I heard that XMPP is better for privacy and security over Matrix because of the issues outlined in this article. So I wanted to ask why does Lemmy choose to run a Matrix server over a XMPP server?
A lot of us prefer matrix to xmpp. But also I’m not sure if ppl have done a similar analysis of what metadata XMPP currently leaks.
Also you don’t need an email or phone number to sign up with matrix, or create an instance, which IMO would be the most dangerous identifiers to be leaked to other servers.
Lemmy has got XMPP bridge.
XMPP didn’t take off because it’s not user friendly
Lemmy wants to have a bigger audience
So Lemmy doesn’t use XMPP
It’s not rocket science. It’s the same reason every other service that takes 48 hours to set up (+10 hours per new user) doesn’t take off. The devs and project visionaries blame random complex problems while they dance around the actual issue.
It simply doesn’t matter if XMPP is better if it can’t do the job.
I know you are exaggerating your point, but this is simply not true. You can have an XMPP account simply by downloading an app and signing up on a free server. Takes not more than a few seconds.
What is true though is that XMPP these days is more geared towards mobile use and replacing services like WhatsApp or Signal as a personal e2ee messenger, while Matrix is a bit better for IRC/Slack/Discord like support channels (although IMHO IRC is still the best in that area because it doesn’t need sign-up at all in most cases).
XMPP took me less than 1.5 hours to setup using prosody and I had a e2e encrypted chat session and from what I can see on the server side logs the only thing its actually logging is when the client authenticated to the server and when the client has disconnected
It’s easy to create an account on Matrix (without PII) vs hosting your own XMPP server. Ease of use is important too.