I think XMPP.

  • poVoq@lemmy.ml
    link
    fedilink
    arrow-up
    10
    ·
    3 years ago

    Depends on what you consider to be important for being “safe”.

    Using matrix as is out of the box is relatively secure but you need to be aware that a lot of metadata ends up on the servers of a UK based for-profit & venture capital funded company (New Vector).

    Xmpp on the other hand requires a bit more research to find a good server and client, but it can be made to be extremely secure, especially when self-hosting and/or using Tor for connecting to it.

    IMHO there is no silver-bullet and every option comes with trade-offs. Depending on you needs other options like Threema, Signal and Telegram with their e2ee & open-source clients but centralized servers can also be worthwhile to look at.

    • Halce@lemmy.ml
      link
      fedilink
      arrow-up
      4
      ·
      3 years ago

      Using matrix as is out of the box is relatively secure but you need to be aware that a lot of metadata ends up on the servers of a UK based for-profit & venture capital funded company (New Vector).

      Using 3rd party clients should really be encouraged.

        • Halce@lemmy.ml
          link
          fedilink
          arrow-up
          3
          ·
          3 years ago

          Would it even be possible to encrypt some basic metadata? I doubt that.

          • poVoq@lemmy.ml
            link
            fedilink
            arrow-up
            3
            ·
            3 years ago

            Mostly no, but the best way to deal with such meta-data is not to store it, or at least delete it as soon as possible. Which is the exact opposite of what Matrix does.

          • jhghjb (he/they)@lemmy.ml
            link
            fedilink
            arrow-up
            3
            arrow-down
            2
            ·
            3 years ago

            xmpp encrypts everything, metadata included

            it’s not easy and makes the protocol really hard to implement but it is possible

            • poVoq@lemmy.ml
              link
              fedilink
              arrow-up
              5
              ·
              edit-2
              3 years ago

              Sadly that isn’t the case. Most of the metadata on XMPP is also exchanged only TLS transport encrypted and is thus available on the server in clear text. The main difference to Matrix is that it generates and exchanges much less metadata and most XMPP servers are configured to delete all the metadata after a relatively short period of time.