From 85d49df48bcabf3e7c1d16e6967f26903a6df379 Mon Sep 17 00:00:00 2001 From: Mikaela Suomalainen Date: Mon, 10 Feb 2020 20:12:13 +0200 Subject: [PATCH 1/2] instant-messenger: list federated above centralized --- _includes/sections/instant-messenger.html | 115 +++++++++++----------- 1 file changed, 58 insertions(+), 57 deletions(-) diff --git a/_includes/sections/instant-messenger.html b/_includes/sections/instant-messenger.html index ad70a863a..ca357e497 100644 --- a/_includes/sections/instant-messenger.html +++ b/_includes/sections/instant-messenger.html @@ -9,6 +9,64 @@

We have described the three main types of messaging programs that exist: Centralized, Federated and Peer-to-Peer (P2P), with the advantages and disadvantages of each.

+
+

Federated

+ +

Federated messengers use multiple, independent servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.

+ +

Advantages

+
    +
  • Allows for greater control over your own data when running your own server.
    • +
  • Allows you to choose who to trust your data with by choosing between multiple "public" servers.
    • +
  • Often allows for third party clients which can provide a more native, customized, or accessible experience.
    • +
  • Generally a less juicy target for governments wanting backdoor access to everything as the trust is decentralized. The server may be hosted independently from the organization developing the software.
    • +
  • Server software can be verified that it matches public source code, assuming you have access to the server or you trust the person who does (e.g., a family member)
    • +
  • Third-party developers can contribute code and add new features, instead of waiting for a private development team to do so.
    • +
+ +

Disadvantages

+
    +
  • Adding new features is more complex, because these features need to be standardized and tested to ensure they work with all servers on the network.
    • +
  • Some metadata may be available (e.g., information like "who is talking to whom," but not actual message content if E2EE is used).
    • +
  • Federated servers generally require trusting your server's administrator. They may be a hobbyist or otherwise not a "security professional," and may not serve standard documents like a privacy policy or terms of service detailing how your data is utilized.
    • +
  • Server administrators sometimes choose to block other servers, which are a source of unmoderated abuse or break general rules of accepted behavior. This will hinder your ability to communicate with users on those servers.
    • +
+
+ +{% + include cardv2.html + title="Matrix" + image="/assets/img/svg/3rd-party/matrix.svg" + image-dark="/assets/img/svg/3rd-party/matrix-dark.svg" + description='Matrix is an open-source project that publishes the Matrix open standard for secure, decentralized, real-time communication.
+ Riot.im is the popular reference client produced by the Matrix.org team. It offers optional E2EE for 1:1 and group conversations that must be turned on by the user. (This can be done by clicking on the toggle switch which is accessed by clicking the room name or user name of the chat → Security & Privacy → Encrypted). In the future it will be on by default.' + website="https://about.riot.im/" + forum="https://forum.privacytools.io/t/discussion-riot-im/665/" + github="https://github.com/vector-im/riot-web/" + windows="https://riot.im/download/desktop/" + mac="https://riot.im/download/desktop/" + linux="https://riot.im/download/desktop/" + fdroid="https://f-droid.org/repository/browse/?fdid=im.vector.alpha" + googleplay="https://play.google.com/store/apps/details?id=im.vector.app" + ios="https://itunes.apple.com/app/vector.im/id1083446067" + web="https://riot.im/app/" +%} + +
+

Worth Mentioning

+ +
    +
  • Other Matrix clients, that may however be less feature complete than Riot.im.
    • +
  • XMPP (Extensible Messaging and Presence Protocol) is an open-source communications protocol that began development in 1999. Since then, XMPP has been extended by the publishing of XEPs (XMPP Extension Protocols). OMEMO is the most popular XEP (XMPP extension) for E2EE. Clients are developed by the community and not by the XSF (XMPP Standards Foundation). Inconsistent E2EE
    • + +
  • Kontalk is a community-driven instant messaging network based on XMPP.
    • +
+

Centralized

Centralized messengers are those where every participant is on the same server or network of servers controlled by the same organization.

@@ -67,63 +125,6 @@

Disadvantages

chrome="https://chrome.google.com/webstore/detail/keybase-for-reddit/ognfafcpbkogffpmmdglhbjboeojlefj" %} -
-

Federated

- -

Federated messengers use multiple, independent servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.

- -

Advantages

-
    -
  • Allows for greater control over your own data when running your own server.
    • -
  • Allows you to choose who to trust your data with by choosing between multiple "public" servers.
    • -
  • Often allows for third party clients which can provide a more native, customized, or accessible experience.
    • -
  • Generally a less juicy target for governments wanting backdoor access to everything as the trust is decentralized. The server may be hosted independently from the organization developing the software.
    • -
  • Server software can be verified that it matches public source code, assuming you have access to the server or you trust the person who does (e.g., a family member)
    • -
  • Third-party developers can contribute code and add new features, instead of waiting for a private development team to do so.
    • -
- -

Disadvantages

-
    -
  • Adding new features is more complex, because these features need to be standardized and tested to ensure they work with all servers on the network.
    • -
  • Some metadata may be available (e.g., information like "who is talking to whom," but not actual message content if E2EE is used).
    • -
  • Federated servers generally require trusting your server's administrator. They may be a hobbyist or otherwise not a "security professional," and may not serve standard documents like a privacy policy or terms of service detailing how your data is utilized.
    • -
  • Server administrators sometimes choose to block other servers, which are a source of unmoderated abuse or break general rules of accepted behavior. This will hinder your ability to communicate with users on those servers.
    • -
-
- -{% - include cardv2.html - title="Matrix" - image="/assets/img/svg/3rd-party/matrix.svg" - image-dark="/assets/img/svg/3rd-party/matrix-dark.svg" - description='Matrix is an open-source project that publishes the Matrix open standard for secure, decentralized, real-time communication.
- Riot.im is the popular reference client produced by the Matrix.org team. It offers optional E2EE for 1:1 and group conversations that must be turned on by the user. (This can be done by clicking on the toggle switch which is accessed by clicking the room name or user name of the chat → Security & Privacy → Encrypted). In the future it will be on by default.' - website="https://about.riot.im/" - forum="https://forum.privacytools.io/t/discussion-riot-im/665/" - github="https://github.com/vector-im/riot-web/" - windows="https://riot.im/download/desktop/" - mac="https://riot.im/download/desktop/" - linux="https://riot.im/download/desktop/" - fdroid="https://f-droid.org/repository/browse/?fdid=im.vector.alpha" - googleplay="https://play.google.com/store/apps/details?id=im.vector.app" - ios="https://itunes.apple.com/app/vector.im/id1083446067" - web="https://riot.im/app/" -%} - -
-

Worth Mentioning

- -
    -
  • Other Matrix clients, that may however be less feature complete than Riot.im.
    • -
  • XMPP (Extensible Messaging and Presence Protocol) is an open-source communications protocol that began development in 1999. Since then, XMPP has been extended by the publishing of XEPs (XMPP Extension Protocols). OMEMO is the most popular XEP (XMPP extension) for E2EE. Clients are developed by the community and not by the XSF (XMPP Standards Foundation). Inconsistent E2EE
    • - -
  • Kontalk is a community-driven instant messaging network based on XMPP.
    • -

Peer to Peer (P2P)

From b9425d29b8c159f2b4fee993537cb9d6e9c12c0b Mon Sep 17 00:00:00 2001 From: Daniel Nathan Gray Date: Sat, 15 Feb 2020 05:13:41 +0000 Subject: [PATCH 2/2] reorder Co-Authored-By: Jonah Aragon --- _includes/sections/instant-messenger.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_includes/sections/instant-messenger.html b/_includes/sections/instant-messenger.html index ca357e497..412be3904 100644 --- a/_includes/sections/instant-messenger.html +++ b/_includes/sections/instant-messenger.html @@ -7,7 +7,7 @@

All the client programs/apps we chose are free and open-source software unless otherwise mentioned. This to ensure that the code can be independently verified by experts now and in the future.

-

We have described the three main types of messaging programs that exist: Centralized, Federated and Peer-to-Peer (P2P), with the advantages and disadvantages of each.

+

We have described the three main types of messaging programs that exist: Federated, Centralized, and Peer-to-Peer (P2P), with the advantages and disadvantages of each.

Federated