fsebugoutzone.org:9999

       Post AIHDIl5tZ1zRc8oMPg by Ged@fosstodon.org
 (DIR) More posts by Ged@fosstodon.org
 (DIR) Post #AIH95UdT2sgMzIvwG0 by kzimmermann@fosstodon.org
       2022-04-09T14:32:21Z
       
       1 likes, 0 repeats
       
       With #XMPP (Conversations, Dino, etc) today, you can: - text cross-platform with encryption - ditto, but with groups - make encrypted voice calls - make encrypted *video* callswhy would you use something like #Signal instead...?#FreeSoftware #Privacy
       
 (DIR) Post #AIHC8q3a9rgE9iR3FA by Mehrad@fosstodon.org
       2022-04-09T15:06:40Z
       
       0 likes, 0 repeats
       
       @kzimmermann About why using Signal:- because people for some reason don&#39;t like to create new accounts (I literally had this discussion 3 days ago with someone) although installing new app is the same- because finding good stable server needs some extra effort compare to Signal- because encryption is off by default in 99% of xmpp clients and people are ignorant about turning it on- because there is no good client for iOS and lots of people use iOS (even Siskin is not feature rich enough)
       
 (DIR) Post #AIHDIl5tZ1zRc8oMPg by Ged@fosstodon.org
       2022-04-09T15:19:40Z
       
       0 likes, 0 repeats
       
       @kzimmermann we just need a good ios client... one that combines monals notification powers with siskins functions...
       
 (DIR) Post #AIHEye0GPxcBjsiJN2 by fedops@fosstodon.org
       2022-04-09T15:38:25Z
       
       0 likes, 0 repeats
       
       @kzimmermann because Signal:- does encrypt all metadata- doesn&#39;t leak metadata across federated servers, e.g. in log files- doesn&#39;t keep profile information and group memberships unencrypted on servers- isn&#39;t susceptible to server operators stealing or disclosing said information- does support certificate pinning preventing mitm attacksXMPP is a (collection of) chat protocol(s), not a secure messenging solution.
       
 (DIR) Post #AIHG7nM57J0RItqWHI by proactiveservices@fosstodon.org
       2022-04-09T15:51:14Z
       
       0 likes, 0 repeats
       
       @kzimmermann With Signal I install the software (a single turnkey), put in my phone number and that&#39;s...basically it. Done. No other config or maintenance needed. No expertise, little know-how.
       
 (DIR) Post #AIHVLppaCu6eLhnXGK by debacle@framapiaf.org
       2022-04-09T18:41:38Z
       
       0 likes, 0 repeats
       
       @kzimmermann In terms of encryption and avoidance of meta data, #Signal is probably far ahead of #Jabber / #XMPP.However, Jabber/XMPP is much better than Signal when it comes to ones &quot;digital sovereignty&quot; and software freedom.I don&#39;t use Signal, because:1. I want to select my server, and my selection is not AWS.2. I will not use my phone number as chat id.3. Signal does not run my OS of choice (#Debian).Jabber is &quot;secure enough&quot; for me, but YMMV.
       
 (DIR) Post #AIHVdrsPLAf5uDiZsm by debacle@framapiaf.org
       2022-04-09T18:45:11Z
       
       0 likes, 1 repeats
       
       @kzimmermann In terms of encryption and avoidance of meta data, #Signal is probably far ahead of #Jabber / #XMPP.However, Jabber/XMPP is much better than Signal when it comes to ones &quot;digital sovereignty&quot; and software freedom.I don&#39;t use Signal, because:1. I want to select my server, and my selection is not AWS.2. I will not use my phone number as chat id.3. Signal does not run on my OS of choice (#Debian).Jabber is &quot;secure enough&quot; for me, but YMMV.
       
 (DIR) Post #AIHjtei3Sfbv3pIWhM by kzimmermann@fosstodon.org
       2022-04-09T21:24:53Z
       
       0 likes, 0 repeats
       
       @debacle the last line in your toot is exactly what I feel. March on, whatever your choice!
       
 (DIR) Post #AIHk6TWsLC2k9NBK9A by kzimmermann@fosstodon.org
       2022-04-09T21:27:11Z
       
       0 likes, 0 repeats
       
       @Ged I thought #Conversations had an iOS version? But yeah, heard that XMPP support there is pretty lacking overall.
       
 (DIR) Post #AIHkNEA6jGBdPdWJPM by kzimmermann@fosstodon.org
       2022-04-09T21:30:11Z
       
       0 likes, 0 repeats
       
       @proactiveservices that&#39;s like... the same thing with the Conversations app? One app with everything preconfigured.Desktop is another ball game, though I find Gajim and Dino BS-free enough.
       
 (DIR) Post #AIHm7UXaGX7PU87prM by ArneBab@rollenspiel.social
       2022-04-09T21:38:29Z
       
       0 likes, 0 repeats
       
       @debacle @kzimmermann I have signal-cli working now. To reach family and friends.
       
 (DIR) Post #AIHm7V7k662fIH2iDg by kzimmermann@fosstodon.org
       2022-04-09T21:49:46Z
       
       0 likes, 0 repeats
       
       @ArneBabInteresting to see there&#39;s a CLI application for it. How well does it work?@debacle
       
 (DIR) Post #AIHoCnre33j6lwAYfQ by werwolf@fosstodon.org
       2022-04-09T22:13:12Z
       
       0 likes, 1 repeats
       
       @debacle @kzimmermann is Signal far ahead of XMPP in terms of encryption? I don&#39;t think so. OMEMO is fairly powerful and you may also use GPG or OTR.
       
 (DIR) Post #AIHouHrAPhGCFAgFDk by kzimmermann@fosstodon.org
       2022-04-09T22:21:00Z
       
       0 likes, 0 repeats
       
       @werwolf that is what I thought too. Also OMEMO was the original Signal E2EE if I remember correctly. I guess Signal&#39;s integration of it in the whole UX is better (no passwords, fingerprints trusted blindly, etc). Makes newbies not need to &quot;think&quot; of it much.@debacle
       
 (DIR) Post #AIHrBzUbd1hWPThHrE by ArneBab@rollenspiel.social
       2022-04-09T22:46:38Z
       
       0 likes, 0 repeats
       
       @kzimmermann @debacle It’s a bit slow and provides the raw message output, but it works — also if you use the mobile phone number of a dumb-phone.There’s a server-mode for signal-desktop, but that does not work for me (fails to connect to dbus).Call `signal-cli … receive` and you get something like:Envelope from: …Timestamp: …Server timestamps: …Sent by …Message timestamp: …Body: THE_MESSAGE… Profile key update
       
 (DIR) Post #AII0wCCnat7ykKTWUa by 101101000@qoto.org
       2022-04-10T00:35:51Z
       
       0 likes, 0 repeats
       
       @werwolfNo it is not and even their owners do not make that claim, though they&#39;re happy to let journalists and others strongly suggest it.It&#39;s the same as #Whatsapp, which holds no secrets.#XMPP&#39;s only significant advantage is through obscurity, as it may (or may not) fly under the radar if the opponent hasn&#39;t done his homework properly (also an advantage of today&#39;s commoditisation of the interception industry is that operators are, I understand, less experienced and poorly trained).Still, if it&#39;s going to land you in jail or get you a blind(folded) date with Ms Rubberhose, an electronic device is no place for it.@debacle @kzimmermann
       
 (DIR) Post #AIJmXBvKUiIdagPGyW by debacle@framapiaf.org
       2022-04-10T21:03:51Z
       
       0 likes, 0 repeats
       
       @kzimmermann @werwolf OMEMOs encryption seems to be good (IANACA - I am not a crypto analyst), but not everything is encrypted. I.e. a lot of data can be leaked.IIRC, the people behind OMEMO are working on a new version, which does &quot;stanza encryption&quot;, so that much less data can be leaked.(Note: I&#39;m no expert on these matters, so take as many grains of salt you feel appropriate.)
       
 (DIR) Post #AIOhuUJQlP1dInliiG by mrsdarling@noagendasocial.com
       2022-04-13T06:05:41Z
       
       0 likes, 0 repeats
       
       @debacle @kzimmermann @Eglo