Jami (ring) os thé perfect alternative. works like a charm

@felafail@framasphere.org I never heard of #jami before. And since it looks like it is a distributed platform, just like #diaspora* I have to look further into this. Project page: https://jami.net/
Wonder if I can install it on my VPS alongside my diaspora* pod.
I also wonder what advantage or difference it has compared to other communication tools like #Mattermost. (what I currently have running on my VPS)

While I've never used WhatsApp and won't encourage anyone to use it, Schneier has pretty much retracted his story

I use Signal, only messaging app on my phone (apart from the preinstalled Google ones, which I don't use)

@felafail@framasphere.org I just installed jami (formerly GNU Ring) on my LineageOS phone. Still don't see how I can contact others. However, the interface looks nice and clean....

Telegram doet al vele jaren parallel zaken naast Whatsapp zonder enig probleem. Het staat bovenaan op de lijsten van gehate apps bij regeringen (naast Signal). Blijkbaar werkt de P2P encryptie daar dus wel. Het kan ook maar van 1 device naar 1 ander device, zoals je zou verwachten. Bovendien draait het op alle platformen die je maar invallen.

About privacy. Ik ga nog wat verder: Ik heb geen Android meer sinds een paar maanden. Bedrijven bewijzen keer op keer wat ze voor bedoelingen hebben en ik ben daar helemaal klaar mee. Vanaf het membraan van je microfoon is alles encrypted dus je hebt gewoon geen idee wat er allemaal gaande is.

Whatsapp heb ik gedumpt op het moment dat het van FB werd. Dus ik doe ook niet mee met buurtpreventie enzo. Wat een gedrocht van een woord trouwens maar dat terzijde...

That is a very good addition @Armin Grewe. Thank you.
Who would have thought even Bruce Schneier can be caught to be inaccurate...
This is a clear demonstration of how, from time to time, it happens to the best of us ;-)
I recommend all to follow the link Armin supplied in his response.

I am on Telegram now, tried signal for a while but it sucks. Telegram is only used on my desktop since the app drowns my battery

s/drowns/drains/

Critical thinking is even harder if we try to keep up with the flow of information.
this is why social network are double edged and knowing less but better is always more interesting. Humility must be considered.

Our prior probability with Facebook is that they are able to deploy invasive privacy harm technologies, because they did and they do.
This Forbes article only supports this but it is very important to recognize this is wrong information and it does not rely on solid sources.
Forbes article is a good example of persuasion by association because it mixes real source from Facebook, but false conclusion.

Now on the instant-messaging side, I would say that the crucial key issue is that all these systems cited (whatsapp, telegram, signal) build isolated gated communities, missing voluntary or not the real value of the Internet..

Interesting thought. Do you think they would all protect our privacy more if the community would be involved? Telegram did and I suppose Signal did too.

Do you think they would all protect our privacy more if the community would be involved? Telegram did and I suppose Signal did too.

Telegram is an interesting project, while I still don't agree with their not-e2ee-by-default, they built some interesting security scheme.

Signal built highly secure double ratchet cryptosystem and their opensource library helped several projects to add a solid layer of security.

However, both these projects continue to use proprietary software and follow gated community concept.

Security and privacy require decentralized models.

Security:
One storage for all will fail soon and data are stolen. If entities are scattered among different orgs/companies/indivduals/associations using different security policies/habits/layers then attack model is different, data breach will happen but at a much less interest as much less data per breach.
Also, different way sof managing the security will not be vulnerable to the same 0-day or same mistakes.

On the privacy level:
Federated or distributed models reduce the interest of control because you only have control over your instance, and you are free to interconnect or not, but you do have the choice.
Economic model of data collecting encourages to collect as much as possible, so the biggest users list you own, the better.
This makes companies to focus on control by isolating users and forcing them to remain locked-in.
On a decentralized model (such as email), anyone can chose to use a different provider or run her/his own. Privacy can be preserved much more because you decide what to expose to whom. And the funny part : liberalism encourages competition, but you can only compete with actors in the same category with common set of rules. However, building isolated gated communites is against competition because comparing WhatsApp to Telegram is like comparing 100m race with 150m hurdle race, they are just not compatible. It is much different that 2 athletes competing in the same race.
Email model is really competition, whatever the provider you use, it remains email and same SMTP protocol.
So this is kind of cynical to live in a liberalism model and cheating about competition because gated communities win for some actor, not because of competition, but because their users don't want to move because they don't want to lose communications with their contacts.

@sigsleep for what I understood, telegram encryption is atradeoff between security and useability. To be able yo see all discussions on all devices you have telegram on, those discussions must be hosted server side. That is a security risk, but for most users quite convenient.

@robb, I agree multidevices sync require server store-sync. If data are end-to-end encrypted (they should all be like https for http today), then even stored on the server, eavesdropping is moderated (assuming correct PFS scheme etc..).
Of course metadata are naked.

With a federated protocol such as SMTP, you could host your accounts and your contacts on your own servers or your org servers, while still communicating with others.
Then you could self-host your group if interest, and store your shared conversation only on servers your accept for.

This is exactly what legacy XMPP does and what matrix are based on.

In that case isn't Signal more or less the same?

@Hans W, they both use a central client-server model. However a couple of detail do make them different:
- Signal provides encryption by default, no way to mess and transmit text in clear. Some argument in favor of Telegram can be found here : https://telegra.ph/Why-Isnt-Telegram-End-to-End-Encrypted-by-Default-08-14, but I don't agree with several of them.
- Signal cryptosystem relies on more mature and audited schemes. There is no proof of deficiencies from the protocol of Telegram, but mature/more exposed to public protocols I prefer them.

Aside from that, they both rely on a phone number, I dislike that.
Even though you can get a prepaid sim for installation, this is odd to still require phone number of Internet apps.
And yes they both use centralized and gated community model.
(Signal seems to provide source code for both client and server https://github.com/signalapp, but would not interconnect with their servers)