#omemo

@musevg KEINS DAVON!

#XMPP+#OMEMO oder garnicht!

@toastal

Some people would argue, that #XMPP is broken, too, esp. the #OMEMO 1 vs. OMEMO 2 situation. But it is probably less broken than Matrix, and definetively better to fix due to its extensible protocol design…

I'm using #slidge by @nicoco to use Matrix from my #Jabber client. Can't say, if it is better than the #ejabberd solution, b/c I never tried the latter. But works for me! But have at least one client with adhoc commands available, e.g. #Gajim or #Profanity!

@amythegay @kura I'd not use that shit anyway because @signalapp demanding #PII in the form of a #PhoneNumber is the illicit activity...

I use #XMPP+#OMEMO for 15+ years now.

@Xeniax All attacks on #privacy are illicit and illegitimate per definition, and merely appealing at authorities is not gonna work.

Instead encrypt harder by using real #E2EE with #SelfCustody [i.e. #PGP/MIME & #XMPP+#OMEMO), #decentralize and use @torproject / #Tor to normalize proper #ComSec!

Anything else is undue leniency in the face of #Cyberfacism!

@valenteespinosa @CAPETOK
Mejor xmpp o delta chat

Mucho mejor.

Y con omemo y/o gpg aun mejor

#xmpp #deltachat #omemo #gpg #OpenPGP

@aetus @monocles well, #monoclesXhat is an #XMPP+#OMEMO #chat client.
#PII = Personally Identifyable Information
#KYC = Know Your Customer
#E2EE = End-to-End - Encryption
#SlefCustody = You (and only you) as a user hold all the keys.

@Linux_in_a_Bit #ToldYaSo that #Matrix is a shitshow.

I'd rather use #PGP/MIME over https://ntfy.sh than that…

Use #XMPP+#OMEMO!

My reservations and criticism re: #Signal are not just valid, but the reality is even worse than I thought:

The fact that @signalapp requires not only their shitty #Android #App, and a #PhoneNumber but literally won't allow people to use their shitty #Desktop-App unless they have an Android device with a camera pointed at it makes it utterly unuseable for certain users who don't have a fucking #camera in their Android…

Seriously, do they expect folks to deal with that shit?

It's already worse in terms of #UX than #telgram and #discord and that too makes #XMPP+#OMEMO clients like @monocles / #monoclesChat & @gajim / #gajim easier and faster to onboard #TechIlliterates onto.
Whichever asshole decided that a replacement for #SMS should mandate #PII like a #PhoneNumber & not be natively cross-platform should be banned from doing any #tech in their life. Trying to circumvent this shit and helping folks with it makes me so fucking angry that I'm now explicitly refusing to support it!

FIX THAT SHIT, @Mer__edith, and if it means you need to kick some devs in their crouch then consider this a necessary "investment"…

#sarcasm #TechSupport #TapesFromTechSupport #Enshittifucation #SignalSucks #TelegramSucks #Messengers

@matrix This would not have happened with #XMPP+#OMEMO!

@FandaSin nodds in agreeement

I also think that this is kinda #MissedOpportunity for #IndieDevs and #SmallDevelopers: https://infosec.space/@kkarhan/114862673291987165

I'm not even entertaining the fantasy that this is gonna be done in the Form of some #FLOSS because obviously rapid #API changes at random are far more expensive to deal with than say old, quite static protocols where the minimalist implementation of #IRC or #XMPP has been done dozens of times and where specs detail anything extra and where things like #OMEMO take years to get #downstream'd...

Entretien exclusif avec le patron des services secrets français

https://www.youtube.com/shorts/oN60TrYL7dg

https://cyber.gouv.fr/publications/chiffrement-de-messagerie-quasi-instantanee-quel-protocole-se-vouer

#messagerie #anssi #protocole #Signal, #Whatsapp #OMEMO #XMPP

@OhMyGod Remember: ANY "#KYC" in terms of #Messenger| #Apps IS the #IllicitActivity!

Regardless if @matrix or @signalapp , the sheer request, demand or coercion onto #PII like a #PhoneNumber or #eMail-Address is bad.

If providers like @mullvadnet can do a #VPN without any PII and can offer their Service via @torproject / #Tor and host their Website as #OnionService, then there's no good reason for others not to do the same.

Personally, I'll recommend to switch to some real #E2EE with good #SelfHosting options like @delta / #deltaChat [which uses #PGP/MIME) or @monocles / #monoclesChat (which is based upon #XMPP+#OMEMO and who do host their own servers which are user-financed and can be paid for 100% anonymously.

@bfdi @kuketzblog @netzpolitik_feed @ccc @heiseonline

@empathicqubit Good question. I'd recommend you to check this with @monocles developers.

Personally, I run all my #XMPP+#OMEMO through @torproject /#Tor anyway, so my battery runtime is pretty garbage...

#Monocles does - AFAICT - allow to configure #notifications but since it's basically always connected that makes not much of a difference for battery runtim. Tho you can set it to if, when and how it notifies you.

For those that run an #XMPP server, does it seem safe enough to enable XEP-0357 if one is concerned about third party data leaks to push notification services? Is #OMEMO enough to nullify concerns? I'm using #Monocles and #Prosody and I'm trying to optimize battery usage on #Android / #LineageOS

Edit: Daniel Gultsch of Conversations.im answered my questions Thanks!

@nina_kali_nina #Funfact: Good messengers never stopped that (i.e. #XMPP+#OMEMO [@gajim & @monocles / #monoclesChat] & #IRC [ #QuasselIRC])…

Not shure if @delta can do it, but @RocketChat and @zulip certainly do allow eben custom status messages!

@DarkWebInformer you got any #XMPP+#OMEMO going?

Cuz both #Telegram and #discord are just garbage!

@artfulmodder last time I checked @signalapp still demanded #PII in.the form of a #PhoneNumber, still peddled the #MobileCoin #Shitcoin #Scam and didn't move out of the #Cyberfacist #USA despite #CloudAct being nothing new!

Not to mention #Signal is both able and willing to discriminate against users based off said PII. Just because they do it for "#Sanctions #Compliance" diesn't mean they ain't gonna change that nor that @Mer__edith (or anyone else at Signal) could be bribed or threatened to do so.

They are #centralized #SingleVendor & #SingleProvider and are thus a #SinglePointOfFailure per design!

Unlike @delta (which is #PGP/MIME in a different UI) or #XMPP+#OMEMO (which you can use via @torproject / #Tor and connect to a Server that is an #OnionService.

IMHO "memory tagging" is the least of Signal's problems. To me they stench "#ControlledOpposition" just as hard as #ANØM and incompetence as hard as #EncroChat!