Thread replies: 48
Thread images: 1
Thread images: 1
File: XMPP_logo.png (71KB, 996x1024px) Image search:
[Google]
71KB, 996x1024px
What XMPP-client should I use? I used to run PSI+, but that isn't developed anymore.
>>
get a LAMP stack you pleb.
>>
install gentoo
>>
Also, what server is good?
>>
>>58163023
What has that got to do with XMPP
>>
>>58163107
wrong thread
>>
>>58163073
Prosody works. Message storage was iffy for me on ARM.
>>58162994
Pidgin is what we non-cyka blyats use on x86. I used ChatSecure on Android but development has stopped for it, too.
I gave up on XMPP recently and switched to Signal.
>>
>>58163278
chatsecure development stopped cause conversations seemed more worth the time iirc
>>
Pidgin for Windows and Linux
Adium for macOS
dukgo.com or cock.li for providers or make your own one
>>
>>58163278
>Pidgin
Pidgin has support for like 15 different protocols, at least one of them a discontinued service. Not sure that I would like to use that.
>>
>>58163023
When you want to be a 1337 Linux user, but you don't know shit, so you just hate on XAMPP.
>>58163328
What this guy said, used both at work, pretty good. Adium's notification for group chat messages was annoying to setup though.
>>
>>58162994
I use bitlbee
>>
>>58163499
>I'd rather use this piece of shit that only supports 1 protocol than this well-known software that supports everything under the sun
nice “app” mentality you got going on there
>>
>>58163073
I use ejabberd but it's a bitch to work with and set up
Even something as simple as migrating your installation from one server to another is a pain in the ass.
>>
XMPP is dead, anon.
>Facebook Messenger bridge gone
>Google Talk bridge gone
>Apple bridge never existed because Apple
>>
>>58163807
>XMPP is dead
What else are you supposed to use for IM?
>>
>>58163811
Tox :^)
>>
>>58163811
IRC is still alive
>>
>>58163811
ICQ
>>
>>58163839
Feels more like Skype than MSN, no thanks.
>>58163840
Not made for IM.
>>58163858
kek
>>
>>58163863
>Not made for IM.
Well it still works better than whatever proprietary piece of shit people keep suggesting as a replacement, and it's still alive 30 years later because of that, so clearly it must be doing something right.
>>
>>58163811
matrix
>>
>>58163885
>proprietary piece of shit
XMPP isn't proprietary.
It really sucks that Telegram is only open on the client side though.
>>
>>58163888
I assumed it would be some convoluted P2P shit like Tox, but looking it up, it seems like something really similar to XMPP with federated servers. This could be nice.
>>
noob question, can xmpp be fully p2p or does it always need a central server?
>>
>>58163926
Matrix is basically XMPP. There's no difference apart from hipster marketing.
>>
>>58163934
In principle you could run an XMPP server on every peer, and use it for that user only. But the point of having more centralized XMPP servers is that they're always online, which lets you do stuff like sending and storing offline messages.
Overall, XMPP is decentralized - not centralized. There's not a single “XMPP” server, there's a gigantic network of XMPP servers that are themselves organized in a p2p manner, and each XMPP server has a number of local clients around it. So it acts as a central server for its local area, but not for the entire network.
>>
>>58163936
>Matrix is basically XMPP
It seems to be a new protocol though. XMPP has issues, like big overhead due to using XML.
>>
>>58163956
Yes, but I mean feature-wise Matrix is basically XMPP. The protocols are equivalent in terms of their overall design and what they provide
>>
>>58163967
That sounds just like what I want!
>>
>>58163980
Great, so install pidgin, pick an XMPP server near you (or host your own) and off you go!
>>
>>58163954
Thanks for the explanation anon. The benefit of using cockli's server per example to a local server would be tightened security and better Tor support per example?
>>
>>58163967
>>58163980
I'd love to have a fork of Psi+ replacing all the internals so it's a Matrix client instead.
>>
>>58164032
>The benefit of using cockli's server per example to a local server would be tightened security and better Tor support per example?
I'm not sure I would trust cockli to have any amounts of security whatsoever, so I wouldn't agree with that statement.
Also, I'm not sure what you mean by “better Tor support”. Are you using Tor to connect to your XMPP server? First of all, that's one of the most dangerous things you could possibly do, second of all, how would that depend on the XMPP server?
>>
>>58164081
I'd love to have a weechat plugin that turns it into an XMPP or Matrix (idc) client.
Which actually exists for matrix (https://github.com/torhve/weechat-matrix-protocol-script), but last time I tried it it was a broken piece of shit and didn't actually work
>>
>>58164091
>First of all, that's one of the most dangerous things you could possibly do
Why? Wouldn't OTR be enough to not get my ass handed to me by the exit node?
>>
>>58164117
1. You're leaking metadata. OTR doesn't encrypt who you talk to. Is the other party using Tor as well? Can you guarantee that? OTR also doesn't encrypt the connection to the server, which will still be something like TLS. (Do you trust TLS?)
2. Using Tor sets you up for OPSEC failures. It's basically great power at great responsibility. Yes, you gain a lot - but fuck up once and you will get your ass handed to you. Even something like time-of-day correlation can be enough to help bust you.
3. Connecting to something that either personally identifies you or narrows you down to a comparatively tiny set of users (e.g. all accounts on that XMPP server) is a great way to almost completely negate the benefits of using Tor.
>>
>>58162994
What do you miss?
>>
>>58164193
Yeah number 3 and number 1 were my greatest concern, you always depend on the second party's OPSEC as well.
Is TLS really that weak against govt actors/non govt actors?
Thanks for all the insight anon.
>>
>>58163073
xmpp.jp
>>
>>58163807
Die some reason, there ia still one google-user I can Talk to.
>>
>>58163073
i2p.rocks
has both tor and i2p hidden service access.
>>
>>58162994
Use Conversations on android and ejabberd on CentOS as server.
>>
>>58164262
>is tls weak against state actors
if they control a trusted CA they are god.
>>
>>58164193
1) Client to server connection is secured with TLS, OTR is a second layer of encryption that encrypts the body of the message and it is end-to-end.
The server know who you write to and when, nothing more, nothing less.
>>58164262
TLS is fine as long as you sign your own certificate and configure your server in the right way.
It even provides perfect forward secrecy.
>>
>>58164262
Unless you're tightly controlling the set of acceptable certificates (e.g. hard-coding a CA or public key pinning), TLS is trivial to defeat even for non-govertnment a ctors.
Anybody with a valid CA can forge valid TLS certs for any domain they want. This idea hasn't been drilled enough into peoples' heads.
>>
>>58164511
>1) Client to server connection is secured with TLS, OTR is a second layer of encryption that encrypts the body of the message and it is end-to-end.
Maybe if could read past the first sentence of my post before responding to it, you would see that I already mentioend and commented on this.
>>
>>58163811
carrier pigeon
Thread posts: 48
Thread images: 1
Thread images: 1