-
Arne
Hi furthermore can anyone tell me is there an advantage using OLM compared to OMEMO?
-
Licaon_Kter
Arne: on xmpp?
-
Arne
One just said Matrix has OLM and XMPP only OMEMO which is less secure. I was a bit confused
-
Licaon_Kter
Arne: who said is "less" and how did the explain the whys?
-
Arne
It was a Matrix user for sure: > XMPP is probably better as it has more lightweight servers - currently, as this may change over time, and anyway, XMPP has some severe disadvantages. > Architectural/standard disadvantages. It’s based on XML, it has weaker E2EE (afaik, OLM is stronger than OMEMO), and it only keeps messages on one server for each room, making it not really decentralized and easy to censor. I don't say a name
-
Arne
I had many arguements against this. Like the advantages of XML , the security of PGP , the insecurity and resource consumption of Matrix brigdes rooms and server✎ -
Arne
I had many arguements against this. Like the advantages of XML , the security of PGP , the (insecurity and) resource consumption of Matrix brigdes rooms and server ✏
-
Licaon_Kter
Arne: there was no argument, just that they know wrong? Mmmkay Based on XML should mean something? :)) Keeping on one server, yes...that's true. Standard what? XMPP is an actual IETF standard, right? Matrix too? No? Architectural? Which part? Yes, throw several sentences....you're done...the age of discourse
-
Licaon_Kter
They both have good and bad parts, but matrix fanbois just regurgitate whatever FUD Matthew said once on HN.
-
404.city
Oh yes, obscurantism from the matrix came to the chat of XMPP operators.
-
404.city
Arne, There is currently no way for the Matrix Protocol to support federated networking
-
404.city
Arne, encryption in the matrix (OLM) is weaker than in XMPP (PGP,OTR, OMEMO)
-
404.city
OLM encryption vulnerabilities in group chats raises many questions
-
404.city
Also, a significant part of the Matrix network is located in the web client, which allows you to make global attacks on the entire network by replacing js code. e2e encryption to the server sounds like a bad joke, but this is the practical essence of securing most of the entire matrix network
-
404.city
Mozila is on the verge of bankruptcy. This is not surprising after they chose the Matrix. This speaks of the extreme wastefulness of the Mozilla's management, since now the costs of XMPP are a hundred times cheaper.
-
Licaon_Kter
404.city: > Mozila is on the verge of bankruptcy. This is not surprising after they chose the Matrix. This speaks of the extreme wastefulness of the Mozilla's management, since now the costs of XMPP are a hundred times cheaper. The oddest argument, against Mozilla, or Matrix :))
-
Arne
Thanks for this informations!
-
404.city
Licaon_Kter, Matrix hosting doesn't pay off with donations. For public servers and or for any non-profit organization is not profitable. Big servers important to have a balance between hosting costs and donations. Let's be honest, the enthusiasm ends sooner or later, and not everyone will be ready to pay hundreds of dollars matrix fee out of their own pockets. The main server has a lot of controversy, including governments. Others are born to freeze or die.✎ -
404.city
Licaon_Kter, Matrix hosting doesn't pay off with donations. For public servers and or for any non-profit organization is not profitable. Big servers important to have a balance between hosting costs and donations. Let's be honest, the enthusiasm ends sooner or later, and not everyone will be ready to pay hundreds of dollars matrix fee out of their own pockets. The main server has a lot of sponsors, including governments. Others are born to freeze or die. ✏
-
Licaon_Kter
404.city: that's the plan, they sell the Slack killer, just hot with modular.im or element.im or whatever is the name du jour✎ -
Licaon_Kter
404.city: that's the plan, they sell the Slack killer, just host with modular.im or element.im or whatever is the name du jour ✏
-
404.city
I have a suspicion that the developers of the matrix don't understand what federation is at all. They represent a federation, as a federation of a couple of hundred servers connected to each other, without spam, without flooding, without ddos attacks, without Indian bots with blockchain, without various incompatible clients and private protocol forks. The Matrix is like a utopia with pink unicorns in a golden garden. They imagine federation as one matrix.org server with small satilets servers for 10 people.
-
404.city
Real federation means millions of servers and very different network loads.
-
pintosesk
So, a communication network without a healthy degree of mutation, which results in a lack of flexibility characteristic of proprietary networks.
-
Licaon_Kter
pintosesk: it's pretty flexible, they are at roomversion what? 6? So monolithic in specs that no client besides the VC funded one in ever on...spec.
-
Licaon_Kter
E2E? In some clients? Maybe...flexible af
-
pintosesk
Okay, so it's a controlled mutation.
-
pintosesk
Is it backwards-compatible with previous room versions?
-
pintosesk
I like the fact that XMPP is described through XEPs. Does Matrix do something similar to this?
-
404.city
In my opinion, the matrix uses the federated part as an advertising feature, but in reality it provides extremely stripped down federation features.
-
404.city
Mutation control will only work as long as the network is small and everything is in one center. XMPP extensions appeared as a necessity, not as a feature. Google, Facebook and other big companies wanted to add their own features, and so extensions appeared. It makes more sense to do protocol extensions than to do dozens of forks.
-
404.city
It's a pity that they block me in the Matrix, I would have arranged for them there to analyze the misconceptions about xmpp. They seriously believe that xmpp still lacks encryption, file transfers, and video calls.
-
404.city
JSON chauvinism
-
Licaon_Kter
pintosesk: > I like the fact that XMPP is described through XEPs. Does Matrix do something similar to this? Does it matter if they call them "protocol updates" or XEPs? If it fits the purpose...
-
Licaon_Kter
> Is it backwards-compatible with previous room versions? Yes, until you can't join if your client doesn't support the new version
-
Licaon_Kter
Monolithic means,...it is already done. Matrix does MSCs to modify it.
-
pintosesk
Hm.
-
tom
» <404.city> Mutation control will only work as long as the network is small and everything is in one center. Which is funny now that you mention it. All the matrix users seemed centralized on one big server, matrix.org. And the tiny instances that DO exist, there's no variety in implementation at all. It's all just Synapse
-
tom
I'm a little bit skeptical of their federation claims too, since doing service discovery on the matrix domain results in my client giving me WARNING XML NOT WELL-FORMED errors and sometimes seizing up
-
tom
No other compliant xmpp server has done this
-
pintosesk
So, Licaon_Kter, what you're saying is that old rooms are 'supported' by new rooms, in the form of, 'you're too old, come back updated' support.
-
pintosesk
Which is to say, the two can't express common features or reconciliate.
-
tom
» <404.city> » It's a pity that they block me in the Matrix, I would have arranged for them there to analyze the misconceptions about xmpp. They seriously believe that xmpp still lacks encryption, file transfers, and video calls. Where can I read more about this?
-
tom
» <Licaon_Kter> pintosesk: it's pretty flexible, they are at roomversion what? 6? So monolithic in specs that no client besides the VC funded one in ever on...spec. Wow, 6 versions already? Reminds me of post-whatwg web browsers
-
pintosesk
The difference between a "protocol update" and an XEP is that one's an optional extension, and the other is a mandatory, potentially breaking change.
-
pintosesk
If I understand correctly, that is.
-
pintosesk
I'm now under the impression that matrix is a 'vanilla' protocol with no optional modules, where all the new features become part of the main protocol as it updates.
-
Arne
for me Matrix is just a marketing trend thing with no advantages.
-
tom
» <Arne> I had many arguements against this. Like the advantages of XML , the security of PGP , the (insecurity and) resource consumption of Matrix brigdes rooms and server The XML vs JSON vs serialization method of the day has been done to death and at best it's bikeshedding, but there is this linked on the XSF's website if you really care about XML vs JSON https://www.balisage.net/Proceedings/vol10/html/Lee01/BalisageVol10-Lee01.html from https://xmpp.org/about/myths.html. Regarding PGP yes PGP isn't the end all be all of encryption, and it has it's strongsuites and cons in each use case, but usually I've found when someone is knocking PGP (or GnuPG specifically) they either are ignorant about it's uses and subkeys or are trying to sell you something
-
Arne
But we'll see how it developes. I heard behind Matrix is a company and it is also working together with UK and France Gouvernements. This were enough arguments for me not to use it. But I want to end this discussion now. Yes PGP especially with twofish algorithm is really and actually unbeatable✎ -
Arne
But we'll see how it developes. I heard behind Matrix is a company and it is also working together with UK and France Gouvernements. This were enough arguments for me not to use it. But I want to end this discussion now. Yes PGP especially with twofish algorithm is really good and actually unbeatable ✏
-
404.city
https://xmpp.404.city:5280/usershare/6d33720a4a94189f7b96d206ee5f6128196decf2/46jl131DniMgtMdf2OM50355cDD02HpJyMuMB4oD/123_Ew8sO9Oo__1_.jpg
-
mjk
404.city: maybe they want it for themselves, but without the backdoors :)
-
Licaon_Kter
mjk: but but they said to backdoor everything, right? Or only the peons?
-
mjk
Well clearly there could be no terrorists and child molesters among the government
-
mjk
So no-one need to watch the watchers :)✎ -
mjk
So no-one needs to watch the watchers :) ✏
-
argon3771
Not to jump into the conversation but, the one thing I've found with matrix vs xmpp (and this is more of an iOS issue I believe), on matrix I can place a call to someone with their app in background and it goes through. On xmpp their app needs to be in the foreground. Other than that, I prefer xmpp.
-
MattJ
argon3771, well that's a fairly trivial bug (in terms of implementing a fix, not in terms of user experience)
-
MattJ
So if that's all that lies between XMPP and success... :)
-
Licaon_Kter
argon3771: there's same Tigase XEPs to be put forward and that will be fixed
-
argon3771
Licaon_Kter: thanks. Didn't know that. That would be great. Most of the people I talk with have ios devices. That was always one of the biggest complaints I've heard from them (casual users, your every day non-techie).
-
404.city
argon3771, XMPP has poor client financing, IOS support is expected in a few years. Conversations and Xabber clients want to port to IOS
-
Arne
How much money is needed for a working IOS and mac client??✎ -
Arne
How much money is needed for a working IOS and mac client? ✏
-
Link Mauve
Arne, ask the SiskinIM people I guess?
-
jonas’
probably a month or two of developer time
-
jonas’
and I’m afraid the requirements stretch beyond purely the client side
-
Arne
From the state the clients actually are. But it would be great using something like flutter. I just know Android so far✎ -
Arne
From the state the clients actually are. But it would be great using something like flutter. I just know a bit android programming so far ✏
-
Arne
and I tried flutter but I hate using Google stuff xD
-
MattJ
Arne, I'm currently tracking ~€7k of important Siskin issues
-
Arne
I think I would try to collect some money for it
-
MattJ
Everything helps :)
-
Arne
but siskin im is opensource right
-
Licaon_Kter
Arne: developers need to eat, what's your point with the "but"?
-
MattJ
Yes, it's open-source
-
Arne
Licaon_Kter the but means I prefer to support developers who are making opensource software. If it is selled in IOS store it's totally ok. But I would like to take a look in the code too.
-
Arne
I have a friend programming for IOS so maybe I can convince him helping
-
MattJ
https://github.com/tigase/siskin-im
-
Licaon_Kter
Arne: it's free there and open-source, yes
-
Arne
thanks MattJ Licaon_Kter
-
christian
Licaon_Kter, then they must ask for food.
-
tom
» <argon3771> Not to jump into the conversation but, the one thing I've found with matrix vs xmpp (and this is more of an iOS issue I believe), on matrix I can place a call to someone with their app in background and it goes through. On xmpp their app needs to be in the foreground. Other than that, I prefer xmpp. That's not XMPP's fault. That's Apple ios's fault. I've heard ios doesn't let you have persistent TCP connections open for background apps, probably because they don't want anything competing with facetime. Being able to handle a long standing TCP connection is a basic feature of any unix like operating system, even darwin since idk, late 70s or 80s?
-
tom
If someone was to build an XMPP client for ios and apple still had these anti-competitive artificial restrictions it would probably only be available to jailbroken users
-
tom
Better to tell users not to put themselves in a jail in the first place than to tell them to jailbreak
-
tom
Also your restricted to only using apple's own special programming languages when programming for apple products. Something I think is just too much of a ask for a community development effort
-
tom
People who are skilled enough to program probably aren't going to be using apple products anyways, let alone waste their time learning a language that is only useful for programming apple products, and after they /allow/ you to host your ""app"" on their ""appstore""
-
tom
Keep in mind some of the requirements of the apple appstore may be in conflict with the GPL license, if which you'd need to get permission from all your devs to dual license
-
argon3771
tom: I know its apples issue, I was just pointing out a complaint I've heard about xmpp vs matrix on iOS, since matrix was a topic earlier.
-
raucao
apple push notifications are actually based on xmpp, making it even more maddening
-
raucao
their official reason for not allowing 3rd party background processes is battery life
-
raucao
but really, they want everyone to go through APN i think
-
raucao
which is also bad for decentralized systems