a stateful protocol, which is terrible for the intermittent connections with mobile phones and is a big battery drain. They've created a stateless extension since then, but that only works if the server supports it, and even then I'm not sure how well it works.
            That's a myth...battery is fine with Conversations (and forks), you should try it before rehashing old info.

            Originally posted by FishB8 View Post
            Supposedly the matrix chat protocol tries to fill that gap, but that only works if people use it.
            If your hardware is big enough...maybe... eg. a RPi1/256Mb from 2012 can handle with ejabberd (the XMPP server) up to 80 users chatting and sharing files or up to 200 without file sharing (yeah I/O limits with SD cards)...do search a bit for admins experiences with hosting Matrix...you might have a surprise of what hardware is needed for 1 (yes I've said one) user.

            Oh, why I've said hosting? Well the whole point of not using silos (Whatsapp/Signal/Wire/etc) is that people host their own and federate...yes some big servers will attract more users, but XMPP has a lot of servers out there: https://compliance.conversations.im/

            A default ejabberd config will yield you 100% compliance, and I guess Prosody too.

            Conversations (and now Quicksy) kinda pushed XMPP ahead, since Android users will have desktops (Gajim, Dino, Monal, Beagle), friends with iOS (ChatSecure, Monal, Siskin), friends with WindowsPhones (UWXP), everyone has a browser (Converse.js) and they all already can talk to each other, both plain and OMEMO encrypted, both 1:1 and in MUCs (groups).


            /LE: And fun fact, none of these mentioned above had or have $5mil investments or a Telco to fund them (ahem Matrix ahem), so maybe take a closer look at that "XMPP demise"...
            Last edited by Licaon; 05-12-2019, 08:27 PM.

            Comment


            • #26
              Oh, and in case you've missed the irony, so Kaidan KDE devs will now chat about their XMPP client over Matrix, right?

              Ref: https://dot.kde.org/2019/02/20/kde-a...s-im-framework

              Comment


              • #27
                Originally posted by Hi-Angel View Post
                Sure, the GNU/Linux desktop Telegram app has better encryption than the Whatsapp, because the latter can't encrypt data. The primary reason for this is that it doesn't exist.
                The GNU/Linux desktop Telegram app doesn't have better encryption because it also can't encrypt data. So while it's funny, your argument is invalid. Of course the lack of a native client is a disadvantage, but that's off-topic in the privacy/security debate.

                Originally posted by Hi-Angel View Post
                I strongly recommend against Whatapp because they ban 3-rd party apps, which is IMO a big deal. They clearly don't want people to use Whatsapp protocol, so please, do as they wish, don't use it. Use other messengers.
                Your honourable conversion mission is unneeded because I don't use WhatsApp. But neither do I recommend Telegram over it, because it's better but just not good enough.
                The thing is, Telegram could block 3rd party clients overnight if they wanted. It's still a centralised platform with all the power in the single operator's hands.

                Originally posted by gbcox View Post
                Telegram encrypts all client-server chats by default and stores them encrypted on their servers.
                That's not e2e encryption. Transport encryption should not be worth mentioning. It's not 1990 anymore.

                Originally posted by gbcox View Post
                If you want more security, they offer the "secret" chats which are not stored on their servers. Storing the chats on the server allows all platforms you have telegram installed to be synchronized.
                It really doesn't matter that much whether they store the messages or not. What matters is that those "secret chats" are end-to-end encrypted. That's also what you can verify because the crypto and client is open, while the server part is not and you can't know if they really don't store secret chats.

                Also, message synchronisation is not a valid argument to not ship e2ee. It's been a solved problem for years.

                Originally posted by gbcox View Post
                Telegrams security is good enough IMO. In fact, they have been banned in Russia because the Russian government wanted the chat keys and they refused. To my knowledge there have been no instances of Telegram security being compromised.
                This could also just be propaganda. Note: I'm not saying it is. It just isn't an argument whatsoever.

                Comment


                • #28
                  Originally posted by juno View Post
                  The GNU/Linux desktop Telegram app doesn't have better encryption because it also can't encrypt data. So while it's funny, your argument is invalid. Of course the lack of a native client is a disadvantage, but that's off-topic in the privacy/security debate.
                  Why do you think so? I briefly looked at the code in one of my prev. comments, and it does seem to encrypt it. I didn't research the code carefully though, but then again why would you think this in the first place?

                  Comment


                  • #29
                    Originally posted by juno View Post

                    The GNU/Linux desktop Telegram app doesn't have better encryption because it also can't encrypt data. So while it's funny, your argument is invalid. Of course the lack of a native client is a disadvantage, but that's off-topic in the privacy/security debate.

                    Your honourable conversion mission is unneeded because I don't use WhatsApp. But neither do I recommend Telegram over it, because it's better but just not good enough.
                    The thing is, Telegram could block 3rd party clients overnight if they wanted. It's still a centralised platform with all the power in the single operator's hands.

                    That's not e2e encryption. Transport encryption should not be worth mentioning. It's not 1990 anymore.

                    It really doesn't matter that much whether they store the messages or not. What matters is that those "secret chats" are end-to-end encrypted. That's also what you can verify because the crypto and client is open, while the server part is not and you can't know if they really don't store secret chats.

                    Also, message synchronisation is not a valid argument to not ship e2ee. It's been a solved problem for years.

                    This could also just be propaganda. Note: I'm not saying it is. It just isn't an argument whatsoever.
                    The bottom line is that there have been no reports AFAIK of Telegram data being compromised; instead all we get is people waxing poetic about imagined flaws. As I stated Telegram uses two models - a cloud based model and a "secret chat" model - which BTW, is e-2-e encrypted: https://core.telegram.org/api/end-to-end

                    Telegram has a nice FAQ that explains how both work.



                    Comment

                    Working...
                    X