Skip to content
This repository has been archived by the owner on Jun 24, 2022. It is now read-only.

instant-messenger: list federated above centralized #1701

Closed
wants to merge 2 commits into from
Closed

instant-messenger: list federated above centralized #1701

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
85d49df
instant-messenger: list federated above centralized
Mikaela Feb 10, 2020
b9425d2
reorder
dngray Feb 15, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
117 changes: 59 additions & 58 deletions _includes/sections/instant-messenger.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,65 @@ <h1 id="im" class="anchor"><a href="#im"><i class="fas fa-link anchor-icon"></i>

<p>All the client programs/apps we chose are <a href="https://en.wikipedia.org/wiki/Free_and_open-source_software">free and open-source software</a> unless otherwise mentioned. This to ensure that the code can be independently verified by experts now and in the future.</p>

<p>We have described the three main types of messaging programs that exist: Centralized, Federated and Peer-to-Peer (P2P), with the advantages and disadvantages of each.</p>
<p>We have described the three main types of messaging programs that exist: Federated, Centralized, and Peer-to-Peer (P2P), with the advantages and disadvantages of each.</p>

<div>
<h2 id="federated" class="anchor"><a href="#federated"><i class="fas fa-link anchor-icon"></i></a> Federated</h2>

<p>Federated messengers use multiple, independent servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.</p>

<h3>Advantages</h3>
<ul>
<li>Allows for greater control over your own data when running your own server.</li>
<li>Allows you to choose who to trust your data with by choosing between multiple "public" servers.</li>
<li>Often allows for third party clients which can provide a more native, customized, or accessible experience.</li>
<li>Generally a less juicy target for governments wanting <a href="#exploiting-centralized-networks">backdoor access to everything</a> as the trust is decentralized. The server may be hosted independently from the organization developing the software.</li>
<li>Server software can be verified that it matches public source code, assuming you have access to the server or you trust the person who does (e.g., a family member)</li>
<li>Third-party developers can contribute code and add new features, instead of waiting for a private development team to do so.</li>
</ul>

<h3>Disadvantages</h3>
<ul>
<li>Adding new features is more complex, because these features need to be standardized and tested to ensure they work with all servers on the network.</li>
<li>Some metadata may be available (e.g., information like "who is talking to whom," but not actual message content if E2EE is used).</li>
<li>Federated servers generally require trusting your server's administrator. They may be a hobbyist or otherwise not a "security professional," and may not serve standard documents like a privacy policy or terms of service detailing how your data is utilized.</li>
<li>Server administrators sometimes choose to block other servers, which are a source of unmoderated abuse or break general rules of accepted behavior. This will hinder your ability to communicate with users on those servers.</li>
</ul>
</div>

{%
include cardv2.html
title="Matrix"
image="/assets/img/svg/3rd-party/matrix.svg"
image-dark="/assets/img/svg/3rd-party/matrix-dark.svg"
description='<a href="https://matrix.org/docs/guides/introduction">Matrix</a> is an open-source project that publishes the <a href="https://matrix.org/docs/spec">Matrix open standard</a> for secure, decentralized, real-time communication.<br />
<a href="https://en.wikipedia.org/wiki/Riot.im">Riot.im</a> is the popular reference client produced by the Matrix.org team. It offers optional E2EE for 1:1 and group conversations that <strong>must</strong> be turned on by the user. (This can be done by clicking on the toggle switch which is accessed by clicking the room name or user name of the chat → Security &amp; Privacy → Encrypted). In the future it will be <a href="https://github.com/vector-im/riot-web/issues/6779">on by default.</a>'
website="https://about.riot.im/"
forum="https://forum.privacytools.io/t/discussion-riot-im/665/"
github="https://github.com/vector-im/riot-web/"
windows="https://riot.im/download/desktop/"
mac="https://riot.im/download/desktop/"
linux="https://riot.im/download/desktop/"
fdroid="https://f-droid.org/repository/browse/?fdid=im.vector.alpha"
googleplay="https://play.google.com/store/apps/details?id=im.vector.app"
ios="https://itunes.apple.com/app/vector.im/id1083446067"
web="https://riot.im/app/"
%}

<div>
<h4>Worth Mentioning</h4>

<ul>
<li>Other <a href="https://matrix.org/clients">Matrix</a> clients, that may however be less feature complete than Riot.im.</li>
<li><a href="https://xmpp.org/about">XMPP</a> (Extensible Messaging and Presence Protocol) is an open-source communications protocol that began development in 1999. Since then, XMPP has been extended by the publishing of XEPs (XMPP Extension Protocols). <a href="https://conversations.im/omemo/">OMEMO</a> is the most popular XEP (XMPP extension) for E2EE. Clients are developed by the community and not by the XSF (XMPP Standards Foundation). <span class="badge badge-warning" data-toggle="tooltip" title="VoIP and file transfers/names may not be end-to-end encrypted.">Inconsistent E2EE</span></li>
<ul>
<li><a href="https://gajim.org/">Gajim</a></li>
<li><a href="https://conversations.im">Conversations</a></li>
<li><a href="https://siskin.im/">Siskin</a></li>
<li>Other <a href="https://omemo.top">OMEMO</a> capable clients for XMPP.</li>
</ul>
<li><a href="https://www.kontalk.org">Kontalk</a> is a community-driven instant messaging network based on XMPP.</li>
</ul>

<h2 id="centralized" class="anchor"><a href="#centralized"><i class="fas fa-link anchor-icon"></i></a> Centralized</h2>

Expand Down Expand Up @@ -67,63 +125,6 @@ <h3>Disadvantages</h3>
chrome="https://chrome.google.com/webstore/detail/keybase-for-reddit/ognfafcpbkogffpmmdglhbjboeojlefj"
%}

<div>
<h2 id="federated" class="anchor"><a href="#federated"><i class="fas fa-link anchor-icon"></i></a> Federated</h2>

<p>Federated messengers use multiple, independent servers that are able to talk to each other (email is one example of a federated service). Federation allows system administrators to control their own server and still be a part of the larger communications network.</p>

<h3>Advantages</h3>
<ul>
<li>Allows for greater control over your own data when running your own server.</li>
<li>Allows you to choose who to trust your data with by choosing between multiple "public" servers.</li>
<li>Often allows for third party clients which can provide a more native, customized, or accessible experience.</li>
<li>Generally a less juicy target for governments wanting <a href="#exploiting-centralized-networks">backdoor access to everything</a> as the trust is decentralized. The server may be hosted independently from the organization developing the software.</li>
<li>Server software can be verified that it matches public source code, assuming you have access to the server or you trust the person who does (e.g., a family member)</li>
<li>Third-party developers can contribute code and add new features, instead of waiting for a private development team to do so.</li>
</ul>

<h3>Disadvantages</h3>
<ul>
<li>Adding new features is more complex, because these features need to be standardized and tested to ensure they work with all servers on the network.</li>
<li>Some metadata may be available (e.g., information like "who is talking to whom," but not actual message content if E2EE is used).</li>
<li>Federated servers generally require trusting your server's administrator. They may be a hobbyist or otherwise not a "security professional," and may not serve standard documents like a privacy policy or terms of service detailing how your data is utilized.</li>
<li>Server administrators sometimes choose to block other servers, which are a source of unmoderated abuse or break general rules of accepted behavior. This will hinder your ability to communicate with users on those servers.</li>
</ul>
</div>

{%
include cardv2.html
title="Matrix"
image="/assets/img/svg/3rd-party/matrix.svg"
image-dark="/assets/img/svg/3rd-party/matrix-dark.svg"
description='<a href="https://matrix.org/docs/guides/introduction">Matrix</a> is an open-source project that publishes the <a href="https://matrix.org/docs/spec">Matrix open standard</a> for secure, decentralized, real-time communication.<br />
<a href="https://en.wikipedia.org/wiki/Riot.im">Riot.im</a> is the popular reference client produced by the Matrix.org team. It offers optional E2EE for 1:1 and group conversations that <strong>must</strong> be turned on by the user. (This can be done by clicking on the toggle switch which is accessed by clicking the room name or user name of the chat → Security &amp; Privacy → Encrypted). In the future it will be <a href="https://github.com/vector-im/riot-web/issues/6779">on by default.</a>'
website="https://about.riot.im/"
forum="https://forum.privacytools.io/t/discussion-riot-im/665/"
github="https://github.com/vector-im/riot-web/"
windows="https://riot.im/download/desktop/"
mac="https://riot.im/download/desktop/"
linux="https://riot.im/download/desktop/"
fdroid="https://f-droid.org/repository/browse/?fdid=im.vector.alpha"
googleplay="https://play.google.com/store/apps/details?id=im.vector.app"
ios="https://itunes.apple.com/app/vector.im/id1083446067"
web="https://riot.im/app/"
%}

<div>
<h4>Worth Mentioning</h4>

<ul>
<li>Other <a href="https://matrix.org/clients">Matrix</a> clients, that may however be less feature complete than Riot.im.</li>
<li><a href="https://xmpp.org/about">XMPP</a> (Extensible Messaging and Presence Protocol) is an open-source communications protocol that began development in 1999. Since then, XMPP has been extended by the publishing of XEPs (XMPP Extension Protocols). <a href="https://conversations.im/omemo/">OMEMO</a> is the most popular XEP (XMPP extension) for E2EE. Clients are developed by the community and not by the XSF (XMPP Standards Foundation). <span class="badge badge-warning" data-toggle="tooltip" title="VoIP and file transfers/names may not be end-to-end encrypted.">Inconsistent E2EE</span></li>
<ul>
<li><a href="https://gajim.org/">Gajim</a></li>
<li><a href="https://conversations.im">Conversations</a></li>
<li><a href="https://siskin.im/">Siskin</a></li>
<li>Other <a href="https://omemo.top">OMEMO</a> capable clients for XMPP.</li>
</ul>
<li><a href="https://www.kontalk.org">Kontalk</a> is a community-driven instant messaging network based on XMPP.</li>
</ul>

<h2 id="peer-to-peer" class="anchor"><a href="#peer-to-peer"><i class="fas fa-link anchor-icon"></i></a> Peer to Peer (P2P)</h2>

Expand Down