Hi. I have a group of 6 people using Discord to chat. Recently Discord changed a lot and we’re looking for an alternative. We have a few requirements:

  • Good client on multiple platforms
  • Easy to use search
  • Self hosted
  • Permanently saved chat history & attachments on server (no expiration)
  • Easy image upload (Ctrl+V to post image from clipboard)

IRC isn’t an option as chat history is saved on the client, and there’s no good integrated way to share files and preview images. Matrix would be an overkill as we’re a small group not interested in federation, and the available clients had a few bugs. Mattermost lacks a good mobile app (their current one had bunch of bugs). XMPP appears to be the best as it is extensible and has many clients available.

However, I tried configuring prosody on my FreeBSD server and it seems like it doesn’t permanently save chat history or attachment files. Does anyone know if these can be solved? Or is there any better alternative than XMPP?

Thanks.

  • TCB13@lemmy.world
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    6
    ·
    edit-2
    9 months ago

    Yes, but Matrix a plague of questionable open-source and a metadata disaster.

    Matrix’s E2EE does not, however, encrypt everything. The following information is not encrypted: Message senders, Session/device IDs, Message timestamps, Room members (join/leave/invite events), Message edit events, Message reactions, Read receipts, Nicknames, Profile pictures

    Matrix is developed by a for profit entity, a group of venture capitalists and having a spec doesn’t mean everything. The way Matrix is designed is to force people into jumping through hoops and kind of drawing all attention to Matrix itself instead of the end result.

    Decentralized communication protocol Matrix shifts to less-permissive AGPL open source license Element, the company and core developer behind the decentralized communication protocol known as Matrix, has announced a notable license change that will make the open source project just that little bit less appealing for companies looking to build on top of it.

    https://techcrunch.com/2023/11/06/decentralized-communication-protocol-matrix-shifts-to-less-permissive-agpl-open-source-license/

    Stop recommending questionable open-source like Matrix. XMPP is the true and the OG federated and truly open solution that is very extensible. XMPP is tested, reliable, secure and above all a truly open standard and decentralized it just lacks some investment in better mobile clients.

    What people fail to see is that XMPP is the only solution that treats messaging and video like email: just provide an address and the servers and clients will cooperate with each other in order to maintain a conversation and it can be configured to be secure and private. Everything else is just an attempt at yet another vendor lock-in. Here a quick overview of the architecture.

    • EngineerGaming@feddit.nl
      link
      fedilink
      English
      arrow-up
      3
      ·
      9 months ago

      What also bothers me is how prominent matrix.org instance is. So you got a system that is supposed to be decentralized… Yet defederating from the one central server would break a lot.

      • TCB13@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        The way Matrix is designed is to force people into jumping through hoops and kind of drawing all attention to Matrix itself instead of the end result

        That’s just another detail where we see that.

    • Kairos@lemmy.today
      link
      fedilink
      English
      arrow-up
      3
      ·
      9 months ago

      Yes, but Matrix a plague of questionable open-source and a metadata disaster.

      Matrix does not “leak” metadata. It HAS metadata.

      • poVoq@slrpnk.net
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        9 months ago

        No, or rather not quite. XMPP is designed on a need-to-see system where basically only the meta-data that a server or client really requires to function is shared with it. This can mean that there is quite a bit of meta-data shared with various servers in a popular group-chat, but that is rather the exception.

        Matrix on the other hand is designed as a replicated data-store, meaning that really everything is shared with every connected server by design. The reason for this is so that chats can continue to function even when the original server is removed etc. This was the big original selling point of Matrix, but lately they have been somewhat quiet about it as it largely contradicts privacy concerns and might even be fundamentally GDPR incompatible. In any case it is pretty much a meta-data nightmare.

        • TCB13@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          9 months ago

          Let me add the following: the problem is that that metadata is all over the place AND you can’t remove it from those 3rd party servers. Also there’s a ton of questionable stuff like read receipts and reactions that are never encrypted (not sure if this was fixed already). XMPP with OMEMO enables will encrypt everything.

          • poVoq@slrpnk.net
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            9 months ago

            Currently the OMEMO as implemented in most clients only encrypts message content, but not the meta-data. There is a newer, sadly incompatible version that encrypts more, but few XMPP clients support it (AFAIK only Kaidan and Moxxy).

            • TCB13@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              ·
              9 months ago

              About the metadata part: one of the issues with Matrix is that it considers some stuff like read receipts as metadata. In XMPP all that information is special messages inside your conversation thus they get encrypted as well.

        • Kairos@lemmy.today
          link
          fedilink
          English
          arrow-up
          1
          ·
          9 months ago

          Well you also can’t remove shit on someone else’s email servers so is that not GDPR compatible?

          • poVoq@slrpnk.net
            link
            fedilink
            English
            arrow-up
            4
            ·
            9 months ago

            In the case of email you have to actively send something to someone for it to be on their server. In Matrix it is sufficient for a 3rd party to join a chat for them to get the entire chat history (hopefully e2ee) including all meta-data back to the very first day the chat was created.

            • Kairos@lemmy.today
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              9 months ago

              They’re actually working on that, which is nice. It’s called lazy loading I think? Not sure if it’s implemented yet.

              • poVoq@slrpnk.net
                link
                fedilink
                English
                arrow-up
                3
                ·
                9 months ago

                No, that is only solving the problem of long loading times when first joining a chat (caused by the server having to download the entire chat history and meta-data). Eventually the server still has to synchronize the entire chat. There is no way around it by design.