I recently saw Alex's video about XMPP and I got curious.
I am using Element and Schildichat a bit, trying Element X and curious about the new Development here. It seems vibrant, they rewrite stuff in rust, the Apps are fancy and all.
But I tried Conversations and it seems based too, has transparent encryption, it is damn fast, usable, supports groups and files and all. Probably doesnt use the latest fancy Android SDKs but it seems solid.
I was surprised about how fast it was, as Matrix drastically varies per server. But also I found many dead communities, and in general I dont see XMPP at all, while many Projects (if not using Discord, bruh...) have a Matrix room.
How secure is OMEMO in todays standards? Or OpenPGP, compared to Matrix or Signal Encryption? I heard it also has rotating keys and all.
There are other things, like permission systems, chosen federation, privacy, bridge support and more, that are interesting. Are there advanced modern WebUIs for XMPP you like?
I saw that it uses up waaay less resources, why is that? Really, is "simply encrypted mail" somehow worse in an important way?
Similar to IRC, where I never found nice usable apps for my taste, I thought XMPP was deprecated, but that doesnt seem so?
What can you tell me about XMPP, is it modern, secure, privacy friendly?
This is good reading on XMPP
https://privacy.awiki.org/im.html#XMPP
And one about matrix
https://hackea.org/notas/matrix.html
I think that XMPP is obviously the superior choice here. Matrix is funded by venture capitalists that need to make money some way and they are actually recollecting users' data for that.
Do you have a source for the claim that collecting userdata is ultimately what funds Matrix?
have you read the article I linked?
I didn't say it was ultimately what funds matrix, they sell servers too, but they recollect data that's for sure.
Quoting the article here:
matrix.org and vector.im receive a lot of private, personal and identifiable data on a regular basis, or metadata that can be used to precisely identify and/or track users/server, their social graph, usage pattern and potential location. This is possible both by the default configuration values in synapse/Riot that do not promote privacy, and by specific choices made by their developers to not disclose, inform users or resolve in a timely manner several known behaviors of the software.
Data sent on a potential regular basis based on a common web/desktop+smartphone usage even with a self-hosted client and Homeserver:
With default settings, they allow unrestricted, non-obfuscated public access to the following potentially personal data/info: