brayd

brayd , 1 month ago

Signal can't see who is texting who. They can't see which groups you are part of. Those information are end to end encrypted, same as your chats itself, your profile picture, your stories, etc.

Signal doesn't store message timestamps either.

What Signal itself knows of you is your phone number, the timestamp of your registration, the timestamp of your last connection to the server. That's it.

Yes metadata is critical but Signal handles metadata very well. Indeed, even though I'm a fan of Matrix, better than Matrix. Matrix is a metadata nightmare due to it's centralized structure and the way the protocol works.

brayd , 1 month ago

Signals server is open source. You can run a server. You just can't connect to the main net because each server is it's own thing so it doesn't make sense besides for development purposes.

Please don't spread misinformation.

• Signal server is open source (as said) and thus can be verified: https://github.com/signalapp/Signal-Server
• and no they can't see who you message as you can read in the technical specifications of the protocol: https://signal.org/docs/

brayd , 1 month ago

The good thing here is that you don't need to trust the server in order to have a secure communication since your clients decrypt and encrypt and not the server.

Yes they can optimize with things like this but that doesn't make it insecure. It's still the most secure solution that the average person can use.

Threema doesn't even have the server open sourced at all, are for profit and their encryption has been compromised.

Session is shady.

Matrix is a metadata nightmare due to it's federated aspects.

SimpleX is the only thing that is secure, anonymous and good in this regards but it has some small details left that prevents people from switching. I.e. simple things like the fact that you can't see an overview of your images and videos sent in a chat without scrolling up all those messages. It seems trivial but for the average user stuff like that is important since they know it and use it every day in other messengers.

brayd , 1 month ago

Fully agree. That's also the main reason I am using Notion even though it's not FOSS, not encrypted etc.

I was fine using Obsidian (even though it's not FOSS either, but you own your data) but I can't figure out a good way to track books and quotes plus my opinion about them while querying them the same way it works in the database with Notion. Dataview is great for many things but doesn't have pagination etc.

brayd , 1 month ago

Yes, I have tested Logseq and even donate to them monthly. However I don't use it actively. Reason is that I just can't figure out a way to store my quotes and my opinion about them from books the same way I do it in Notion.

Basically I store my quotes like this:
https://discuss.tchncs.de/pictrs/image/33c4ce22-f5b0-43c0-849c-af41796e3a41.png
Inside each quote I write my opinion or the summary of the quote in my own words, etc.

And then for the books I have it like this:
https://discuss.tchncs.de/pictrs/image/7347618a-9782-4f27-a830-40273de1dd46.png

And inside each book I have the quotes linked:
https://discuss.tchncs.de/pictrs/image/618a8473-bc02-4b19-89bf-c48be8f5db41.png

So yeah I haven't found any way in Obsidian or Logseq to replicate this structure. It's always something simliar that's not working the same way and feels off and only with tweaks, custom CSS and stuff like that.

brayd , 2 months ago

Hydra

brayd , 4 months ago

I love Immich and Sharkey but both use Discord. Sharkey even used Matrix in the beginning but eventually switched to Discord. I think their reasoning was that they were often attacked by trolls etc. and that Matrix didn't had good options for moderation etc.

And while I love Matrix I fully agree. Yes there are moderation bots like Draupnir and they're good but you will need to self host them and register a user for them and and and. It's not as easy as with Discord or even Telegram bots. Also there are many Discord bots providing very fun elements like levels, reputations, roles etc. which simply do not exist or aren't even possible in Matrix as it currently is.

On top of that we have the decentralization "problem" for end users who aren't technical. They simply don't care much about privacy and they don't care if Discord stores every single message and picture in clear text forever on their servers. It's easier to create a Discord account on a centralized platform than understanding Matrix understanding which server to choose, understanding which client to choose and understanding how encryption, key management etc. works. Yes decentralization is important and great but for the average user it's still something that they do not really know which "overcomplicates" it for them.

And another point is that Matrix spaces are simply not the same as Discord servers. Channels are not as easy to manage because they are rooms on their own in Matrix and a space is not a server but rather a way to organize multiple rooms. Not every client supports spaces yet. Clients implement them differently. Then there's Element and Element X on phones confusing people new to Matrix etc. In Discord several channels can be grouped in another category. In Matrix you'd use Subspaces for that giving you the same issue as with normal spaces.

And most clients don't implement simple things on mobile like...sending multiple images at once. From the perspective of an end user that fact annoys the heck out of anyone wanting to send several pictures.

So yeah I think it's a mixture out of those things.

Matrix especially needs better bot support with bots that could be used by everyone as it is with Discord instead of being only usable by server admins or the bots creators as it is with many Matrix bots. And it does need a better solution for spaces with rooms or another thing in the specs that replicates how Discord servers work so that it's a "space" with actual "subchannels" without every space technically being it's own room dangling around in limbo and just being "sorted" into the space.

And it needs better moderation tools.

brayd , 4 months ago

But IRC doesn't really support E2EE in 1:1 chats right? Because that's something very important for me. I don't want to use an app only for public channels I ideally would like to use it for everything. Including messaging the people I know.

brayd , 4 months ago

I had everything behind my LAN, but published things like Nextcloud to the outside after finally figuring out how to do that even without a public IPv4 (being behind DS-Lite by my provider).

I knew about Cloudflare Tunnels but I didn't want to route my stuff through their service. And using Immich through their tunnel would be very slow.

I finally figured out how to publish my stuff using an external VPS that's doing several things:

• being a OpenVPN server
• being a cert server for OpenVPN certs
• being a reverse proxy using nginx with certbot

Then my servers at home just connect to the VPS as VPN clients so there's a direct tunnel between the VPS and the home servers.

Now when I have an app running on 8080 on my home server, I can set up nginx so that the domain points to the VPS public IPv4 and IPv6 and that one routes the traffic through the VPN tunnel to the home server and it's port using the IPv4 of the VPN tunnel. The clients are configured to have a static IPv4 inside the VPN tunnel when connecting to the VPN server.

Took me several years to figure out but resolved all my issues.

brayd , 4 months ago

I had the same issue. Wrote another comment here explaining my setup to solve my ISP issue.

brayd , 4 months ago

With DS-Lite you don't have a public IPv4. Not a static one but also not a dynamic one. The ISP just gives you a public IPv6. You share your IPv4 address with other users. This is done to use less IPv4s. But not having a dynamic IPv4 causes you to be unable to use DynDNS etc. It's simply not possible.

You could publish your stuff via IPv6 only but good luck accessing it from a network without IPv6.

You could also spin up tunnels with SSH actually between a public server and the private one (yes SSH can do stuff like that) but that's very hard to manage with many services so you're better of building a setup like mine.

https://www.juniper.net/documentation/us/en/software/junos/nat/topics/topic-map/security-ipv6-dual-stack-lite.html