529
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 27 Mar 2025
529 points (96.8% liked)
Privacy
37209 readers
294 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
EVERYONE SHOULD DOWNLOAD SIGNAL for PHONE-NUMBER-based communication, tho. Proper RCS is not here yet (and won't be in a long while), so let's try to mobilize people to Signal.
DeltaChat is cooler for non-phone based communications, IMO, and decentralization makes it way sexier and worth this tradeoff.
Actually RCS has encryption in the new spec now, and we could see encrypted RCS messages implemented on iOS and Android within a year.
But even so, use Signal.
RCS still leaks metadata like a sieve. Encryption, considering the platforms that exist today (Signal and SimpleX), should not be the minimum requirement. Plain-text messaging should not even be possible in modern secure messaging platforms. The platform should be open source and be engineered to mitigate the collection of metadata - like Signal and SimpleX.
Seeing as RCS with encryption based on the MLS standard hasnt been deployed yet, can you show exactly what metadata is leaking?
Well, instead of leaking metadata to Signal, AWS, Cloudflare, Google/Apple and your ISP, like Signal does, RCS only leaks it to your ISP /s
MLS only deals with encryption and key management, which is great but that's been a "solved" problem since TextSecure (now Signal) introduced the TextSecure Protocol (now the Signal Protocol) in 2013.
What I'm aware is missing with RCS / MLS compared to Signal (someone with more recent knowledge please correct me):
I think they mean that it'll take time for everyone to get it. My carrier still doesn't even have RCS at all.
xmpp is like if deltachat was good
What I dislike about XMPP is that the client ecosystem is definitely weaker than DeltaChat. DeltaChat "just works", and it works incredibly similar and efficient across devices.
But yes, I wouldn't mind if the world used XMPP instead, honestly.
It also just gets blocked by autocratic firewalls. Deltachat is clutch because it can theoretically run on top of any email host so it's way more difficult to block.
You can easily redirect xmpp to port 443 which is not blocked by most firewalls. If you have problems with firewalls or public wifis your xmpp server is misconfigured.
China will definitely block xmpp on any port. I know this because I have tested this very specifically from my own server. It lasted about a day and a dozen messages before it was blocked, and the box got absolutely slammed with vulnerability scans.
This is odd because I know a few mainland Chinese people that use XMPP without problems (and afaik without a VPN).
Sounds like your server got blocked for another reason?
I can almost guarantee you they are using it through a VPN or they have a western SIM card. If not I'd love to know what server they use, as I've tested this a bunch of times on several public and private servers and it's always the same result. If it isn't blocked on day 1 it will be blocked quickly.
how is that different from how xmpp (or matrix) is distributed
Isn't DeltaChat just PGP encrypted email? Could be wrong
Kinda, but that's the gist of it.
yeah basically, and gcs work like text message or email chains, theres no way to moderate that
I use signal myself but I also use simple X. I can't use delta chat because I use proton for my email and therefore can't use delta.
Delta Chat is not associated with your email account, as far as I can tell. Am I wrong?
https://delta.chat/en/
You don't have to use a "classic email server", or even link your account to your current email address at all. The default onboarding procedure actually creates a new anonymous account for you on the default chatmail server. Reading through the site, I can't actually even tell why someone would want to use their preexisting email address.
Ah, okay. I think I heard about it at an earlier point where it was only using your current email.
Yeah, that's when I first used it too, it had to go through your email. Now it just uses the email backbone to send messages back and forth. Also, self-contained webxdc apps you can use with people in your chat, which is kinda cool.
The self-contained webxdc apps are a pretty cool bonus to what already feels like a normal chat app. I primarily use Signal, but given the current climate of governments trying to force backdoors in to encrypted apps, and the fact it's a US server, I wanted a decentralized backup. And email isn't going anywhere, so it seems like a good option.
monocles chat and cheogram have webxdc as well