this post was submitted on 23 Sep 2023
60 points (89.5% liked)
Privacy
31991 readers
495 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
SimpleX being a hybrid p2p model means that it leaks more metadata to 3rd parties than XMPP for example.
They explicitly recommend using Tor with Simplex for that reason.
I would suggest you change the "meta data" field for it to "probably ok", but the design of the system makes it a risk factor, so without Tor it is probably more of a "barely ok".
What metadata is leaked? AFAIK, the relays you connect to don't even know who you are because there's no single identifier tied to you.
IP addresses mainly, which is the worst kind of meta-data as it can be linked to your real location and name relatively easily.
I mean, XMPP also leaks your IP to the server if you don't use Tor or a VPN. If you don't trust the server, it's a must to hide your IP.
I don't think that changes anything in the comparison. Except Briar, which uses Tor by default, I think that every other messenger reveals your IP to the server if you aren't actively hiding it. That's just how it works. At least SimpleX and XMPP can be used through onion services, something that others don't offer.
The vital difference is that with XMPP you consciously choose a server host (or self-host) that is acting like a proxy for you and thus protects your privacy, even if you don't use Tor.
With SimpleX there is basically a random list of relays that you know next to nothing about, and which could in fact be mostly honey-pots, and you are connecting directly to them, which makes Tor almost mandatory.
For me it boils down to the fact that there is no such thing as trust-less communication, so you should choose carefully whom to trust and minimize the number of people you need to trust. XMPP is IMHO the clear winner on that, because it's basically only your home-server you need to trust.
yeah I agree that XMPP is currently the best option.
But SimpleX is also self-hostable, you can configure it to only connect to your own relay server. Or just use .onion servers. So SimpleX is a close second IMO.