@Aaron @jerry @cwcopa thing is, the issue is not just about future e-mail that is going to be written and sent. It's about all past encrypted e-mails. And that's why it's so problematic, and that's why I can see how EFF's recommendation made a lot of sense.

It was about protecting past communication.

Plus, everyone should really have 2 secure channels. Just in case. Use Signal.

@rysiek Let's not use Signal though. They require a phone number, actively discourage alternative clients and it is plainly centralised.

@xrevan86 please give me a better solution for journalists from across the world, without a way of physically meeting, and with a need for good crypto, a mobile and desktop client, and a way to share files securely.

A lot are still using Telegram or Viber. We tried pushing Tox but it was nigh-unusable to regular people. Briar is interesting, but still barely out the gate. Wire is tempting, but we barely moved people to Signal from Telegram, Viber, WhatsApp.

@rysiek Wire is more acceptable as it doesn't require a phone number, yes.
I personally think !xmpp does meet those requirements.

@xrevan86 I used to run 2 XMPP servers. Tried setting up audio communication, and MUC, and send files, and it was always a major pain in the arse, and barely worked if worked at all.

XMPP is not a solution in any way, shape, or form, until they fix the "random XEPs implemented by random clients/servers" bullshit.

As to Wire, if I had to make this decision today, Wire would probably be it. But I am not going to move hundreds of people to Wire right now; Signal is good enough.

@xrevan86 XMPPs security (i.e. OTR) is an add-on, just like PGP/GPG for e-mail. There is friction, there is additional attack surface, and it fails every now and then. End to end encryption cannot be an afterthought.

@rysiek @xrevan86
What about OMEMO?
Even though it is unfortunately does not fix XEP problem

@Skoll3 @xrevan86 let me know when most main XMPP clients (Pidgin, Gajim, Adium, Coccinella, Miranda IM, Psi, anything else?) and main servers (if implementation is needed there; prosody, ejabberd, others?) implement it.

rysiek ✅
Follow

@Skoll3 @xrevan86 and what does it tell you about a piece of software or a secure communication tool if even the privacy-minded techies are not inclined to use it?..

@rysiek If the alternatives to it that privacy-minded techies do use are Signal and Telegram (yes, there are those too), then I don't know. It only inclines me to be even more stubborn.
@rysiek Especially because some other people try to get me from XMPP to these "better" networks (privacy-aware techie people). "Just register with your phone number on a central server, install an Electron client and you're all set."
It simply doesn't cut it for me, so !xmpp stays as the only good solution.

@xrevan86 I am not trying to convince you to drop XMPP.

I am explaining why XMPP is not a solution in my case.

There is an important difference between the two.

@rysiek @xrevan86 the difference is very important, yet it's hard to tell whether someone is trying to convince your or not even in real life.

Sign in to participate in the conversation
Mastodon

Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. This server is run by the main developers of the Mastodon project. Everyone is welcome as long as you follow our code of conduct!