A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 13 users / day
- 20 users / week
- 70 users / month
- 244 users / 6 months
- 14 subscribers
- 2.01K Posts
- 9.02K Comments
Interesting. Can you elaborate?
In matrix pretty much everything is a public, logged append-only datastore (a room in matrix vocabulary). There is some access-control applied on top but it means that basically any server involved in some room (because their users are part of it) gets a full copy of the full history of the room including all user addresses.
In contrast, XMPP has a clearer threat model: your server knows about you, the server of a user you’re communicating with knows about you, 3rd party services you employ know about you (eg. chatrooms) but other users of that 3rd party service don’t. Practical example: when i join room firstname.lastname@example.org from email@example.com address, i’m giving the chatroom server (MUC server) a nickname to identify me with. When other users receive messages in the chatroom from me, they see it from southerntofu from chatroom firstname.lastname@example.org but have no idea what my actual JID (XMPP address).
That’s certainly good for reducing chances of having all your messages being logged by a sysadmin somewhere, but it’s even better for abuse-resistance. Having your address leaked in every public interaction is fine for most people but is a no-go for people who have stalkers or are targeted by harassment campaigns. See also this HN thread on XMPP and anti-abuse mechanism.