instant-messenger: list federated above centralized #1701
|
@ -7,7 +7,65 @@
|
|||
|
||||
<p>All the client programs/apps we chose are <a href="https://en.wikipedia.org/wiki/Free_and_open-source_software">free and open-source software</a> unless otherwise mentioned. This to ensure that the code can be independently verified by experts now and in the future.</p>
|
||||
jonah
commented
Review
```suggestion
<p>We have described the three main types of messaging programs that exist: Federated, Centralized, and Peer-to-Peer (P2P), with the advantages and disadvantages of each.</p>
```
|
||||
|
||||
<p>We have described the three main types of messaging programs that exist: Centralized, Federated and Peer-to-Peer (P2P), with the advantages and disadvantages of each.</p>
|
||||
<p>We have described the three main types of messaging programs that exist: Federated, Centralized, and Peer-to-Peer (P2P), with the advantages and disadvantages of each.</p>
|
||||
|
||||
<div>
|
||||
<h2 id="federated" class="anchor"><a href="#federated"><i class="fas fa-link anchor-icon"></i></a> Federated</h2>
|
||||
|
||||
<p>Federated messengers use multiple, independent servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.</p>
|
||||
|
||||
<h3>Advantages</h3>
|
||||
<ul>
|
||||
<li>Allows for greater control over your own data when running your own server.</li>
|
||||
<li>Allows you to choose who to trust your data with by choosing between multiple "public" servers.</li>
|
||||
<li>Often allows for third party clients which can provide a more native, customized, or accessible experience.</li>
|
||||
<li>Generally a less juicy target for governments wanting <a href="#exploiting-centralized-networks">backdoor access to everything</a> as the trust is decentralized. The server may be hosted independently from the organization developing the software.</li>
|
||||
<li>Server software can be verified that it matches public source code, assuming you have access to the server or you trust the person who does (e.g., a family member)</li>
|
||||
<li>Third-party developers can contribute code and add new features, instead of waiting for a private development team to do so.</li>
|
||||
</ul>
|
||||
|
||||
<h3>Disadvantages</h3>
|
||||
<ul>
|
||||
<li>Adding new features is more complex, because these features need to be standardized and tested to ensure they work with all servers on the network.</li>
|
||||
<li>Some metadata may be available (e.g., information like "who is talking to whom," but not actual message content if E2EE is used).</li>
|
||||
<li>Federated servers generally require trusting your server's administrator. They may be a hobbyist or otherwise not a "security professional," and may not serve standard documents like a privacy policy or terms of service detailing how your data is utilized.</li>
|
||||
<li>Server administrators sometimes choose to block other servers, which are a source of unmoderated abuse or break general rules of accepted behavior. This will hinder your ability to communicate with users on those servers.</li>
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
{%
|
||||
include cardv2.html
|
||||
title="Matrix"
|
||||
image="/assets/img/svg/3rd-party/matrix.svg"
|
||||
image-dark="/assets/img/svg/3rd-party/matrix-dark.svg"
|
||||
description='<a href="https://matrix.org/docs/guides/introduction">Matrix</a> is an open-source project that publishes the <a href="https://matrix.org/docs/spec">Matrix open standard</a> for secure, decentralized, real-time communication.<br />
|
||||
<a href="https://en.wikipedia.org/wiki/Riot.im">Riot.im</a> is the popular reference client produced by the Matrix.org team. It offers optional E2EE for 1:1 and group conversations that <strong>must</strong> be turned on by the user. (This can be done by clicking on the toggle switch which is accessed by clicking the room name or user name of the chat → Security & Privacy → Encrypted). In the future it will be <a href="https://github.com/vector-im/riot-web/issues/6779">on by default.</a>'
|
||||
website="https://about.riot.im/"
|
||||
forum="https://forum.privacytools.io/t/discussion-riot-im/665/"
|
||||
github="https://github.com/vector-im/riot-web/"
|
||||
windows="https://riot.im/download/desktop/"
|
||||
mac="https://riot.im/download/desktop/"
|
||||
linux="https://riot.im/download/desktop/"
|
||||
fdroid="https://f-droid.org/repository/browse/?fdid=im.vector.alpha"
|
||||
googleplay="https://play.google.com/store/apps/details?id=im.vector.app"
|
||||
ios="https://itunes.apple.com/app/vector.im/id1083446067"
|
||||
web="https://riot.im/app/"
|
||||
%}
|
||||
|
||||
<div>
|
||||
<h4>Worth Mentioning</h4>
|
||||
|
||||
<ul>
|
||||
<li>Other <a href="https://matrix.org/clients">Matrix</a> clients, that may however be less feature complete than Riot.im.</li>
|
||||
<li><a href="https://xmpp.org/about">XMPP</a> (Extensible Messaging and Presence Protocol) is an open-source communications protocol that began development in 1999. Since then, XMPP has been extended by the publishing of XEPs (XMPP Extension Protocols). <a href="https://conversations.im/omemo/">OMEMO</a> is the most popular XEP (XMPP extension) for E2EE. Clients are developed by the community and not by the XSF (XMPP Standards Foundation). <span class="badge badge-warning" data-toggle="tooltip" title="VoIP and file transfers/names may not be end-to-end encrypted.">Inconsistent E2EE</span></li>
|
||||
<ul>
|
||||
<li><a href="https://gajim.org/">Gajim</a></li>
|
||||
<li><a href="https://conversations.im">Conversations</a></li>
|
||||
<li><a href="https://siskin.im/">Siskin</a></li>
|
||||
<li>Other <a href="https://omemo.top">OMEMO</a> capable clients for XMPP.</li>
|
||||
</ul>
|
||||
<li><a href="https://www.kontalk.org">Kontalk</a> is a community-driven instant messaging network based on XMPP.</li>
|
||||
</ul>
|
||||
|
||||
<h2 id="centralized" class="anchor"><a href="#centralized"><i class="fas fa-link anchor-icon"></i></a> Centralized</h2>
|
||||
|
||||
|
@ -67,63 +125,6 @@
|
|||
chrome="https://chrome.google.com/webstore/detail/keybase-for-reddit/ognfafcpbkogffpmmdglhbjboeojlefj"
|
||||
%}
|
||||
|
||||
<div>
|
||||
<h2 id="federated" class="anchor"><a href="#federated"><i class="fas fa-link anchor-icon"></i></a> Federated</h2>
|
||||
|
||||
<p>Federated messengers use multiple, independent servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.</p>
|
||||
|
||||
<h3>Advantages</h3>
|
||||
<ul>
|
||||
<li>Allows for greater control over your own data when running your own server.</li>
|
||||
<li>Allows you to choose who to trust your data with by choosing between multiple "public" servers.</li>
|
||||
<li>Often allows for third party clients which can provide a more native, customized, or accessible experience.</li>
|
||||
<li>Generally a less juicy target for governments wanting <a href="#exploiting-centralized-networks">backdoor access to everything</a> as the trust is decentralized. The server may be hosted independently from the organization developing the software.</li>
|
||||
<li>Server software can be verified that it matches public source code, assuming you have access to the server or you trust the person who does (e.g., a family member)</li>
|
||||
<li>Third-party developers can contribute code and add new features, instead of waiting for a private development team to do so.</li>
|
||||
</ul>
|
||||
|
||||
<h3>Disadvantages</h3>
|
||||
<ul>
|
||||
<li>Adding new features is more complex, because these features need to be standardized and tested to ensure they work with all servers on the network.</li>
|
||||
<li>Some metadata may be available (e.g., information like "who is talking to whom," but not actual message content if E2EE is used).</li>
|
||||
<li>Federated servers generally require trusting your server's administrator. They may be a hobbyist or otherwise not a "security professional," and may not serve standard documents like a privacy policy or terms of service detailing how your data is utilized.</li>
|
||||
<li>Server administrators sometimes choose to block other servers, which are a source of unmoderated abuse or break general rules of accepted behavior. This will hinder your ability to communicate with users on those servers.</li>
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
{%
|
||||
include cardv2.html
|
||||
title="Matrix"
|
||||
image="/assets/img/svg/3rd-party/matrix.svg"
|
||||
image-dark="/assets/img/svg/3rd-party/matrix-dark.svg"
|
||||
description='<a href="https://matrix.org/docs/guides/introduction">Matrix</a> is an open-source project that publishes the <a href="https://matrix.org/docs/spec">Matrix open standard</a> for secure, decentralized, real-time communication.<br />
|
||||
<a href="https://en.wikipedia.org/wiki/Riot.im">Riot.im</a> is the popular reference client produced by the Matrix.org team. It offers optional E2EE for 1:1 and group conversations that <strong>must</strong> be turned on by the user. (This can be done by clicking on the toggle switch which is accessed by clicking the room name or user name of the chat → Security & Privacy → Encrypted). In the future it will be <a href="https://github.com/vector-im/riot-web/issues/6779">on by default.</a>'
|
||||
website="https://about.riot.im/"
|
||||
forum="https://forum.privacytools.io/t/discussion-riot-im/665/"
|
||||
github="https://github.com/vector-im/riot-web/"
|
||||
windows="https://riot.im/download/desktop/"
|
||||
mac="https://riot.im/download/desktop/"
|
||||
linux="https://riot.im/download/desktop/"
|
||||
fdroid="https://f-droid.org/repository/browse/?fdid=im.vector.alpha"
|
||||
googleplay="https://play.google.com/store/apps/details?id=im.vector.app"
|
||||
ios="https://itunes.apple.com/app/vector.im/id1083446067"
|
||||
web="https://riot.im/app/"
|
||||
%}
|
||||
|
||||
<div>
|
||||
<h4>Worth Mentioning</h4>
|
||||
|
||||
<ul>
|
||||
<li>Other <a href="https://matrix.org/clients">Matrix</a> clients, that may however be less feature complete than Riot.im.</li>
|
||||
<li><a href="https://xmpp.org/about">XMPP</a> (Extensible Messaging and Presence Protocol) is an open-source communications protocol that began development in 1999. Since then, XMPP has been extended by the publishing of XEPs (XMPP Extension Protocols). <a href="https://conversations.im/omemo/">OMEMO</a> is the most popular XEP (XMPP extension) for E2EE. Clients are developed by the community and not by the XSF (XMPP Standards Foundation). <span class="badge badge-warning" data-toggle="tooltip" title="VoIP and file transfers/names may not be end-to-end encrypted.">Inconsistent E2EE</span></li>
|
||||
<ul>
|
||||
<li><a href="https://gajim.org/">Gajim</a></li>
|
||||
<li><a href="https://conversations.im">Conversations</a></li>
|
||||
<li><a href="https://siskin.im/">Siskin</a></li>
|
||||
<li>Other <a href="https://omemo.top">OMEMO</a> capable clients for XMPP.</li>
|
||||
</ul>
|
||||
<li><a href="https://www.kontalk.org">Kontalk</a> is a community-driven instant messaging network based on XMPP.</li>
|
||||
</ul>
|
||||
|
||||
<h2 id="peer-to-peer" class="anchor"><a href="#peer-to-peer"><i class="fas fa-link anchor-icon"></i></a> Peer to Peer (P2P)</h2>
|
||||
|
||||
|
|
Reference in New Issue