Follow

At /e/ we had lots of discussion about Telegram vs Signal vs ... But I must say that the best IM secured service in my opinion is @delta

Delta Chat is using emails to transport instant messages: it's fully decentralized, heavily encrypted and you can reach any contact 😀

That's a great design.

@gael @delta checked it out but doesn't work with protonmail and tutanota.

@gael @delta there is a list of supported providers and both of them are not there and somebody mentioned that protonmail doesn't work. Probably because of the encryption of the email

@gael @delta and I think they both don't have IMAP support. Protonmail and tutanota.

@jamesvdarkwood

Protonmail and Tutanota don't work because they break email standards. Their don't support imap or smtp which breaks delta-chat which is build on those standard protocols in order to send and receive messages.

This is a problem of your mail providers, not of @delta

@gael

@sheogorath @delta @gael I didn't say it's a problem of Delta :) the service is good and it's not a problem of the provider because of security they don't use those protocols :)

@Phigger @gael @delta That’s a little.. confusing? Since they’re all encrypted, with a key that’s potentially unusable for my other mail clients..?

@moritzheiber @gael @delta yup, but that's still a mail, so it appears in your box. It's part of the fully decentralized way of delta chat, since you can use it with the client you like. Even by using pgp by yourself.

@Phigger
And you can put them in a dedicated folder not to spam the main Inbox.
@moritzheiber @gael @delta

@STP_KITT @gael @delta so it’s not interfering with my inbox or other folders? That’d be cool

@moritzheiber @gael @delta Not if you don't want it to. You could however also read & reply to chats from your standard mail client/interface if you'd want to. That requires to install the encryption of course or disable it.

@gael I wouldn't recommend Telegram OR Signal OR Delta Chat. Telegram uses a proprietary backend and rolled their own crypto. Any cryptologist will tell you that that is *terrible* practise and incredibly insecure.

Signal includes blobs from Google and the devs are very hostile to people trying to fork the project to remove those.

Delta Chat is email. The only benefit there is body text encryption. Every email includes metadata such as the sender's IP address. It's also slower than other solutions - it's email.

I would recommend Wire only until Briar releases their "remote follow" feature. With it, you'll be able to add contacts without meeting them IRL.

wire.com/en/
briarproject.org/

@amolith
What's about XMPP and Matrix? Do they adress these issues? Personally I use both XMPP and Signal and I am interesting about your point of view @amolith about Signal. Are the Google blobs only located in the apps or in libsignal or maybe the server? I have taken a look on libsignal one time but didn't notice it, a bit blurry for me.
@gael

@jebanan16@framapiaf.orp.g
I love XMPP and use it quite a bit. I just don't think it's *quite* user-friendly enough to include in a ROM by default. Matrix is still a bit immature imo because, just like email, it includes a ton of metadata by default. Message deletion is also very ambiguous because, even though it may *look* like you've deleted it, the message is still there. Someone could make a client that simply doesn't honour the server saying it was deleted and it would still show up. Again, I use Matrix a lot too. I just don't think it's quite ready to be the default app on a ROM aimed at the "average" user.

I don't remember exactly what it was I read but Moxie, the lead dev, went around in circles for years extolling the virtues of the Play Store, Google Services, and Google Analytics. For the longest time, he even refused to distribute an APK and he still refuses to put it in F-Droid.

Where Moxie goes around for 3 years talking about how he can't live without Google's pretty little graphs:
github.com/signalapp/Signal-An

And this one shows where he killed a fork of Signal that removed its Google dependencies. He goes on and on about how XMPP is dead, how federation is dead and was never truly an option for serious projects, etc. etc. etc.
github.com/LibreSignal/LibreSi

Drew DeVault, developer of Sway also has a great blog post on why he doesn't trust it:
drewdevault.com/2018/08/08/Sig
@gael

@amolith @gael I completely agree with everything you wrote so far about messengers, @amolith. It's also true that xmpp clients should be more user friendly. Many of the clients did implement omemo recently and it's truly cross-platform. Xmpp needs polish, but it offers all the features I'd like to see in a modern day messenger. Unfortunately (partly because of the issues) it's not wide-spread yet; the question is, if it ever will be...

@artixx
I think one if the reasons XMPP can be so intimidating is much the same as why Mastodon is. There are so many different instances aimed at different things, run by different people, with individual configs, that it can be overwhelming trying to choose which one to go with. A lot of the things that differentiate servers from each other are settings that go over normal users' heads. What's a cipher, what's OMEMO, what's SSL, etc.?

IMO, if someone could find a good way to list in a user-friendly manner and make it easier to sign up for them, I wouldn't even be having this discussion lol. XMPP does groups, voice, video, and file sharing, it's distributed, encrypted, and battle-tested in hundreds of different scenarios. The only thing holding it back is the UX 😞

@amolith @gael Wire isn't decentral, costs money for companies, depends on telephone number or E-Mail-adress, it's server code isn't fully free (yet?), they were caught for tracking (references to Google Firebase in it's source code). Briar is much better but has huge battery consumption & I think it can't deliver messages to devices which are offine at the time of sending.

@STP_KITT I didn't realise the server code wasn't fully free or that there were references to Firebase. I'll revise my recommendations 👍

Briar does deliver messages sent when a device is offline once it comes online again. The next update is also supposed to drastically improve battery life.

@amolith Oh, I must've missed them adding offline messages. How do they do it though considering it's a P2P-messenger? If there's a central server for that it's like a problem got replaced my another problem. Anyway, I'm looking forward to improved battery life :-)

@amolith
Did you try it?

I did and I found it surprisingly fast considering it's based on email.

I felt no visible difference with other technologies like XMPP or Whatsapp. As long as you're using it for Human to Human conversations, this seems perfectly allright.

@gael

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!