cross platform chat alternative to facebook messenger?

phourniner, 6 months ago

www.beeper.com/cloud

Was invited to this earlier in the year and it seems to be alright?

bmcgonag, 6 months ago

Rocketchat is simple enough to setup. Does everything you want, and is FOSS.

oranki, 6 months ago

I have a feeling you are overthinking the Matrix key system.

• create account
• create password you store somewhere safe
• copy the key and store somewhere safe
• when signing on a new device, copy-paste the key

Basically it’s just another password, just one you probably can’t remember.

Most of the client apps support verifying a new session by scanning a QR code or by comparing emoji. The UX of these could be better (I can never find the emoji option on Element, but it’s there…). So if you have your phone signed in, just verify the sessions with that. And it’s not like most people sign in on new devices all the time.

I’d give Matrix a new look if I were you.

mydude, 6 months ago

I’m trying out ‘Skred’, looks promising. Not open source.

erAck, 6 months ago

So many to choose from… bkil.gitlab.io/secuchart/

boggedgibbon75, 6 months ago

Discord?

Andy, 6 months ago

If you want, you could use Telegram without your real phone number by either getting a virtual number from Google Voice or another service, or you could buy a Telegram-only number from their fragment site.

Chewy7324, 6 months ago

Telegram doesn’t support E2E cross-device history. It’s more similar to Discord than to secure e2e messengers like Signal or WhatsApp.

drb, 6 months ago

I wonder if Delta Chat would work for you.

Pantherina, 6 months ago

If Facebook messenger is the comparison, Deltachat is awesome. Its very bloated though if you use it for email too. Also for some reason it doesnt delete messages from the server which is really annoying

linuxPIPEpower, 6 months ago

I have seen it but never tried it. I kind of got the impression it was like a novelty/experimental thing rather than a general purpose serious application. Is that incorrect?

Does your email account get filled up with bazillions of messages? I once installed an app that “backed up” all my SMS to email; it made 1 email for every SMS. It was terribly annoying because when searching mail for something all these irrelevant scraps of old conversations ago clutter up.

Or do you just have a separate mail account to use on chat?

sxan, 6 months ago (edited 6 months ago)

Session satisfies all your points. It started life as a fork of Signal, but is not tied to any PII. Synced across devices, everything. iOS, too, even. The only thing it doesn’t have is a terminal client, but it’s easly days.

I’ve tried them all; so far Session is the only one that passes the non-tech-spouse test. We were happy sith Wire for a couple of years, but it’s been going through some severe enshittification in the post several months.

Edit fixed the fdroid repo URL

AustralianSimon, 6 months ago

Page not found FYI

linuxPIPEpower, 6 months ago

getsession.org their website is an incredible abuse of mouseover omg…

linuxPIPEpower, 6 months ago

so if you click documentation on the session website it brings you to this page docs.oxen.io/oxen-docs/…/session

I am seeing the words “blockchain”, “economics”, “token”, “instant transactions”… And one click to NFT crypto stuff.

I remember hearing that blockchain tech could be used for stuff other than scams but it is used for scams a lot and this app seems to be related to scam-type activity.

Can someone provide any insight?

sxan, 6 months ago

a. not all blockchain is bad b. I have neither seen, nor heard, of blockchain or cryptocoins on the platform. If blockchain is being used under the covers, it’s not visible to users. I see no ability to do anything with NFTs or cryptocoins in any of the clients.

Session delivers messages more reliably than many platforms; E2E encrypts all messages (unencrypted is not even an option); requires no PII; has a good battery profile on mobile; reliably allows sharing, and has nice QOL features (that my non-tech family members have come to expect) like animated GIF search-and-embed; it supports message deletion and dissapearing messages; it has encrypted voice and video chat.

If there’s any blockchain in the stack, then Session is an excellent example of its usefulness.

It’s all open-source, too, so audit away.

It’s not perfect, of course. There’s no CLI client. Because there’s no PII, there’s no registry, so connecting to people is harder than many platforms, and looking people up, impossible. The desktop client is an Electron app, so it’s typically resource hungry. It doesn’t yet have sent message editing.

linuxPIPEpower, 6 months ago

Well I will say that I totally didn’t predict crypto would pop up in this thread. Curious.

getsession.org > Technicals > Documentation > Overview

In exchange for maintaining reliable and trustworthy blockchain nodes, node operators periodically receive rewards in the form of $OXEN tokens.

It sounds like what it is saying is that people who host the remote servers are paid in this crypto currency for the service. Cryptocurrency is mainly useful for laundering money and scamming people. I am having a hard time understanding (a) how there is enough demand for this niche chat service that it should play a major role in their little economy, and (b) where the usefulness of this crypto (e.g. value in fiat so you can do anything with it) could possible some in. Other than scams, laundering etc.

After that comes

long blah blah blah about crypto>Oxen was originally forked from Monero, and it’s still based on the CryptoNote protocol. From these beginnings, Oxen has inherited world class privacy and security features — including ring signatures, stealth addresses, and ring confidential transactions. Just like $XMR, $OXEN is fungible, private, and untraceable. > > The Oxen blockchain got started in 2018, with its first ever block being confirmed on March 5 of that year. Ever since then, the blockchain has been successfully and securely operating. On October 15 2019, we made the transition to Pulse — making Oxen one of the first ever Proof of Stake CryptoNote projects. The entire history of the Oxen blockchain can be easily viewed via this block explorer. As for the future, you can stay up to date on the project by checking out our Oxen Labs Updates. > > The Oxen blockchain also boasts Blink — truly private, instant transactions. Blink allows you to make transactions with all the confidence Monero enthusiasts love, but with a 1 second transaction time. Blink gives $OXEN the potential to be used as a true means of value exchange — not just storage — in a way no other coin can match.

It’s so… weird… to have all this as the introductory docs. Not a troubleshooting guide or dependency info but all this crazy scam BS.

I see that you are saying this crypto stuff doesn’t intrude on the app. Like you are not getting popups trying to scam you; OK. And you think the app is really good. Can the server/app could be de coupled from all this other stuff? Could it be run independently of this fake economy? That’s what I don’t understand about this “not crypto” blockchain stuff. If it’s not crypto, why is the documentation all about crypto instead of normal user or dev manual?

I appreciate the time to answer the question. But I have to be honest this feels icky. Don’t you get the feeling something sleazy is going on? At any rate when these people get caught or cash out won’t everything vanish?

erAck, 6 months ago

Session is crypto-bro-shit.

linuxPIPEpower, 6 months ago

discuss.tchncs.de/comment/5757510 ???

erAck, 6 months ago

What?

linuxPIPEpower, 6 months ago

Sorry that was pretty unclear lol

I was linking to another comment I wrote in this thread about this very strange cryptocurrency-based chat thing. I sort of had the impression maybe you have some prior knowledge of this. I never heard of it and find it puzzling just what the heck they are up to. I am not gonna use it because it smells bad. But am now interested to know what sort of business is going on. The person who recommended it sounds very satisfied with the chat interface. Why/how is it attached to crypto? Just… so weird.

halm, 6 months ago

I’ve used matrix and simplex for different friend groups. While I prefer the former in terms of privacy, I get your point that the encryption keys and account verification is kind of a pain in the ass. Simplex is pretty …simple in comparison, but then, I haven’t had to use it on more than one device yet.

Just for the federation of it all, I’m also eyeing Databag. Now, if I can get my contacts on board as well is another matter…

poVoq, 6 months ago

xmpp: similar to matrix the key situation is confusing, also no cross device history.

Please don’t tell me you only tried Pidgin 🤦‍♂️

Of course there is cross device history on xmpp. And what “key situation”? Its all automatic.

linuxPIPEpower, 6 months ago

pidgin, gadjim, chatty, dino, kaiden, psi, psi+… some other ones

it isn’t automatic from what I have found. vague “omemo”-related errors are popping up here and there.

what set up do you suggest where the experience is simple? it seems that there are a bunch of standards which servers and clients have varying support for. plus there is a plugin architecture for lot of them which extends or changes functionality, or it matters what version of libraries were used in compilation, and many other little details.

I believe that some people do have a seamless experience but ours hasn’t been. If there is some sort of documentation describing exactly how to get going I would appreciate it.

poVoq, 6 months ago

Well you can try snikket.org which packages a Prosody server with suitable clients and it all should just work ™. They also offer a hosted version.

On joinjabber.org you can also find recommended clients and servers that should work without problems.

But to be honest, none of the issues you describe are actually real in my experience. Yes you read them everywhere from badly informed online pundits, but if you use a modern xmpp client with a modern xmpp server it all just works without issues and e2ee keys are automatically exchanged on first message without any problem.

There are some vastly outdated clients like Pidgin that do cause issues, but it is a bit unfair to blame that on xmpp, when Pidgin has not updated their xmpp implementation for more than 10 years 🙄

linuxPIPEpower, 6 months ago

Do you have the impression that I have not actually had the problems I am describing? Like I just read online that other people had problems? Not the case. As I said after you assumed I “only tried Pidgin 🤦‍♂️” I have tried lots clients.

but it is a bit unfair to blame that on xmpp, when Pidgin has not updated their xmpp implementation for more than 10 years 🙄

Who is blaming anything on pidgin? you are the one who brought up pidgin.

The join jabber link is very nice and I didn’t find it before. But I actually tried the 2 linux clients they recommend: dino and gajim. And between us, going from memory I think we have tried all but 1 of the recommended servers.

The impression I got from digging around in repos (which I don’t really want to be doing just to get a messaging app tbh) is that the problems we had are legit open issues in some cases. But it is hard to diagnose because the client developers don’t have knowledge/control of the end user’s local environment or the server set up. And likewise the server admins don’t know the internals of every single client. End users with problems are challenged to collect all the required information. Here is an example from gagim: Chat History Sync Issue (#11380)

I do not think it is fair to characterize that user as a “badly informed online pundit”. They have a problem and it is basically too complicated to resolve with the available resources. There is probably some unknown contributing factor.

Snikket:

Help! I just want to chat!

Don’t worry! If there are no Snikket services that would give you an invite and if you are unable to run your own, Snikket may not currently be the right app for you.

poVoq, 6 months ago

snikket.org/hosting/

They can host it for you.

As for Gajim, I have been using it for years and never had history sync issues. Maybe you expect to be able to sync old e2ee messages on new devices? That is impossible to do with OMEMO and actually an intended security feature.

rufus, 6 months ago

Have a look at:

www.messenger-matrix.de

You could also use Matrix or XMPP without all the complicated e2ee stuff, room keys etc. It’s encrypted on transport. It won’t be super safe and have the highest level of privacy this way, but easier to use. You just have to remember not to enable room encryption. And maybe use SchildiChat instead of Element.

linuxPIPEpower, 6 months ago

That is a great chart. Do you think it’s up to date? One issue I had was trying to discern very old from current materials.

Thanks, we don’t need high level security, just a reasonable modern attempt at it. Due diligence. I had a hard time understanding what kind of encryption we “should” use.

I tried SchildiChat and I liked it except for all the problems that seems inherent to matrix.

rufus, 6 months ago

Sure, this chart is updated from time to time. (The guy who published it also has a very nice german tech blog: www.kuketz-blog.de ) But it only contains widely adopted messengers and focuses on open-source. So it doesn’t necessarily contain every good messenger out there.

I know. Matrix is quite good. I learned how to operate it, so that’s alright for me. But I know there are a few annoying things in there. And I think they did a few design decisions with the encryption that make it difficult to use. In the years I’ve been using it I’ve been annoyed many times by incompatible verification techniques or missing encryption support in some clients/libraries. It’s getting better but I can understand why you would prefer something else. I’m not an expert on messengers, I hope some of the other suggestions here work for you.

linuxPIPEpower, 6 months ago

I’m not an expert on messengers

me neither! and I have not desire to become one. :D

It has been a big surprise to see how involved you have to get and how much complex understanding is required just to chat. And in my group of friends I am one of the more power user types. If I struggle to use something, then I can’t recommend it to others. So far everyone is really discouraged and I think it is reflecting quite badly on the concept of moving away from corporate/proprietary solutions. And FLOSS. It seems like just not viable for average users. :(

In this kind of situation we don’t have unlimited chances to try all different options one by one. because in requires a coordinated effort for multiple people to make accounts, set up devices, learn new software etc. People do not have time for that on demand. I think for most people, you have 1 shot at this kind of thing, if any. And if they are not FLOSS-type people they will be basing their opinions of all of FLOSS alternatives on the experience.

Patience is wearing thin. I think if the next thing we try doesn’t work, then it’ll be back to facebook/whatsapp/sms for the next 10 years. So I want to find a viable suggestion or be able to manage expectations and adapt to what is realistic.

rufus, 6 months ago (edited 6 months ago)

Well, I get your frustration. But I also disagree.

There are several different things at play. first of all I think Matrix has made some non-optimal design decisions with their protocol. For example I think e2e-encryption should have been mandatory for clients to support from day one. With like 2 mandatory verification processes that are well-documented and taught to the users.

The second thing is, some clients are bloated and also expose weird stuff to the user. For example the device-keys (session-/room- whatever). That should be build on-top the encryption and handled without the user knowing anything about it.

That would leave us with 3 concepts to understand:

1. How to do the emoji-verification to verify new devices and other people
2. You need to do 1 backup to make sure you don’t ever lose access to your account, just write down a sequence of words or characters on paper or do a screenshot
3. a screen that shows you which devices are logged into your account with a button to delete them. No further handling of cryptographic keys

And I think with a few limitations that are due to the history of Matrix’s development, they strive to become that and aren’t far away from it. I don’t think it’s too complicated. I’ve taught 15 year old kids how to do the emoji-verification and why that’s important.

And it is important… If you take end to end encryption seriously, there is no way around verifying the other end once. You can see which messengers take it seriously and which don’t. For example WhatsApp doesn’t ask you this. And it can’t ever detect if this is really the person they claim to be. The only thing it can do is assume it and make sure the person at the other end doesn’t change. And the backup is non-negotiable, too. You either do that yourself, or let your provider do it. But then they have access to your messages.

And this isn’t Matrix’s or XMPP’s fault. security and convenience are somewhat on opposing ends and you can’t have both at the same time. It’s somewhat like this, and it’s a limitation of how the world is:

https://discuss.tchncs.de/pictrs/image/6665b118-115a-4312-84f6-b48e732a8bde.png

You’re free to choose where you want to be on that triangle. You can have something with many features and very secure. But that won’t be easy to use. Or you want something easy, but it won’t ever be secure. Matrix tries to be everywhere, but that can’t work. You can just disable encryption on Matrix, this will do away with all of that complicated stuff immediately, at the cost of some security. But you could also use WhatsApp or iMessage to talk to your friends. My grandma could use it, but it has other downsides.

I’ve been with the FLOSS people and advocating for freedom and empowerment of the user for quite some time. It’s always a struggle. You always have to actively fight for your freedom. And if you want to stay in control of your data, you have to take matters into your own hands, to some degree. And that is some work. You have to learn concepts and gain a certain amount of literacy. The other option is to give up parts of your autonomy.

With that said, I still think Matrix could do a better job and make it easier. I think it’s usable. But I’d be happy, too, if I could recommend it to more of my friends without there being any catch. In fact, I recommended it to other people and like 3 friends use it, my dad, my spouse and like 15 other people I know from real-life. They’re not all tech-savy and it works. There have been some issues, but that was some time ago and issues have become less and less over time.

linuxPIPEpower, 6 months ago

I did the emoji thing and even though I went through it correctly it did not proceed reliably. A problem with the client? Network issue? Who knows. Sometimes it works after a few attempts and other times not.

Encryption keys didn’t work because my password manager ended up with several keys all associated with the same account but I didn’t know what each one was for. (And did the keys each also have another password too? I might be thinking of something else.) They were for the account or the device or the conversation or the client or the session? And my friends were having similar issues; even when I get it set up someone else is having a problem.

I guess with all these things, it gets easier once you get going and stable. You can’t do the emoji thing without having a logged in client available. If everyone is bouncing around clients it’s a mess. There is nothing stable for any of us to join onto. I have used the occasional established matrix community and I don’t have these issues in that case. A lot of the complications come from the fact that we are trying to move together.

I’ve been with the FLOSS people and advocating for freedom and empowerment of the user for quite some time. It’s always a struggle. You always have to actively fight for your freedom. And if you want to stay in control of your data, you have to take matters into your own hands, to some degree. And that is some work. You have to learn concepts and gain a certain amount of literacy. The other option is to give up parts of your autonomy.

I mean the other other option would be to take care of each other and struggle collectively. I do not really think we get freedom one by one. I believe that to be in alignment with FLOSS.

Philosophically it’s kind of regressive to say that lost autonomy is deserved by people who fail to learn to the standards you think are reasonable in the areas you think they should know about. There is way too many things in the world we can’t all know about all of them.

rufus, 6 months ago (edited 6 months ago)

I did the emoji thing and even though I went through it correctly it did not proceed reliably.

Oh. That’s not how it’s supposed to be. I self-host my own (Synapse) matrix server. So I wouldn’t know if there are issues with the network or something like that with the established, big servers.

several keys all associated with the same account […] (And did the keys each also have another password too?)

Yeah, That’s too many details. It should be: you sign up for a new account, keys are generated and you are requested to back up your master key. Maybe that backup can be protected with an additional password, I don’t really know. From that point cross signing and all cryptography should kick in automatically. Everything should be handled without the user needing to worry about additional keys. And in my oppinion the additional inner workings should be hidden from the user. At that point you’re set and once you log in with a different device or add a friend, a popup should open telling you to verify the other user/device with the emojis.

If everyone is bouncing around clients it’s a mess.

That is the most annoying thing with Matrix. I’ve also had this happen. Some time ago I had clients not support emoji verification. Or I try to write a bot in python and it runs on a server with no means of displaying emojis. I think Matrix isn’t strict enough to handle the diversity of clients. In theory diversity is a good thing, but for Matrix… I’ve also had some issues with that exact thing.

[…] struggle collectively. I do not really think we get freedom one by one.

That is especially true for messengers and social media. There is the network effect. A platform has little to no benefit if it doesn’t connect people and it’s just you ;-)

Philosophically it’s kind of regressive to say that lost autonomy is deserved by people who fail to learn to the standards you think are reasonable in the areas you think they should know about. There is way too many things in the world we can’t all know about all of them.

I agree. I have compared this to the Age of Enlightenment before. There is some basis we need to agree on. Everyone has to agree they want freedom and be ready to put in some work and face the struggles. But not everyone needs to become a computer expert and have this as their primary hobby. Just being a follower should be alright, the only thing is you can’t be annoyed by change and experiencing a dry spell every now and then. I think this is consensus and also how it works with parts of the FLOSS ecosystem. There are clubs and individuals who operate the servers and handle all the difficult and tedious parts of hosting. Not everybody can, or wants to do this. As a user it is your obligation to know how to operate your computer and smartphone. But it shouldn’t be overly complex. That takes away from the spirit and makes it inaccessible for some people. And we want the opposite of that, spread the freedom amongst everyone who is willing to participate.

---

I really don’t know what to recommend to you. Don’t resign and let the technical difficulties keep you from getting what you want. It’s the right choice. Maybe you find something better than Matrix for your use-case. I’m kind of in another situation, so my experience doesn’t necessarily apply to your situation. Maybe have one person do the work, try out a few servers and Apps/clients and pave the way for the rest of the group. It definitely doesn’t work if it’s an uncoordinated effort and there are sub-optimal choices and traps out there. And it will scare some people off (rightfully) if they have to start over for the third time.

With our group, we have tested matrix for some months with two people, then a third and then a friend of mine invited all the other people. Most of them use matrix.org as their Homeserver. And we keep the room unencrypted for maximum compatibility. We don’t give admin rights to everyone, that would lead to confusion. One person manages the room and they put in the effort to learn how to manage the room and help people get the app installed on their phones and join the room. I could help out. But I try not to. Sometimes I’m too deep in the rabbit hole and struggle balancing my explanations with people who aren’t that tech-savy.

lascapi, 6 months ago

You resumed very well the triangle.

My dream is to build an app/service which is easy to use as Signal but compatble with matrix and xmmp.

Pantherina, 6 months ago

SimpleX

But as alternative to FB messenger?? Literally anything, switch as fast as you can!

linuxPIPEpower, 6 months ago

Does SimpleX have the ability to share the conversation history across devices?

mypasswordis1234, 6 months ago

No

Pantherina, 6 months ago

Not yet