Skip to content
/ secure-messaging Public

xmpp or matrix? not really. but signal maybe, but how to do tg topics & groups?

bowtiedanon.com/setup/

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

securitybrahh/secure-messaging

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
images
images
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

dumb servers, Wise clients.

https://github.com/simplex-chat/simplex-chat/blob/stable/docs/rfcs/2024-04-26-commercial-model.md

https://github.com/simplex-chat/simplex-chat/blob/stable/blog/20240814-simplex-chat-vision-funding-v6-private-routing-new-user-experience.md

Secure Messaging

software is free speech, lobbying for privacy is what it takes it seems.

so it was nostr after all?

https://signal.org/docs/specifications/doubleratchet/#recovery-from-compromise

xmpp or matrix? not really. but signal maybe, but how to do tg topics & groups?

HOW does even signal EARNS?? How will SimplexChat earn??? <I don't endorse or like simplexChat rn but may change in the future>

signal was given a 50$ mil loan by Brian Acton for some reason.

donations from ppl because "its bankrupting", recent desktop bug fiasco shown that its not!

Simplex plan to make a "stamp" (not a coin), users will be able to donate to 3rd party hosters wirh legally binding / build verifiable directly.

XMPP?

https://web.archive.org/web/20211215132539/https://infosec-handbook.eu/articles/xmpp-aitm/

TL;DR

  • Server-side parties (e.g., administrators, attackers, law enforcement) can transparently modify, log, and monitor nearly everything when communicating via XMPP---independent of end-to-end encryption. "Transparently" means your XMPP client doesn't learn about these server-side actions; showing no warnings in most cases.
  • Contrary to claims, law enforcement can easily detect and block XMPP traffic. Furthermore, many XMPP servers are physically centralized, hosted by a small number of hosting companies.
  • Federation, decentralization, encryption, and "use Tor" don't solve these issues as XMPP processes data in cleartext and produces tons of metadata.

Matrix?

https://telegra.ph/why-not-matrix-08-07

Matrix linked Amdocs found tapping South African cell phones - https://archive.ph/iFJ0n

Matrix Metadata Leaks? - https://web.archive.org/web/20210202175947/https://serpentsec.1337.cx/matrix

XMPP?

I feel pgp >> s/meme or omemo

pgp relies on curcle of trust, And I think that's what we should rely on.

https://notes.valdikss.org.ru/jabber.ru-mitm/

session??

Wahahah

adding a coin to a messaging protocol is a joke + lokinet is a joke.

TG groups but e2ee?

matrix spaces come close, there is a discord open source alternative but feels dubious.

A security analysis comparison between Signal, WhatsApp and Telegram - https://eprint.iacr.org/2023/071.pdf

Tor Lvl Shit?

Also good for LAN messaging.

https://code.briarproject.org/briar/briar/-/wikis/Mailbox-Architecture

Others

https://divestos.org/pages/messengers

https://eylenburg.github.io/im_comparison.htm

Appendix A

whatsapp/tg people use to serve clients (frontend), slack for backend team

About

xmpp or matrix? not really. but signal maybe, but how to do tg topics & groups?

bowtiedanon.com/setup/

Topics

metadata telegram matrix xmpp sysadmin e2ee server-admin

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository