It seems like it could be a really cool alternative to Signal, but wait, there’s more! It has a “Teams” feature that could make it a decent alternative to Discord as well. Only problem is I don’t know anyone else who uses it.
They sold to zoom a few years back and it seems like zoom’s just letting it rot. They had a CA expire at the end of last year and it took like a week for new clients to start reaching package managers
the encrypted chat that i found least difficult to host has been XMPP/Jabber/Jitsi. most modern clients use OMEMO so you get essentially the same encryption features as signal without the centralized hosting. some are even adding support for encrypted video calls which is pretty neat. i’ve since taken my server down, but it was really easy to operate. much less of a pain than matrix for sure.
Just use Matrix or spool up your own instance of something open source like Rocket Chat or Mattermost if you want security. Most of the “security” platforms that exist as a service are lies or trash anyways.
deleted by creator
I think Signal has had some issues with fed related activity. Telegram is fine because it’s based on Matrix, but the most secure will always be using your own instance where you have control of the data. The ones I mentioned aren’t end to end encrypted, but hosting your own instance puts them in your control.
deleted by creator
Matrix is just a backend framework for sending and receiving. I was actually wrong about Telegram being a Matrix client. I usually just don’t use a lot of online messaging stuff though outside work so that’s my bad. Got Telegram and Element confused.
Matrix is just the one I see more trust about in the community and getting an instance up and running is easy to do.
All three are open source (Matrix, Signal, and Telegram) so you can audit their security protocols or follow people on the issues pages that are identifying security vulnerabilities, but in the end using any service that you don’t have control over is gonna make it difficult to remain truly secure.
If at any point an instance owner decides to share server data they can, which in most of these apps won’t necessarily give them access to messages if the server never loads them as plaintext, but will give them access to information about who you’re talking with and such.
If you aren’t like actively organizing or doing anything that would require absolute security in messaging all of them would probably be fine as they’re better than sending MMS or SMS, but at the end of the day you just need to be aware of who is controlling your data and who might want it.
deleted by creator
If you use matrix, don’t federate. It leaks metadata like crazy (hard not to when federating) and was built/incubated at a canadian telco that was a notorious mossad front for harvesting telephony metadata in north america.
Nice, everything’s a honeypot isn’t it. Self hosted IRC it is then
tbh it’s pretty great unfederated/single-user. people can IM you where they want and you get it all in one place
I’m the most secure and use Snapchat. The messages auto-delete! /s
yeah I use it but nobody else uses it so who knows. I guess it’s a decent enough way to publish your personal GPG key linked to your social accounts & website. So basically a linktree for nerds. Also unless you want to trust keybase with your private key you have to manage it yourself which basically puts you in the same usability bind as crypto bros. Buying a trezor or similar purely for GPG/SSH/LUKS/U2F key backup & management is kind of fun though.