this post was submitted on 19 Aug 2023
150 points (81.5% liked)
Asklemmy
43893 readers
953 users here now
A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Matrix was found leaking metadata, it's not like Matrix is bad or anything. But it just doesn't get the attention it needs. For WhatsApp users that do want better privacy and security, Signal is a solid choice. XMPP, by default with no configuration doesn't really have encryption and also, it has issues with metadata leakage as well.
For the average joe, Signal is a simple app that has privacy and security out of the box. Sure, it would be awesome if Matrix was widely adopted, but it isn't.
What Matrix metadata leakage are you talking about? Regarding XMPP, I am not aware of anything like it, and I suspect that this leakage you are talking about is just standard client-server signaling, where in federated protocols like Matrix and XMPP you can chose whom to trust (or self-host) whereas in all other cases your metadata isn't just centralized and consolidated, you have no recourse and knowledge about what's being done with it.
On the side of XMPP, OMEMO (which is XMPP's take on double ratchet encryption ร la Signal) is standard across the board of all maintained clients, so you wouldn't be less secure there than on e.g. Signal or Telegram, so your take on XMPP's security isn't factual.
Huh, some things might have changed then. My memory is from around 2021-2022, so things might have changed.