Encryption happens client side, not server side, so that should alleviate some concerns however it's still worthy of discussion.
Signal is the only private messaging app that I've tried that hasn't sucked, or wasn't a privacy concern in itself.
Encryption happens client side, not server side, so that should alleviate some concerns however it's still worthy of discussion.
Signal is the only private messaging app that I've tried that hasn't sucked, or wasn't a privacy concern in itself.
Well, while open source does not mean it's secure, this is still a weird thing to do.
I would simply recommend to stop using Signal and start using XMPP with OMEMO encryption, since this is the gold standard of instant messengers, at least for me. You should especially stop using Signal because it requires your phone number, which immediately disqualifies it for a private messenger.
Element.io is fantastic
Matrix itself is decent, but the official software is utter shit.
Element is a bloated electron mess that's somehow bigger than pisscord and it's buggy as all hell (from small UI bugs to losing connection/not receving messages). Don't get me started on the mobile version. Oh and fun fact, even though olm is implemented in C so it can run natively on pretty much anything, desktop Element still goes through wasm for EVERY MESSAGE, because the devs are retarded enough to not be able to link a binary to a release exec.
The server is even worse, even installing this piece of shit can be a challenge (especially out of the Linux comfort zone) and it hogs EVERYTHING. Say goodbye to like 3 GBs of RAM for a few rooms and users. Say goodbye to your disk space & cpu because python.
The only thing they haven't fucked up yet is Dendrite, the second-gen server which actually looks promising, but it's still in beta it's probably too early to call.
Installing Synapse with docker and a TLS reverse proxy is a relative breeze. Like almost all server software, it requires some setup and general LInux knowledge. I haven't personally noted a lot of performance issues, but I concur that choosing Python (they even started with version 2) was a bad design choice. Good for prototyping but definitely not suitable for large-scale production usage. Hopefully Dendrite will reach feature parity soon. Moreover, they're doing some serious work on the p2p end and a working client exists already (https://p2p.riot.im).
I don't think Element has a bad UI, but there's definitely some room for improvement. Am not a fan of their use of HTML/CSS/JavaScript, I would have preferred a Rust GTK/Qt client but I understand that at this point in the project stage it's important to support the widest variety of platforms to serve the largest possible userbase. Performance and optimisation can always come later.
KeeJef wrote
Yes lol, the client is making calls to endpoints on the server which don't even exist in the publicly released code. Saying all messages are encrypted avoids the question of metadata and how the server actually deals with that metadata.