💾 Archived View for splint.rs › signal_vs_xmpp.gmi captured on 2024-05-10 at 10:46:11. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-12-28)
-=-=-=-=-=-=-
XMPP can be a nightmare to operate, but I still think it provides better long-term benefits than Signal, because XMPP without any encryption gives all the benefits of distribution, which grant better protection than encryption, overall.
My journey with XMPP so far has been:
I keep using encryption, because only techies message me through XMPP. However, the general population wouldn't have any problem using it without the encryption, and I think that's a better idea.
The problem is this: we need an instant messaging platform. All of us humans want a thing which does this:
Our answer to the question of 'how to do this' has to be a protocol. To trust all communication to a single corporation in the USA would be madness.
I realize, of course, most people 'just want to get shit done [and not think about the broader implication]', and that Signal functions well-enough [for now]. However, I have plenty of problems with it.
Even with the best encryption in the world, if something goes wrong, then whoever makes Signal go wrong can track and read messages as they please.
Now, if we examine the same points again, while considering a wide-scale XMPP system with no end-to-end encryption (just regular TLS or some-such):
Of course a given XMPP server might get hacked, or pried open with laws, and a few people get tracked. But never everyone. The system itself can never fail.