The Matrix.org network has great potential, but after years of dealing with glitches, slow performance, poor UX, and one too many failures, I’m done with it.
The protocol is bloated to hell so third-party clients stand no chance, and the foundation spends more time bikeshedding or pissing away money than they do developing. It’s a doomed project.
You can interact with Matrix server through basic curl commands… and I thought the documentation was pretty good. There are plenty of third-party clients.
Sure, E2EE, keys and cross-signing is not trivial, but I don’t know where it is.
I didn’t imply that you can’t strip the protocol down to its bare essentials and still use it, but what’s the point of a protocol if everyone is on their own personalized version of it? Version / Feature fragmentation is a massive problem and basically none of the third party clients are up to snuff. Synapse is a massive bowl of lukewarm dog water, and most alternatives to it die in a year because it’s impossible to keep up. There’s too much shit in the protocol.
What specific version/feature fragmentation and clients are you referring to? As is common now, newer Synapse drops support for older Postgres (for example). Voice and video calls is the only feature that I can think of that is half-assed in Element/ElementX or not implemented in some clients.
Otherwise, Element, Element X, FluffyChat, Fractal, freaking Cinny on Ubuntu Touch (!), and terminal-based gomuks all support basic functionality, DMs, rooms, encryption, and attachments.
Slrpnk hosts an XMPP/Jabber for our users, mods and admins to communicate. Its worked pretty darn well for the past couple years, with very low resource needs.
The clients are pretty slick now too, such as Cheogram or Monocles for mobile, and movim is an excellent web app with support for group calls.
You an also use a platform like simplex or the tor routing ones, but they aren’t going to offer the features of XMPP. It’s better to just not worry about it. This kind of attack is so difficult to defend against that it should be out of the threat model of the vast majority of users.
Significant improvements to certificate pinning and validation have been added to all major XMPP clients as a result of this incident, but it should also be clear that hosting a server on infrastructure under control by an antagonist government (see also Signal) is a very bad idea and hard to mitigate against.
So Signal does not have reproducible builds, which are very concerning securitywise. I talk about it in this comment: https://programming.dev/post/33557941/18030327 . The TLDR is that no reproducible builds = impossible to detect if you are getting an unmodified version of the client.
Centralized servers compound these security issues and make it worse. If the client is vulnerable to some form of replacement attack, then they could use a much more subtle, difficult to detect backdoor, like a weaker crypto implementation, which leaks meta/userdata.
With decentralized/federated services, if a client is using other servers other than the “main” one, you either have to compromise both the client and the server, or compromise the client in a very obvious way that causes the client to send extra data to server’s it shouldn’t be sending data too.
A big part of the problem comes with what Github calls “bugdoors”. These are “accidental” bugs that are backdoors. With a centralized service, it becomes much easier to introduce “bugdoors” because all the data routes through one service, which could then silently take advantage of this bug on their own servers.
This is my concern with Signal being centralized. But mostly I’d say don’t worry about it, threat model and all that.
I’m just gonna @ everybody who was in the conversation. I posted this top level for visibility.
For a similar threat model, signal is simply not adequate for reasons I mentioned above, and that’s probably what poqVoq was referring to when he mentioned how it was discussed here.
The only timestamps shared are when they signed up and when they last connected. This is well established by court documents that Signal themselves share publicly.
This of course, assumes I trust the courts. But if I am seeking maximum privacy/security, I should not have to do that.
The infrastructure is under control of an antagonistic government, yes. Hetzner is also technically a private company, but they obviously willingly complied with requests from the German government.
Signal doesn’t suffer anything worse than DoS if a hostile party controls the central service. That’s its point and role. It’s based on the assumption that such hostile parties as governments don’t like DoS’ing central services, they prefer to be invisible.
For other points and roles other solutions exist. One can’t make an application covering them all, that never happens.
Briar again (I’ve finally read on it and installed it, and I love how it works and also the authors’ plans on the future possibilities based on the same protocols, but not for IM, say, there’s an article discussing possibility of RPC over those, which, for example, can give us something like the Web ; I mean, those plans are ambitious and if I want them to succeed so much, I should look for ways to defeat my executive dysfunction and distractions and learn Java). Except it would be cool if it allowed to toss data over untrusted parties, say, now if two Briar users in the same group are not in each other’s range, but there’s a third Briar user not in that group between them, their group won’t synchronize (provided they don’t have Internet connectivity). If one could allow allocating some space for such piggybacked data, or create some mesh routing functionality, then it would become a bit cooler.
End to end encryption between clients (also for groups) seems to partly address the issue of a bad server. As for self-hosting, any rented or cloud sevices are very vulnerable to an evil maid. So either in-house hosting or locked cages with tamper-proof hardware remain an option.
I’m afraid that’s quite outside my field of expertise. I can only report how my experience on XMPP has been as a user, though perhaps @poVoq@slrpnk.net, who hosts it, may be able to weigh in on that. Edit: ah, I see you already have 😄
Though from my untrained eye, it seems that Jabber.ru was compromised due to not enabling a particular feature on their server
“Channel binding” is a feature in XMPP which can detect a MiTM even if the interceptor present a valid certificate. Both the client and the server must support SCRAM PLUS authentication mechanisms for this to work. Unfortunately this was not active on jabber.ru at the time of the attack.
And it seems that hosting it externally on paid hosting service (hetzner and linode) left them particularly vulnerable to this attack, and tgat it could’ve been mitigated by self hosting the XMPP locally, as well as activating that feature.
My friends created a telegram group and invited in a couple of bots that do stupid things like posting images or vulgarities when they detect certain words, or perform actions on request.
I tried to convince them to get rid of the bots but they’re in the “we have nothing to hide” camp.
Depends what your goal is. Revolt seems pretty cool, but I don’t think it has any kind of encryption. It is based in Europe, though, so it gets GDPR protection, and it’s open source, so it could be forked to fit other needs and uses.
The protocol is bloated to hell so third-party clients stand no chance, and the foundation spends more time bikeshedding or pissing away money than they do developing. It’s a doomed project.
You can interact with Matrix server through basic curl commands… and I thought the documentation was pretty good. There are plenty of third-party clients.
Sure, E2EE, keys and cross-signing is not trivial, but I don’t know where it is.
I didn’t imply that you can’t strip the protocol down to its bare essentials and still use it, but what’s the point of a protocol if everyone is on their own personalized version of it? Version / Feature fragmentation is a massive problem and basically none of the third party clients are up to snuff. Synapse is a massive bowl of lukewarm dog water, and most alternatives to it die in a year because it’s impossible to keep up. There’s too much shit in the protocol.
What specific version/feature fragmentation and clients are you referring to? As is common now, newer Synapse drops support for older Postgres (for example). Voice and video calls is the only feature that I can think of that is half-assed in Element/ElementX or not implemented in some clients.
Otherwise, Element, Element X, FluffyChat, Fractal, freaking Cinny on Ubuntu Touch (!), and terminal-based gomuks all support basic functionality, DMs, rooms, encryption, and attachments.
So what’s left? Jabber?
Slrpnk hosts an XMPP/Jabber for our users, mods and admins to communicate. Its worked pretty darn well for the past couple years, with very low resource needs.
The clients are pretty slick now too, such as Cheogram or Monocles for mobile, and movim is an excellent web app with support for group calls.
I’d certainly recommend it over Matrix/element.
I wouldn’t call either of those, or any other XMPP clients “slick” and it’s my biggest complaint about the protocol.
What would make them slick?
Not to mention you can run a server on anything pretty much and for surprisingly big amount of users. Toaster or potatoes will do just fine.
What’s the protection in the clients assuming compromised infrastructure, like e.g. in https://notes.valdikss.org.ru/jabber.ru-mitm/ ?
https://www.devever.net/~hl/xmpp-incident
This article discusses some mitigations.
You an also use a platform like simplex or the tor routing ones, but they aren’t going to offer the features of XMPP. It’s better to just not worry about it. This kind of attack is so difficult to defend against that it should be out of the threat model of the vast majority of users.
Significant improvements to certificate pinning and validation have been added to all major XMPP clients as a result of this incident, but it should also be clear that hosting a server on infrastructure under control by an antagonist government (see also Signal) is a very bad idea and hard to mitigate against.
So Signal does not have reproducible builds, which are very concerning securitywise. I talk about it in this comment: https://programming.dev/post/33557941/18030327 . The TLDR is that no reproducible builds = impossible to detect if you are getting an unmodified version of the client.
Centralized servers compound these security issues and make it worse. If the client is vulnerable to some form of replacement attack, then they could use a much more subtle, difficult to detect backdoor, like a weaker crypto implementation, which leaks meta/userdata.
With decentralized/federated services, if a client is using other servers other than the “main” one, you either have to compromise both the client and the server, or compromise the client in a very obvious way that causes the client to send extra data to server’s it shouldn’t be sending data too.
A big part of the problem comes with what Github calls “bugdoors”. These are “accidental” bugs that are backdoors. With a centralized service, it becomes much easier to introduce “bugdoors” because all the data routes through one service, which could then silently take advantage of this bug on their own servers.
This is my concern with Signal being centralized. But mostly I’d say don’t worry about it, threat model and all that.
I’m just gonna @ everybody who was in the conversation. I posted this top level for visibility.
@Ulrich@feddit.org @rottingleaf@lemmy.world @jet@hackertalks.com @eleitl@lemmy.world @Damage@feddit.it
EDIT: elsewhere in the thread it is talked about what is probably a nation state wiretapping attempt on an XMPP service: https://www.devever.net/~hl/xmpp-incident
For a similar threat model, signal is simply not adequate for reasons I mentioned above, and that’s probably what poqVoq was referring to when he mentioned how it was discussed here.
This of course, assumes I trust the courts. But if I am seeking maximum privacy/security, I should not have to do that.
Signal is under control by the government? 🤔
Their server infrastructure is (run by Pentagon and NSA best buddies AWS).
And that means the government controls it?
The infrastructure is under control of an antagonistic government, yes. Hetzner is also technically a private company, but they obviously willingly complied with requests from the German government.
Signal doesn’t suffer anything worse than DoS if a hostile party controls the central service. That’s its point and role. It’s based on the assumption that such hostile parties as governments don’t like DoS’ing central services, they prefer to be invisible.
For other points and roles other solutions exist. One can’t make an application covering them all, that never happens.
Briar again (I’ve finally read on it and installed it, and I love how it works and also the authors’ plans on the future possibilities based on the same protocols, but not for IM, say, there’s an article discussing possibility of RPC over those, which, for example, can give us something like the Web ; I mean, those plans are ambitious and if I want them to succeed so much, I should look for ways to defeat my executive dysfunction and distractions and learn Java). Except it would be cool if it allowed to toss data over untrusted parties, say, now if two Briar users in the same group are not in each other’s range, but there’s a third Briar user not in that group between them, their group won’t synchronize (provided they don’t have Internet connectivity). If one could allow allocating some space for such piggybacked data, or create some mesh routing functionality, then it would become a bit cooler.
You are very naive if you think that is all the US government can do in regards to Signal, but suit yourself 🤷
Anything that’s been proven/confirmed?
OK, so what else in your opinion can it do?
A lot, but please educate yourself, this topic has been extensively discussed here and in other places.
End to end encryption between clients (also for groups) seems to partly address the issue of a bad server. As for self-hosting, any rented or cloud sevices are very vulnerable to an evil maid. So either in-house hosting or locked cages with tamper-proof hardware remain an option.
I’m afraid that’s quite outside my field of expertise. I can only report how my experience on XMPP has been as a user, though perhaps @poVoq@slrpnk.net, who hosts it, may be able to weigh in on that. Edit: ah, I see you already have 😄
Though from my untrained eye, it seems that Jabber.ru was compromised due to not enabling a particular feature on their server
And it seems that hosting it externally on paid hosting service (hetzner and linode) left them particularly vulnerable to this attack, and tgat it could’ve been mitigated by self hosting the XMPP locally, as well as activating that feature.
Back to IRC we go…
It is entirely insecure.
The argument has always been, if when chat rooms are public, anyone can join and start logging the chats, encryption does nothing.
It has the ability to connect over TLS, but that’s about it.
I loved using it for its simplicity, except when using all the different flavours of nick registration (Q, NickServ, …).
My friends created a telegram group and invited in a couple of bots that do stupid things like posting images or vulgarities when they detect certain words, or perform actions on request.
I tried to convince them to get rid of the bots but they’re in the “we have nothing to hide” camp.
There is some nuance here. It would be nice to not have your identity publicly linked to your IP address, which is not always the default on IRC.
That’s the main privacy concern I know about I guess.
Not when the entirety of your conversations are jargon and in-jokes!
/s
Define secure. You can run your own network.
xmpp isn’t.
(Ok I get xmpp alone is but every modern client supports the same two encryption methods so judge for yourself)
Depends what your goal is. Revolt seems pretty cool, but I don’t think it has any kind of encryption. It is based in Europe, though, so it gets GDPR protection, and it’s open source, so it could be forked to fit other needs and uses.
No, Revolt checks neither of my boxes unfortunately.
What about delta?