> We strongly recommend hosting your own XMPP server in a controlled environment or switching to instant messengers that either implement client-side account management or enforce end-to-end encryption for account management.
Sadly, the author does not mention which instant messengers he recommends in this regard. The issues mentioned in this article can either be solved by using authenticated end-to-end encryption or cannot be solved without p2p protocols (maybe XEP-0174 Serverless Messaging?). Client side account management or end-to-end encryption for account management won't do much since, if you control the server, it is easy to log which contacts you send messages to, effectively revealing your contact list over time.
We recommended alternatives back in 2019 when we published this article originally. Unfortunately, people then started to discuss why all of these alternatives were much worse according to them, distracting attention away from XMPP's downsides.
Were those arguments valid? If you recommend X instead of Y, it seems reasonable to discuss not only the downsides of Y but also how X is better or worse in comparison to Y.
> If you recommend X instead of Y, it seems reasonable to discuss not only the downsides of Y but also how X is better or worse in comparison to Y.
Indeed. One should mention upsides and downsides of a solution. In our opinion, many "use XMPP" comments only focus on the upsides but rarely mention any downsides. This is the primary reason for our article on some (not all) downsides of XMPP. We focus on easy-to-verify findings. However, we (and others) can't write an exhaustive list of pros and cons of all messengers.
> Were those arguments valid?
Most of them drew attention to unrelated features. E.g., "Y requires your phone number; thus, users of Y can easily be tracked"; however, the situation isn't binary, and phone numbers weren't in our article in the first place.
If a service requires my phone number, it is indeed a privacy concern. Phone numbers are strong identifiers; for most people they are tightly coupled to their real world identity. Most XMPP servers do not even require an email address (+ I have the freedom to host my own and still be able to communicate with everyone else using XMPP). Thus I can create a new XMPP account without linking to my real world identity.
Excellent example for what we mean: Our article doesn't discuss anything about "What is needed to register for service X." Discussing this is perfectly valid; however, it isn't about the article.
You don't host it, it ain't yours. This is why I've never really bought the whole "give us all your info on register" thing. Or most forms of metadata tracking.
This is also why I'm flabbergasted at the cavalier attitudes admins I've met have toward user privacy.
8 comments
[ 4.5 ms ] story [ 31.2 ms ] threadSadly, the author does not mention which instant messengers he recommends in this regard. The issues mentioned in this article can either be solved by using authenticated end-to-end encryption or cannot be solved without p2p protocols (maybe XEP-0174 Serverless Messaging?). Client side account management or end-to-end encryption for account management won't do much since, if you control the server, it is easy to log which contacts you send messages to, effectively revealing your contact list over time.
We recommended alternatives back in 2019 when we published this article originally. Unfortunately, people then started to discuss why all of these alternatives were much worse according to them, distracting attention away from XMPP's downsides.
Indeed. One should mention upsides and downsides of a solution. In our opinion, many "use XMPP" comments only focus on the upsides but rarely mention any downsides. This is the primary reason for our article on some (not all) downsides of XMPP. We focus on easy-to-verify findings. However, we (and others) can't write an exhaustive list of pros and cons of all messengers.
> Were those arguments valid? Most of them drew attention to unrelated features. E.g., "Y requires your phone number; thus, users of Y can easily be tracked"; however, the situation isn't binary, and phone numbers weren't in our article in the first place.
This is also why I'm flabbergasted at the cavalier attitudes admins I've met have toward user privacy.