54
this post was submitted on 09 Mar 2026
54 points (69.6% liked)
Privacy
48607 readers
216 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 6 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
addendum (to ensure someone gets hopping mad):
Meanwhile Discord in it's entirety is unencrypted
To be fair, Discord has e2e encrypted voice calls using their "Dave" protocol.
https://discord.com/blog/meet-dave-e2ee-for-audio-video
Dude, don't start
Hey it worked
Ugh. I've always liked Matrix (and was not bothered too much by the metadata leaks because my home server was not federated anyways), but after noticing some issues and finally reading up on the actual protocol spec a couple of weeks ago... oof. Yeah. No.
Set up XMPP for now. Works really well and the protocol seems so much saner. Unfortunately, it too has some annoyances that are unacceptable to me in the long term. I'm this close to saying "fuck it" and wasting the next couple of years of my life on a new protocol that no one is gonna use. (Cue the XKCD here.)
Unfortunately, it is not.
Ha, thanks, I'd already read that. And I do, mostly, agree; the OMEMO implementation is not great both from the security perspective discussed in the post, as well as the UX (not being able to decrypt old messages on new devices at all).
That being said, I primarily want a selfhosted, federated messenger which also takes privacy and security seriously, and at least for the former, XMPP is really refreshingly good.
Yeah no shit you already read it they post it every single time. I don't think any of them have actually read it, the problems he is complaining about were solved ages ago or by two clicks, once. The guy actually argues for people to use Telegram because they have disabilities and software is hard. An absolute masterclass.
I want to point out that the author of that linked blog, Soatok, actually removed a response in the comments from an OMEMO developer which clarified some things, which personally I think was rather odd/bad faith of them to do. When asked about it, this was their response:
According to the OMEMO developer in his response (you can it read here), there's nothing really wrong with OMEMO 0.3.0, as the dev considers it a stable standard that clients can safely implement, with newer versions basically being public beta releases toward a stable 'OMEMO 2' standard that can eventually replace 0.3.0.
Also @smiletolerantly@awful.systems.
I didn't know about this response, thank you for pointing it out. However, this response fails to address the main criticism of the XMPP+ONEMO:
This article does a good job exploring the landscape of text chats, and ultimately finds that XMPP is still our best bet, it just needs some spit and polish.
Funny, I've also already read that 😄 Good blog and article.
HAHAHAHAHAHAHAHA https://lemmy.ml/comment/24436351
I FUCKING KNEW IT YOU PEOPLE ONLY KNOW THAT ONE BLOG
What blog?
They're still far more encrypted than literally every other alternative.
You people have zero awareness of the limitations of your own knowledge.
Name a single Discord replacement that has anywhere close to the coverage of end-to-end encryption that Matrix does. Unless you're willing to sacrifice literally every other feature except text chat, I don't think there is one.
You should also link Ariadne's post saying she rather use signal, but that would be against the tone of your post, right?
https://social.treehouse.systems/@ariadne/116043045098562878
Yes, posting wrong opinions would be against the theme of the post, and in fact my account as a whole. That's pretty standard for programmers who wear bunny suits. If we keep going here one of them is going to show up and post that Soatok person's blog.
Got it, you're just here to bait people.
I'm here to educate people, not nitpick people and try to pass off my low standards for "secure software" and US government-dependent NGOs as an interest in sustainable OPSEC.