this post was submitted on 24 Sep 2024
30 points (100.0% liked)

Privacy

32169 readers
441 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Hi,

Trying to move group chat from telegram to a more private option, but the key feature is its web interface which is so convenient...

I've checked SimpleX, Session, Briar & Element-Matrix, but the first 3 do not have a web version and the latest only has a free version for self-hosting and I haven't looked into self-hosting yet.

I'd completely understand if what I'm looking for doesn't exist for free, but if anyone has a suggestion here, I'm interested!

Cheers

all 33 comments
sorted by: hot top controversial new old
[–] [email protected] 34 points 2 months ago

Element/matrix does indeed have a web version. You can use https://app.element.io, or you can self host the web client.

[–] [email protected] 13 points 2 months ago (1 children)

I think Element does what you're looking for. Get yourself a fediverse account, log in and watch it go. Difficulty, as ever, is getting your contacts to switch.

[–] [email protected] 4 points 2 months ago (2 children)

Matrix isn’t ActivityPub ∴ not a part of the fediverse

[–] [email protected] 2 points 2 months ago (1 children)

It is federated, just with other Matrix protocol servers. Just like how email is federated.

[–] [email protected] 2 points 2 months ago (2 children)

Being federated isn’t the same as living in the same Fediverse. You can upvote a Lemmy post from Mastodon since they both use ActivityPub but you can’t do that with a Matrix account. There are a couple of different ActivityPub-like generalized protocols out there, but none of them are near the size of ActivityPub & Lemmy is ActivityPub so for all intents & purposes for this conversation the Fediverse here (& most places) is ActivityPub. Matrix is on an entirely different federated network & they aren’t related.

[–] [email protected] 1 points 2 months ago (1 children)

I think I need to read up on the fediverse a bit more. Technically it looks like anything in the fediverse at the moment is ActivityPub, even though it supports 3 more protocols. At this point, only Hubzilla uses something other than ActivityPub, even though it also makes use of AP. I was confused because Matrix is also an open protocol and also federated. I had figured everything federated could talk to each other underneath... That'd be the dream, right?

[–] [email protected] 2 points 2 months ago* (last edited 2 months ago)

I mean we already had the universal protocol last decade in an extensible markup language, but the next generation decided we needed to rewrite everything in a JSON schema that isn’t as easy to extend as XMPP. It’s federated/decentralized, has many chat clients, some social media + community managing platforms (Movim & Libervia), used for video conferencing (Jitsi & Zoom), negotiation matchmaking for games (most of them), displaying friend roster status updates (Nintendo, & many other systems). This would have (& can still be) the dream instead of needing to reinvent everything.

Worth reading: https://ploum.net/2023-06-23-how-to-kill-decentralised-networks.html

[–] [email protected] 1 points 2 months ago

I do agree that generally when we refer to the fediverse, we mean ActivityPub federation. I also just wanted to point out that ActivityPub is not synonymous with fediverse.

[–] [email protected] 1 points 2 months ago (1 children)

Hmm okay. I've logged into Element with my lemmy.world account though

[–] [email protected] 1 points 2 months ago* (last edited 2 months ago)

OAuth or SSO is not the same as communicating over the same protocol. You can also log in with Google, Facebook, Apple, GitLab, Microsoft GitHub, & others on different platforms as SSO options… clearly these are not the Fediverse.

[–] [email protected] 7 points 2 months ago* (last edited 1 month ago) (3 children)

Just because those two got mentioned: Element/Matrix and Jitsi are not E2EE out of the box. You need to set it up.

[–] [email protected] 3 points 2 months ago (1 children)

Element is default E2EE for 1-to-1 direct messaging. Rooms require setting up encryption.

[–] [email protected] 1 points 2 months ago

But even for those you have to set up your security phrase.

[–] [email protected] 1 points 2 months ago

Thank you for mentioning it, I've set up encryption end currently testing matrix with element as client, we'll see how it works out

[–] [email protected] 1 points 2 months ago

ik matrix is e2ee in private messaging only but i think its setup automatically

[–] [email protected] 6 points 2 months ago

matrix has a web interface and there's many different options for clients. https://matrix.org/ecosystem/clients/

there's also signal but idk if that will suit your needs

there is revolt that is like discord but it is open source. downside is it is not e2ee

[–] [email protected] 3 points 2 months ago (2 children)
[–] [email protected] 2 points 2 months ago (1 children)

Jitsi is built atop XMPP so you have a general purpose chat server already on the system.

[–] [email protected] 1 points 2 months ago (1 children)

Is their chat e2ee tho? I know the video and audio can be

[–] [email protected] 1 points 2 months ago

You can use its underlying ejabberd, Prosody, or other server for chat. Most modern clients offer OMEMO, OTR, PGP for client-side encryption (end-to-end implies the servers don’t/can’t do anything here)

[–] [email protected] 1 points 2 months ago (1 children)

Doesn't it now require signing in with fb, google or some crap like that?

[–] [email protected] 1 points 2 months ago

No. And there's loads of different providers because you can self-host.

[–] [email protected] 3 points 2 months ago* (last edited 2 months ago) (1 children)

Movim v0.28 released within the last 24 hours. It has a web UI (that is optimized for both large & small viewports), E2EE via OMEMO, OTR, or PGP (but users can choose native clients if they wish). With the NLNet funding they are extending to full video conferencing + compatibility with the Dino native GTK client. Subjectively, it looks pretty sharp for a web client. You can also use it to share ‘posts’ for announcements & public feed aggregation—something a group chat should never be used for (announcements & other long-term messages get lost in the black hole search can’t find & unreleated posts all around it with messy-to-follow threads since this sort of content isn’t supposed to be chat).

It’s not quite as easy as services.movim.enable = true for NixOS but the NixOS module isn’t far off once an XMPP server has been selected with optimized defaults beyond standard setup—& the option I would personally recommend for self-hosting as declarative config is easier to work with in the long run, but there are non-Nix options. Being PHP, it’s fairly performant as well as not being built on some space-wasting, RAM-sucking ‘eventual consistency’ model that will cost you out the ass (which is Matrix, by design). The front-end, being mostly vanilla JS, is not using some heavy, bloaty framework. This will meet all your needs & not require expensive hardware host even on an old laptop at home or part of a multi-purpose server (does not need dedicated hardware).

[–] [email protected] 2 points 2 months ago

Interesting option, I'll look into it!

[–] [email protected] 2 points 2 months ago (1 children)

SimpleX

The first messenger without user IDs, Other apps have user IDs: Signal, Matrix, Session, Briar, Jami, Cwtch, etc. SimpleX does not, not even random numbers. This radically improves your privacy.

[–] [email protected] 1 points 2 months ago* (last edited 2 months ago)

Signal, tho I'm not sure it has a web interface, I use their flatpak on Linux, they have apps for other OSes too (and obviously for your phones)

[–] [email protected] -4 points 2 months ago (1 children)

E2EE with a server web interface is a technical impossibility. The ends are the clients. By definition the server is only there to pass encrypted data from client to client. Presumably you can make this work with a web client using the browser's local storage, but at that point you're not actually looking at a web site and you might as well just use the official app. This is one reason why Telegram doesn't do encryption by default: group chats are particularly hard to do with EE2E.

[–] [email protected] 6 points 2 months ago (2 children)

JavaScript runs on the client. It's fairly easy to do the encryption there.

[–] [email protected] 3 points 2 months ago* (last edited 2 months ago) (1 children)

But the JS is served to the browser each time the page loads, you can't be sure it stays the same between loads. Sure, this is the same problem as malicious updates, but still exaggerated - the opportunity to slip in altered code is "every time you open the page" rather than "every update". Plus much more convenient to do targeting.

[–] refalo 2 points 2 months ago

you don't have to load the code every time, you can save it and run locally, this is exactly what the Element desktop app does, it's just an electron loader for a local copy of the website, and you can choose to update it whenever you want

[–] [email protected] 2 points 2 months ago

That's why I emphasized the word "server"