Add a warning that Jami is partially centralized #1727

New Issue

2020-02-20T16:07:15Z

lrq3000 commented

2020-02-20 16:07:15 +00:00

(Migrated from github.com)

Description

Although it is described as a P2P client, Jami uses 5 different central servers to provide some functionalities, as described here and here. Hence, without self-hosting, these servers are points of failure where meta-data can leak (see also #1357).

This by the way goes counter to the cited advantage of P2P clients: "There are no servers that could potentially intercept and decrypt your transmissions, unlike centralized and federated models."

I suggest a warning is added about the possibility to disable/self-host these servers.

## Description Although it is described as a P2P client, Jami uses 5 different central servers to provide some functionalities, as described [here](https://git.jami.net/savoirfairelinux/ring-project/issues/765) and [here](https://jami.net/why-is-jami-truly-distributed/). Hence, without self-hosting, these servers are points of failure where meta-data can leak (see also #1357). This by the way goes counter to the [cited advantage of P2P clients](https://www.privacytools.io/software/real-time-communication/#peer-to-peer): "There are no servers that could potentially intercept and decrypt your transmissions, unlike centralized and federated models." I suggest a warning is added about the possibility to disable/self-host these servers.

blacklight447 commented

2020-03-02 12:32:57 +00:00

(Migrated from github.com)

I think small note is would be a proper solution to this. this issue is one of the grey areas which are always difficult to define. Do you wnna make a quick PR for this @lrq3000 ?

👍 1

lrq3000 commented

2020-03-02 18:56:38 +00:00

(Migrated from github.com)

@blacklight447-ptio yes I'll do it :-)

👍 1 😆 1

This repo is archived. You cannot comment on issues.

1 Participants

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: privacyguides/privacytools.io#1727