mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.

Administered by:

Server stats:

18K
active users

Michał "rysiek" Woźniak · 🇺🇦

@m you might want to double check on Matrix though:
soatok.blog/2024/08/14/securit

Matrix is a decent IRC replacement, but a secure messenger it is not. I've always felt that encryption was bolted-on as an afterthought in it and that that will lead to tears, and as time goes by I get more and more proof of this.

Dhole Moments · Security Issues in Matrix’s Olm Library - Dhole MomentsI don’t consider myself exceptional in any regard, but I stumbled upon a few cryptography vulnerabilities in Matrix’s Olm library with so little effort that it was nearly accidental. It…

@rysiek @m

What do you think about XMPP with OMEMO?

Would be nice to have a decentralised alternative to Signal.

@FediThing @m I don't have strong opinions on it other than when I tried XMPP the usability was always an issue.

I know there are projects like Snikket that made great strides on this front though.

@FediThing @rysiek @m @xarvos

Besides Matrix, another decentralized alternative to Signal with no phone number required is Delta Chat (as mentioned by others here like @kkarhan and @andrewg). It won't support all of the same features (but it does support some features which Matrix doesn't provide, like disappearing messages) and it should be easy to sync messages between devices. Downstream Delta Lab supports Telegram stickers.

@rysiek @m imho matrix is still better than telegram in this respect, and if not using a phone number or not having (latest) android/ios phone is important then i don’t know if there’s better choice.

(i know about jami and briar, but they fill a different niche and syncing messages between devices seem a hassle, if possible at all)

@rysiek @m I've yet to see #Matrix be better than #IRC.

If you need "closed" group chats, consider @zulip as an alternative. OFC it doesn't do encryption, but that's not the focus of #Zulip.

Not shure if @delta does "#E2EE group chats" but I'm certain that if one needs security, E2EE and Group Chats are somewhat exclusionary as part of #OpSec, #InfoSec & #ComSec best-practises go.

  • Tho OFC one can use #PGP/MIME and thus E2EE all messages to all recipients i.e. using #Thunderbird.

As for a "secure yet convenient solution" I can recommend #XMPP+#OMEMO with @monocles / #monoclesChat and @gajim / #Gajim...

@andrewg @rysiek @m @zulip @delta @monocles @gajim

That's good to hear...

And since #deltaChat uses regular #IMAP + #SMTP it doesn't require "yet another #server" but merely a new inbox / address to be setup...

@kkarhan @andrewg

While there are reasons why you might want to create a new inbox / address just to use for Delta Chat, this is not a requirement! You can use an existing inbox / address as a dual use traditional email / delta chat address. And if you want to keep your inbox free of clutter, you can tell Delta Chat to automatically delete messages from the server after downloading them, or use a filter to automatically move emails sent by Delta Chat to a separate folder on the server.

You can use an existing inbox / address as a dual use traditional email / delta chat address.

Well, this is definitely possible but having tried using my own e-mail I quickly reached sending quota limits and I’m not a particularly chatty person. Using Delta-provided chat servers makes the experience smooth but if I have to create an account on the provider’s servers then this defeats the goal of reusing protocols and accounts.

FWIW the app is very smooth and polished. The only two things I’m missing is message editing and multiple reactions (by the same sender on the same message, just like in other platforms).

@wiktor @kkarhan @andrewg

Indeed email quota limits are problematic, but this is a problem imposed by the email provider, not by Delta Chat. A better email provider will be less restrictive and self-hosting won't have any quota limits (but comes with it's own well known challenges).

The chat servers are open source so not all are necessarily "Delta-provided" and you can even host your own.

@wiktor @kkarhan @andrewg

The chat servers still re-use email protocols but add some extensions like Apple/Google push notification compatibility (which you can disable if you want to stick only with IMAP push). You can even send traditional unencrypted emails from a chat server account but you can't initiate unencrypted contact as an anti-abuse / anti-spam measure.

But yes there are valid reasons why creating a seperate account for Delta Chat can be better and give a smoother experience.

@jenkinse @wiktor @andrewg even if it's just to have a cleaner setup...

Also it's very easy to make @delta / #DeptaChat comply with mandatory #recordkeeping & indexing requirements in businesses in #Germany by merely exporting the Private Keys and importing them into benno MailArchiv, but that's only relevant to like Businesses and not the average individual or group.

@jenkinse @wiktor @andrewg nodds in agreement For example @monocles and cock.li AFAIK don't have a very strict limit (and won't announce the number piblicly to prevent spammers from even considering them!) tho I'd recommend monocles due to their generous storage and generally not caring unless one violates their ToS (and OFC applicable laws)...

@kkarhan @wiktor @andrewg @monocles

cock.li is flagged by a couple of security vendors on VT and has a negative community score there, but these could be false positives since most security vendors say its clean