Everyone loves a comeback story.
Can a 20 year old overlooked technology make a comeback as a completely decentralized, free, and scalable technology for the growing masses of people who value freedom and privacy?
How easy would it be for a government (USA), to block or attack Matrix/XMPP servers, or place the people/admins using them under surveillance? How resistant is Matrix/XMPP in China, Iran, and other places? Is there something better?
While it is highly unlikely that a government would block the whole XMPP protocol (which is used for many things), it is entirely possible that they block specific servers, or block client connections to foreign servers, as is the case with many services going through China’s Great Firewall for instance. (…) In the most extreme cases, it is possible for a network operator (or government order) to block the Jabber/XMPP network entirely. In this case, using censorship-circumvention mechanisms like Tor can help you stay in touch. However, please be aware that circumventing government censorship may be a criminal offense where you reside, and you may end up having trouble with your local authorities if they find out.
Both XMPP and Matrix can be reached via HTTPS so it becomes complicated for complete eradication. If state-level censorship is a concern of yours, Matrix is certainly more suited as a protocol as it has complex algorithms to resolve global state (consensus) in case some servers can’t talk to one another.
Some other technologies like Briar are even more suited for this threat model, as it assumes all networks are compromised and/or unreachable. That is, it relies on gossip over lan-friendly medium (local wifi, USB keys…) with optional use of Tor onion services for reaching through the Internet without exposing so much metadata (beyond the fact you’re using tor).
In Matrix client to server connections are just normal web-traffic, so that would require some deep packet inspection to block (pretty difficult but not impossible), however server federation uses a custom port and could probably blocked more easily.
XMPP by default uses custom ports and is quite easy to block by firewalls / routers, however it is possible to also use it via a normal web connection to circumvent that. That said, a lot of professional services use XMPP internally (emergency communication services, smart-meters etc.) and thus wide-spread blocking would be pretty disruptive for a lot of things. It is also possible to connect to and run a XMPP server entirely through TOR, which is pretty hard to block.
Neither is really great in that regard, but they are still harder to block then centralized commercial services (although Telegram tries to be “smart” by hosting their stuff on AWS etc, which also makes it hard to block as other stuff would be effected). Using XMPP through TOR should be relatively resilient though, but note that in some countries using TOR and other such services is illegal by itself AFAIK.
I like that a XMPP node can be hidden on the Tor network, however I have some concerns on the safety of connecting to Tor, even through bridges (if a government can setup a bridge and then monitor connections).
How easy would it be for a government (USA), to block or attack Matrix/XMPP servers, or place the people/admins using them under surveillance? How resistant is Matrix/XMPP in China, Iran, and other places? Is there something better?
From the FAQ i linked:
Both XMPP and Matrix can be reached via HTTPS so it becomes complicated for complete eradication. If state-level censorship is a concern of yours, Matrix is certainly more suited as a protocol as it has complex algorithms to resolve global state (consensus) in case some servers can’t talk to one another.
Some other technologies like Briar are even more suited for this threat model, as it assumes all networks are compromised and/or unreachable. That is, it relies on gossip over lan-friendly medium (local wifi, USB keys…) with optional use of Tor onion services for reaching through the Internet without exposing so much metadata (beyond the fact you’re using tor).
The gossip protocol is interesting. Have also been interested in swarm, Whisper, devP2P, libp2p.
In Matrix client to server connections are just normal web-traffic, so that would require some deep packet inspection to block (pretty difficult but not impossible), however server federation uses a custom port and could probably blocked more easily.
XMPP by default uses custom ports and is quite easy to block by firewalls / routers, however it is possible to also use it via a normal web connection to circumvent that. That said, a lot of professional services use XMPP internally (emergency communication services, smart-meters etc.) and thus wide-spread blocking would be pretty disruptive for a lot of things. It is also possible to connect to and run a XMPP server entirely through TOR, which is pretty hard to block.
Neither is really great in that regard, but they are still harder to block then centralized commercial services (although Telegram tries to be “smart” by hosting their stuff on AWS etc, which also makes it hard to block as other stuff would be effected). Using XMPP through TOR should be relatively resilient though, but note that in some countries using TOR and other such services is illegal by itself AFAIK.
I like that a XMPP node can be hidden on the Tor network, however I have some concerns on the safety of connecting to Tor, even through bridges (if a government can setup a bridge and then monitor connections).
I like that XMPP servers can talk to each other.