464
submitted 1 year ago* (last edited 1 year ago) by esaru@beehaw.org to c/technology@beehaw.org

While Jitsi is open-source, most people use the platform they provide, meet.jit.si, for immediate conference calls. They have now introduced a "Know Your Customer" policy and require at least one of the attendees to log in with a Facebook, Github (Microsoft), or Google account.

One option to avoid this is to self-host, but then you'll be identifiable via your domain and have to maintain a server.

As a true alternative to Jitsi, there's jami.net. It is a decentralized conference app, free open-source, and account creation is optional. It's available for all major platforms (Mac, Windows, Linux, iOS, Android), including on F-Droid.

you are viewing a single comment's thread
view the rest of the comments
[-] Kajika@lemmy.ml 50 points 1 year ago

Earlier this year we saw an increase in the number of reports we received about some people using our service in ways that we cannot tolerate. To be more clear, this was not about some people merely saying things that others disliked.

Cannot be less clear.

Anyway I don't understand why you'd need an account. I've always created rooms and share the link to people to invite. You can setup a password if you want privacy. Any reason to login?

[-] cerevant@lemm.ee 56 points 1 year ago

They are probably talking about using it to share CSAM or other illegal content. They need one person to login to be not anonymous so they can give it to the authorities if necessary.

[-] lemann@lemmy.one 28 points 1 year ago

Yepp I agree, that kind of cryptic speak and this kind of drastic action taken by a FOSS project likely eludes to something of this nature IMO.

If they want to continue to appeal to businesses they're almost certainly not going to release a statement saying people were sharing illegal material on our platform especially when they're not a big well-known company like Facebook, Google and Microsoft, where normal people tend to disappointingly dismiss bad findings with a "benefit of the doubt" stance.

I assume their hosted version doesn't have this limitation? In that sense, this news really is a non-issue I think, considering everyone usually has one of those three accounts. Someone looking for privacy should probably host their own IMO

[-] megsmagik@feddit.it 1 points 1 year ago

I don’t understand, even if I use a google login I haven’t necessarily give my real name to google so why is it safer for them? Anyone can create a new email with google and particularly people sharing illegal material wouldn’t use their real personal email so what’s the point?

[-] esaru@beehaw.org 2 points 1 year ago

Is a mobile phone number not required for a Google account? In many countries, including all EU ones, you need to authenticate yourself when ordering a SIM card. This makes your phone number your personal ID. Your Google account is connected to your person, and what you do on Jitsi after logging in with your Google account as well. It's easier to track back to you that way.

[-] megsmagik@feddit.it 1 points 1 year ago

Yeah I didn’t think about the phone number, I made my google account a long time ago and they didn’t use to ask you for your number but now every service needs it for “security” reasons

[-] lemann@lemmy.one 2 points 1 year ago

Law enforcement can subpoena Google for breadcrumbs, and then go to data brokers for the missing pieces. It's not perfect, but this likely isn't the reason for Jitsi doing this.

The real reason likely falls along the line of the extra requirement driving people away from misusing the service, if they now need a VPN + killswitch and a burner "faang" account to share illegal content. They'll just go to the next common denominator sadly, resulting in truly anonymous services dropping like flies (anonfiles.io being the last example of this)

[-] Smoke@beehaw.org 8 points 1 year ago

But why a Google/FB/MS account? Why isn't an email account from an established provider enough, why centralise to three megacorps?

[-] cerevant@lemm.ee 7 points 1 year ago

Because these three provide federated login most email providers do not.

[-] Smoke@beehaw.org 3 points 1 year ago

I didn't think I'd unironically hear "This is an advantage because now one company controls all your logins" as a reply to privacy concerns.

[-] cerevant@lemm.ee 4 points 1 year ago

I didn’t say that. Security and privacy are nearly opposites. This is a security decision.

[-] Shadow@lemmy.ca 4 points 1 year ago

There's plenty of disposable email services out there.

[-] Smoke@beehaw.org 2 points 1 year ago

And they're added to spam lists all the time. All you need do is draw up a list of the twenty most popular, because frankly Gmail and outlook already cover so many while leaving room for privacy-friendly providers.

[-] garrett@infosec.pub 1 points 1 year ago

There was likely a broad campaign of abuse that violated some sorta law. There’s not really another reason for this move short of something that puts them in an untenable situation.

this post was submitted on 26 Aug 2023
464 points (100.0% liked)

Technology

37699 readers
272 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS