hello im trying to find good foss alternatives to apps like discord, facebook, and others that are foss and federated are there any possable apps out there that are like that?
Alternative to discord: your best bet will be to find a matrix server at https://servers.joinmatrix.org. Element is the most mature client for all platforms.
For Facebook, any of the ActivityPub alternatives like Mastodon, Pleroma, GoToSocial… Too many choices for clients and instances, but if you are looking for a professional provider and care more about a “generic” instance that is well-maintained (or want to run your own), you can try communick. Disclosure, it’s my own project and I’ve been running it for some years now.
I’m a fairly technical guy, but I genuinely cannot figure out why I’d want to use Matrix at this point.
My understanding, which may be wrong, is that it can communicate on its own encrypted standard, and that there are bridges that allow it to communicate with other services like Signal and WhatsApp. You have to register for a home server, which essentially means trusting the individual(s) running that home server not to abuse that privilege, especially considering that not all features are supported by the bridges to other protocols at this point (including end-to-end encryption in some cases), so they may have access to your unencrypted content. Not only that, but your data is then replicated on other servers where the other participants in your conversations are registered, which means you essentially need to trust all those other admins as well.
Then there are the clients, which (at least on iOS) seem to be few and far between. The (seemingly) most popular, Element, appears to collect a crap-ton of personal information - including user content!
I was a big fan of Trillian back in the day, which sought to unify AIM/MSN/ICQ/etc. into one place; am I correct in thinking Matrix seeks to do something similar today?
Given the seemingly large amount of trust you need to put in potentially numerous individuals and organizations, is the convenience of a unifying protocol that may or may not bring your various chat and calling services under one roof with varying levels of compatibility and security (not to mention the apps, some of which appear to collect everything under the sun about you) worth it?
Thats a pretty awesome question imo.
I think Matrix only makes sense if you‘re already using instant messaging of some sort. Either discord, whatsapp, signal, what have you…
If you are using one of these services, there is a high chance that your data is sold, traded and used for all kinds of purposes, from training AI to manipulating your life choices (or as simple as selling something to you).
If a person is not using social media at all (and has an offline friend circle), then they should happily stay away from any of these products, federated/foss same as the others. Simply because social media is addictive.
But for those (like me) who don’t make friends easily offline, social media makes sense. And for those, it is far better to trust db0 or whatever the admins name is of an instance, than google,
has only one answer. Hell yes!
Element is a for profit company and therefore not the best idea if you want to go fully without data collection I assume. But then you also need to keep all smart devices in your home from calling home, you need a rooted android phone or similar, etc.
So I propose that we do our best, keeping the megacorps from collecting and selling our data without a penny of the profits going to us. In the meantime, we make compromises where necessary. If element is the only „usable“ client for you, let them have at it for the time being. Especially on ios, you‘re transparent to apple anyway and besides you don’t see the apps in development until they leave testflight (iirc).
Let me know if you have any further questions. Have a good one. :)
Hey, thanks for taking the time to reply!
I’m still not sure that moving our trust from a megacorp (as you put it) to some random person or organization running a Matrix server is an improvement. Even assuming the Matrix server admins aren’t selling your data out the back door, there’s no guarantee their admin accounts, or the server itself, isn’t compromised by those same corporations or others, allowing them to harvest all your data (and potentially more of your data than would be possible if you were using at least some of these services natively).
I respect that you have your opinion, but I’m not sure it makes sense to move trust from one organization/corporation to another is guaranteed to be an improvement.
From a security perspective, Signal seems to be brought up the most in these conversations, so I am surprised that you called it out between WhatsApp and Discord. Do you have any evidence that the Signal foundation is spying on its users, selling their data, or that the E2EE they natively employ is compromised?
You are indeed misunderstanding some of the points about it:
You have to register for a home server, which essentially means trusting the individual(s) running that home server not to abuse that privilege.
Communication that happens exclusively via Matrix are always end-to-end encrypted. No one will have access to it. The only point where e2ee is “broken” is when/if you are using any of the bridges to any of the protocols where the messages are in clear text. If you are worried about having your messages read by a third-party, then you wouldn’t be using the insecure protocol in the first place, right?
Not only that, but your data is then replicated on other servers where the other participants in your conversations are registered.
Not true. Data that goes to the other servers is always encrypted and only the intended recipients can read it. No trust required.
The (seemingly) most popular, Element, appears to collect a crap-ton of personal information - including user content!
Technically speaking, every client “collects user content”, no? The question is what the application does with it. The code is open source and I’m yet to hear anyone claiming bad practices or security flaws in the client.
Thanks for replying!
There are lots of services using E2EE, so I’m really not sure this is a unique benefit of Matrix and would not convince me to use Matrix by itself. It is a fair point in favor of Matrix, though!
I already use enough platforms as it is given what the individuals with whom I speak are already using. I’ve convinced some to standardize on platforms using E2EE, but the overwhelming majority of people who are not technology enthusiasts cannot be bothered to mess with something more complicated than what comes with their phone or the services that they’re already using (and fair enough, this isn’t a knock on them).
For that reason, the bridges Matrix offers are the only feature I’ve heard of so far that might make me switch. Unifying the services I already have to use due to what is used by my friends, family, and colleagues would be killer, but if they don’t at least leverage the E2EE supported by those services’ native apps, it negates pretty much all benefits for me. Yes, using stuff that isn’t encrypted in the first place isn’t ideal, but the answer to that for me is not “well, it’s already visible to some people so trusting the admins for this other third party service isn’t a big deal”. Additionally, integrating with services that do natively support E2EE in a way that breaks that E2EE is a huge step backward. I don’t blame Matrix for this, but it also doesn’t win any points for it in my mind.
Thank you for dispelling my misconception about the data replication!
To gain widespread adoption, any protocol will have to have friction-free sign up and usage, which is a tough nut to crack given how sharded chat already is and has always been. Email, which Matrix strives to emulate, was an established standard that predated most users’ access to the internet by a decade and a half or more. Conversely, chat has basically always been fragmented and siloed.
Unification would be a killer feature that would even have a chance of convincing non tech enthusiasts to switch, which could then lead them to start switching more of their communications over to native Matrix traffic as more of their friends also switch (relying less on the bridges over time). Given doing what I’ve described above requires compromises on security, though, I can’t see a path to wide adoption for this protocol (which really makes me sad). Since I don’t see a path for it pulling in non tech enthusiasts, and the bridges can break other platforms’ existing security, I don’t see myself adopting another platform for chat.
Please let me know if I’m still getting anything wrong!
