At this point, the Google Play app review process has become a security liability. I have had an app update for #Conversations_im in the review queue since April 28th. Previously, app updates have been rejected for stupid, hallucinated reasons; this time, we are just being ignored entirely. The release is not shipping any security fixes, but imagine if it did.
@aerion There is no such thing as port. Basically the entire codebase is very Android specific so it would be a full rewrite. On the other hand Dino already exists and has mobile Linux support. So if anything I would probably collaborate more closely with the Dino developers.
I’m delighted to announce that the OpenPGP implementation in #Conversations_im will see some love over the next ~6 months. Simultaneously, we will be laying the groundwork for OMEMO2 by implementing Stanza Content Encryption.
Thanks to funding from @nlnet and the European Commission.
I recently added a display to #Conversations_im showing the number of stanzas (XMPP packets) sent/received in the current session. What are your counts and how long has your session been active? (Account Details -> 'Server info' in the overflow menu.)
Historically, events like Meta announcing ads in WhatsApp haven’t significantly impacted #Conversations_im download numbers. This time feels different. February saw double the installs of a typical month. It seems the sentiment against Big Tech is finally translating into action.
I’m not qualified to comment on the alleged security vulnerability in #Matrix, but 'the entire Matrix community sucks because one user once disagreed with me on the Internet' is such a wild take.
The only relevant feature for any instant messaging app (or social app, for that matter) is: Are my friends using it? People will gladly overlook minor inconsistencies or missing features as long as they can communicate with their friends. We shouldn’t recommend #Signal as a stepping stone before Jabber/XMPP becomes "good enough," if goodness is defined by the number of people using it.
On January 4, 1999, Jabber was first announced to the public¹.
Twenty-seven years later, Jabber—or XMPP, as it became known after standardization through the #IETF—remains the only truly vendor-independent, federated instant messaging platform.
In almost three decades, XMPP has never stopped evolving and remains our best tool for digital independence.
@morph@S1m NextPush is just an alternative. Both are distributors. Both use different protocols to talk to their respective push server implementations. If you have Conversations you don't need NextPush. If you don't use Conversations you can use NextPush.
@S1m I always wanted to add push support to #Conversations_im. I think a federated instant messenger is a natural fit because you get the decentralization and the connection for free. And adding it to the messenger is also what Google did with gtalk.
So I was very happy that I found #UnifiedPush as a quasi standard when I finally got around to implement it. Thank you for your for work!
@tris two things: I already said in my follow up post that if someone wants to build their own clients on top of XMPP and prefers MLS over OMEMO, the XMPP community is very open to that. A protocol is much more than just the encryption. They would still benefit from all the other things XMPP has solved.
A lot of what's in that blog post is ill-informed and bordering on disinformation and fear mongering.
@tris there are three actively developed protocols for federated instant messaging (XMPP, Matrix, Deltachat). At least one of them is very open to new developers and new ideas and has a structure in place to collaboratively work on those ideas and bring various stake holders together. With no disrespect to that individual I don't see why there needs to be a forth protocol loosely based on ActivityPub.
@pixelschubsi@tris Yes, agreed. Tremendous value in reusing identities and login credentials. Big skepticism with regards to using AP as a protocol. One can probably kinda make it work… But why? What’s the benefit?
@silverpill@pixelschubsi@tris you can have a single account (or as I phrased it 'identity and login credentials') across different protocols. For example your Google account works across multiple protocols. And even in the federated world we have several cases where email address == xmpp address. So to repeat myself: using the same identity is good. Doesn't mean you are locked into ActivityPub if you want to build instant messaging.
As a community, we often ask ourselves how to attract more users to #XMPP. Yet the real tragedy is that people would rather build something entirely new (loosely based on email or #ActivityPub) than consider XMPP. Need end-to-end encryption by default? If compatibility with existing XMPP clients is a secondary concern, you can implement it in your own solution while still benefiting from our two decades of experience in instant messaging.
I consider this a failure on our part but I don’t really know what to do about it. Most arguments against #XMPP don’t hold if you’re building from scratch anyway:
• #Conversations_im looks very outdated: OK, but you are developing your own clients anyway.
• XMPP doesn’t have an SDK: Neither does your #ActivityPub or email stack
• OMEMO is insecure and I would prefer #MLS: Yes, let’s work on that together and you’ll still benefit from XMPP’s 100+ solved IM problems.
Project lead on https://Conversations.im & https://Ltt.rs · Council Chair & Editor, #XMPP Standards Foundation · 2.9W/kg · Flat white socialist · Defying Gravity · European Republic