I wonder if Keet with every be open sourced. They still are missing a lot of features that I personally find important like trying notification, read receipt.
this post was submitted on 19 Jul 2025
281 points (94.0% liked)
Technology
73196 readers
4404 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
♻️ какой смысл пользоваться этим медленным гавном прекратите, ватсап, имхо очень хорош
The protocol is bloated to hell so third-party clients stand no chance, and the foundation spends more time bikeshedding or pissing away money than they do developing. It's a doomed project.
So what's left? Jabber?
Slrpnk hosts an XMPP/Jabber for our users, mods and admins to communicate. Its worked pretty darn well for the past couple years, with very low resource needs.
The clients are pretty slick now too, such as Cheogram or Monocles for mobile, and movim is an excellent web app with support for group calls.
I'd certainly recommend it over Matrix/element.
What's the protection in the clients assuming compromised infrastructure, like e.g. in https://notes.valdikss.org.ru/jabber.ru-mitm/ ?
Significant improvements to certificate pinning and validation have been added to all major XMPP clients as a result of this incident, but it should also be clear that hosting a server on infrastructure under control by an antagonist government (see also Signal) is a very bad idea and hard to mitigate against.
Signal doesn't suffer anything worse than DoS if a hostile party controls the central service. That's its point and role. It's based on the assumption that such hostile parties as governments don't like DoS'ing central services, they prefer to be invisible.
For other points and roles other solutions exist. One can't make an application covering them all, that never happens.
Briar again (I've finally read on it and installed it, and I love how it works and also the authors' plans on the future possibilities based on the same protocols, but not for IM, say, there's an article discussing possibility of RPC over those, which, for example, can give us something like the Web ; I mean, those plans are ambitious and if I want them to succeed so much, I should look for ways to defeat my executive dysfunction and distractions and learn Java). Except it would be cool if it allowed to toss data over untrusted parties, say, now if two Briar users in the same group are not in each other's range, but there's a third Briar user not in that group between them, their group won't synchronize (provided they don't have Internet connectivity). If one could allow allocating some space for such piggybacked data, or create some mesh routing functionality, then it would become a bit cooler.
You are very naive if you think that is all the US government can do in regards to Signal, but suit yourself 🤷
OK, so what else in your opinion can it do?
load more comments
(1 replies)
End to end encryption between clients (also for groups) seems to partly address the issue of a bad server. As for self-hosting, any rented or cloud sevices are very vulnerable to an evil maid. So either in-house hosting or locked cages with tamper-proof hardware remain an option.
load more comments
(16 replies)
I'm afraid that's quite outside my field of expertise. I can only report how my experience on XMPP has been as a user, though perhaps @poVoq@slrpnk.net, who hosts it, may be able to weigh in on that. Edit: ah, I see you already have 😄
Though from my untrained eye, it seems that Jabber.ru was compromised due to not enabling a particular feature on their server
"Channel binding" is a feature in XMPP which can detect a MiTM even if the interceptor present a valid certificate. Both the client and the server must support SCRAM PLUS authentication mechanisms for this to work. Unfortunately this was not active on jabber.ru at the time of the attack.
And it seems that hosting it externally on paid hosting service (hetzner and linode) left them particularly vulnerable to this attack, and tgat it could've been mitigated by self hosting the XMPP locally, as well as activating that feature.
load more comments
(1 replies)
load more comments
(3 replies)
Back to IRC we go...
It is entirely insecure.
xmpp isn't.
(Ok I get xmpp alone is but every modern client supports the same two encryption methods so judge for yourself)
Not when the entirety of your conversations are jargon and in-jokes!
/s
load more comments
(4 replies)
Depends what your goal is. Revolt seems pretty cool, but I don't think it has any kind of encryption. It is based in Europe, though, so it gets GDPR protection, and it's open source, so it could be forked to fit other needs and uses.
No, Revolt checks neither of my boxes unfortunately.
load more comments
(1 replies)
load more comments
(3 replies)
I agree with all this. The thing which caused me to uninstall was suddenly being pushed lots of abusive message with disturbing contents.
When I complained about it, Matrix told me that my public complaints were hurting the ecosystem and I should be quiet.
load more comments
(7 replies)
I just want a self-hostable open-source alternative to the shitty closed-source IM systems I'm forced to use
I'm sticking with Matrix for now, hopefully some of the issues I've had will get ironed out
load more comments
(8 replies)
i want 90s era icq and 2000s era msn back :(
But they both closed source protocols locked down to specific corp
But locked in a way where nice third party clients could still interact with them. I never used official clients after a time.
That seems to have gone away.
What would you propose, then?
How about jabber/XMPP
How active are communities on these nowadays?
I think they are OK. When switching to it couple of years ago ifeared there will be no-one but was please tly suprised. For sure you do t have situation where most of the participants in the room are ghost accounts because presence actually works. So might look smaller but you are sure it's real users.
load more comments
(1 replies)
load more comments
(9 replies)
For me Matrix is fine, I can use IRC, Whatsapp and Discord with it. But Element is not my cup of tea, especially with Firefox as it doesn't play any videos other users are sharing. The same videos work fine with Cinny.
I can use IRC
The fact that many Discord and IRC channels (servers?) block Matrix connections has drastically reduced its usefulness for me. When I was running my own Matrix server, I could have gotten around it by using a puppet, but Synapse is such a hog I had to shut it down, and most of the IRC rooms I want to use don't allow Matrix proxies.
The IRC (Biboumi) and Discord bridges (slidge.im) for XMPP work still fine and running your own server is super lightweight.
running your own server is super lightweight.
Not IME. Are you running Synapse? Gigabytes of disk usage and memory leaks requiring restarts.
load more comments
(6 replies)
I am still mad that are no mobile clients that supports multiple accounts. So I am ending up installing for each account a different client.
Edit: added mobile.
NeoChat on KDE allows me to choose which account to login to when I start it.
Element Desktop has profiles. But sadly there are no profiles on the mobile app.
load more comments
(3 replies)