Thanks to @Klaatu for sharing this chart on which encrypted chat apps are the best.

Can anyone please share more details about Smoke and Goldbug?

How easy are they for normies to use?

Thoughts/experiences on the others?

I asked in 2019 which encrypted messaging app was the one known to be compromised and @yukiame told me Signal.

Is that true? Do we have documentation on that? Is Telegram any more secure than Signal?

@ProfWorr @Klaatu

Does anyone know of a good Tox chat client for iOS?

I did some quick searches and I can only find Tox clients for Android

@Klaatu @barrett @PhoneBoy @AdamAtSea @m000se

@Economic_Hitman @Klaatu missed criteria "has a website that doesn't look like shit" lol

@Economic_Hitman @Klaatu subscribing to this thread. Am bit geeky. Might give em try and let you know should we fail to dig for this info.

@tightarseindian @Economic_Hitman @Klaatu

There are XMPP clients in the chart, like Conversations.

The main problem I've had with XMPP is every client and every server has a different set of things it supports, so you can never say to your non-tech friends: "Oh you're on XMPP, great! Let's video chat!" because it probably won't work. And I've had issues where some features would work or not depending on the network I'm on, like if we're both on the same LAN it's a problem.

@tightarseindian @Economic_Hitman @Klaatu

It's one thing not to have certain features. It's another to never be sure what might work and what might not.

@Economic_Hitman @yukiame @ProfWorr @Klaatu I thought it was telegram that was compromised. Signal I thought is considered ok, but we really don't know for sure ... it Snowden's thing so yeah ...

From the chart I installed Smoke, but don't understand it. I guess I have to roll my own server ...

@cgeek5467 @Economic_Hitman @yukiame @ProfWorr @Klaatu
Yea smoke doesn't look easy if your not into tweaking servers and such. Same with Goldbug since they are just different clients for the same underlying protocol called "Echo".

@harvhat @cgeek5467 @Economic_Hitman @ProfWorr @Klaatu hmmm looks very Advanced , so i personallt trust Signal, Threema and Telegram

and remember moving all your contacts to one app takes years

@yukiame @cgeek5467 @Economic_Hitman @ProfWorr @Klaatu
I use Wire and Signal, Signal because it works as my SMS app.
I don't even attempt to move all my contacts, hence the SMS part.

@Economic_Hitman @yukiame @ProfWorr @Klaatu
I assume they are all comprised. I think signal maybe comprised by less three letter agencies the some of the others, is easy to use anyway.

@Economic_Hitman @Klaatu I've also installed element, briar, antox and session. Already had keybase and cyph ... those aren't on that chart though.

@Economic_Hitman @Klaatu
I use telegram on multiple devices. Not sure this chart is completely correct

Yeah I found the same chart, which made me more pessimistic about iOS Tox apps/

I'm leaning toward setting up a private XMPP server for my martial arts group. That way they can choose their own clients and do not need to use my server if it sucks.

This will be the first server I have set up before for anything beyond a simple program running on LAN or localhost. Any tips?

@AdamAtSea @Klaatu @PhoneBoy @jeremiah

@AdamAtSea @jeremiah @melodiousowls @Economic_Hitman @barrett @Klaatu @PhoneBoy @shebang yeah but nome of that nasty new foil.

None of that works. Either we source vintage foil or one of the tasks for initiates will be pressing the kosher kind.

Yeah @jeremiah that works!

@GWFF @Economic_Hitman @barrett @AdamAtSea @Klaatu @PhoneBoy @shebang

Mandela’s wife totally did protests with her «football» Club minions carrying traditional weapons.

Yeah kinda like a historical Martial arts thing. With capital M in Martial. I have heard stories about Mrs Mandela’s enemies being scared shitless by the armed, angry, dancing crowd. So there you might have your pool thing also @melodiousowls

this may sound naive but since my XMPP server would be just used by me and less than ten people, I figured I could just use my desktop computer as the server.

I know it's better to use dedicated server hardware or rent a cloud server but I have no idea where to start with that. As long as my PC has a constant internet connection, good amount of RAM and is always on, can't I just use it?
@barrett @AdamAtSea @Klaatu @PhoneBoy @jeremiah

Yeah, not a great idea. You’re opening yourself up for goatse and fail. Buy a Raspberry Pi or use an old computer with Linux installed or something.

@AdamAtSea @Economic_Hitman @barrett @Klaatu @jeremiah

Rather than owncloud/nextcloud like @AdamAtSea suggested?

or rather than host my own server on my PC? Because my daily driver is an old desktop PC running Linux.

Are you saying just don't use my main machine because it's a security risk, and use a Raspberry Pi or machine I don't care about?

@barrett @Klaatu @jeremiah

Exactly what I’m saying. Don’t use your primary desktop because it’s an added security risk. Whether you do it with Owncloud or something else.

@Economic_Hitman @AdamAtSea @barrett @Klaatu @jeremiah

@Economic_Hitman @PhoneBoy @AdamAtSea @barrett @Klaatu @jeremiah

I mean ultimately its about budget right? I think an ideal solution for self hosting is a separate machine that runs isolated containers or virtual machines. Depending on what exactly you are hosting you probably don’t need a machine that’s all that great for that, especially /w containers. (I like proxmox for this).

However, if your budget is limited, yeah a raspberry pi can sure work.

That’s why I always keep around my old computers to re-purpose for my wacky adventures. Good enough to host a lot of good services is a lot less requirements than to play the latest games, after all.

Now I'm researching how to set up VirtualBox on my Windows 10 laptop so I can run an XMPP server. It will just be me and maybe 10 martial arts buddies.

What OS should install as the guest on my VM? Is there a benefit to using OS's dedicated to server applications like Windows Server 2016 or can I use a desktop/PC OS like I'm familiar with, like Ubuntu 18.04 LTS?

@shebang @jeremiah @barrett @PhoneBoy @AdamAtSea @Klaatu

@Economic_Hitman @jeremiah @barrett @PhoneBoy @AdamAtSea @Klaatu Well. Never use Windows anything for server stuff. As far as a server distro, Ubuntu Server is perfectly good. If you now Ubuntu then Ubuntu Server is the same commands already, just with less stuff installed.

Ok thanks! I'll use Ubuntu Server.

But why can't I use Windows for server stuff even if it's just the host to my VM?

@shebang @barrett @jeremiah @Klaatu @AdamAtSea @PhoneBoy

@Economic_Hitman @barrett @jeremiah @Klaatu @AdamAtSea @PhoneBoy Well, why would you? Now if you have an insecure hypervisor (actually not always a huge deal) but why have windows chewing up resources when all you need for a hypervisor is something small to run VM’s?

By hypervisor do you mean host OS?

Yeah the only reason is I don't want to make this task anymore complicated. My Windows laptop is my least used computer.

I could wipe it and install another OS but I just want to get this done in a few weekends.

@shebang @barrett @jeremiah @Klaatu @AdamAtSea @PhoneBoy

@Economic_Hitman @barrett @jeremiah @Klaatu @AdamAtSea @PhoneBoy Yeah. Hypervisor is the top level OS. Well, it work, sure. You work with the tools and time you have.

let's say I wipe my Windows laptop and replace its OS with Linux. Now I'll dedicate this machine as my server to just run Prosody (Jabber).

Would you still recommend the VM approach? Does adding that extra layer provide enough security to my clients alone?

Or, if I run my Prosody directly on my server machine then what security measures should I take?
Would that be harder than securing it on a VM?

@barrett @jeremiah @Klaatu @AdamAtSea @PhoneBoy

@Economic_Hitman @barrett @jeremiah @Klaatu @AdamAtSea @PhoneBoy VM’s or containers do potentially add to security, but I mean, if a vm/container gets compromised it still exposes everything else on the network to potential attack.

There is no magic for security, really, keep things updated, only open ports you need, etc etc.

@shebang guess I got more research to do.

You're super! Thanks for all your help.

Sign in to participate in the conversation
No Agenda Social

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!