this post was submitted on 05 Oct 2024

22 points (89.3% liked)

Privacy

31385 readers

795 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

[email protected]

How save is XMPP really? (self.privacy)

submitted 15 hours ago by andylicious1337 to c/[email protected]

15 comments fedilink hide all child comments

Ok so, here I am again asking another question 🙈🙊 But hear me out: I read this post here about, if there even is a good privacy messenger that can be trusted. Someone in the comments mentioned Conversations (a XMPP client for Android). This made me look into XMPP and at the moment I am giving Conversations a try. Reading into XMPP, I couldn't find a problem security or privacy wise. Also it seems like it does not matter what server I use (atm. we are on 07f.de) since it is all e2e with OMEMO. Am I missing something or is it really this good? And if I dont trust anyone, I could host my one instance of ejabberd, right?

top 15 comments

sorted by: hot top controversial new old

[–] [email protected] 9 points 7 hours ago

Others are noting clients & servers matter. This isn’t a downside—it’s just that the protocol is flexible & extensible for many types of messaging beyond human2human private conversations, which explains why encryption isn’t a requirement for the clients. With that said any modern client targeting said H2H interaction will have basic forms of encryption like PGP, OTR, & OMEMO which all do the job of E2EE. OMEMO is based on the same ideas that Signal, WhatsApp, Matrix, & so on use so that part is all the same.

A unique feature for XMPP in this space tho is how low-spec & resource-unintensive the servers/clients are—you aren’t chewing up a ton of CPU or RAM, there is no eventual consistency to balloon storage (MAM is enough), clients don’t drain your battery or take literal minutes to sync with servers. Since it is low-cost, it is feasible to self-host XMPP from a residential server (at home on some old hardware for instance) or add it to a multipurpose machine where it doesn’t get in the way of other processes/storage. Some of the other service often mentioned here either you can’t self-host or are quite expensive to run (often by design) which limits the accessibility causing centralization as well as requiring trust in that server you don’t own.

[–] [email protected] 11 points 13 hours ago

E2ee is not everything, as most of the privacy sensitive metadata can still be collected. Sure it is nice to have, but even more important is that you can chose a trustworthy server operator or run your own. XMPP allows doing that, but it has some weaknesses with client implementations and so on.

I am a bit biased and would say all in all XMPP is probably the best option right now, but it depends on your specific priorities. It certainly has some rough edges though.

[–] [email protected] 4 points 11 hours ago (1 children)

You have to trust the servers with your metadata, and that the servers have their inter-server communication locked down, but at least you can choose/operate servers.

Some clients are a bit flaky with their e2e encryption defaults or from a UI perspective it is easy to send an unencrypted message (in a new chat for example) before noticing that was how it was set.

There are a few XEPs the server needs which enable things like OMEMO, efficient mobile data/battery use, offline and multiple device deliverability, file transfers, etc. Audio/video calling has various requirements as I think xmpp only facilitates the setup of the call.

[–] andylicious1337 3 points 5 hours ago (1 children)

ok but if I'd recommend a client to the people I want to text with via xmpp I can be certain which client they use. My idea isnt to write with strangers but only with real people I know (friends and family).

[–] [email protected] 3 points 3 hours ago

It is great as a private communication app for a close group. I'm running my own server because you have to trust your server operator with metadata, and because I found random public servers to be too short-lived for sustained usage by non-tech people.

[–] [email protected] 7 points 15 hours ago* (last edited 15 hours ago) (4 children)

its really really save

Edit: sorry I misread it as XMR.

XMPP can be very unsafe. It depends on the client you use. Its best to use a protocol that doesn't allow unencrypted messages to be sent at all. Like Wire or Signal.

[–] [email protected] 1 points 3 hours ago

If I understand correctly, you can prohibit non-e2e messages on your server .

[–] [email protected] 3 points 5 hours ago

Its best to use a protocol that doesn't allow unencrypted messages

This is an implementation thing and not a protocol thing. What protocol doesn't allow unencrypted messages? I am sure signal's protocol would still allow it, it's just that the implementation doesn't.

And same for XMPP. Just go with the implementation that doesn't.

[–] [email protected] 8 points 14 hours ago

Kinda depends on your threat model too, like if you don't want your traffic going through the US signal is gonna be a big no no.

[–] Im_old 4 points 13 hours ago

Simplex.chat is the current best one AFAIK

[–] Im_old 1 points 13 hours ago (1 children)

It depends on the client and the security implementations they support. For example IIRC no client support the last version of OMEMO (I think it was about OMEMO, I remember an article about it some time ago). Also are you sure that all the other people's clients are on the same version and you're not susceptible to a downgrade attack?

Unless you are ready to/want to control the whole environment (i.e. at least the clients and possibly the server), look into simplex.chat

[–] [email protected] 4 points 13 hours ago

There are some clients that support the latest version of OMEMO, but yes, since the most popular ones do not, you end up using the older version most of the time. That said, the older version is not generally unsafe, it basically is the same as WhatsApp or Signal are using. The newer version is just somewhat better as it includes some lessons learned from earlier attempts.

[+] [email protected] -7 points 10 hours ago (1 children)

Having to ask means you're probably conducting unsafe behaviors anyway

[–] andylicious1337 5 points 5 hours ago (1 children)

I am asking because I want to understand the "hype" about XMPP that and why it is always mentioned when someone is asking for a good privacy friendly messenger :)

[–] [email protected] 6 points 3 hours ago

The "hype" around XMPP is that it is simple and extensible. The server implementations of XMPP are very performant, especially compared to other protocols like Matrix that fit the same niche. I would like to see XMPP succeed, but what people want is a finished, unified product. Matrix, more so Element Matrix, succeeds in the personal messaging space because it provides a unified experience and a finished product. XMPP has been utilized by thousands of different projects, from Xbox game chats, to Zoom and WhatsApp, but each implementation is different and specialized. Conversations works great as a messenger, I recommend it. Easy to selfhost as well.