As development has been going on for quite a while, the Librem Chat is going to use Riot as the chat service but with a hosted server from Purism themselfs. Just that Riot has to make connections to their main server also. Which is a really bad design part of them.
I went onto Privacytools.io which I do sometimes and saw they completely removed Riot from the “Instant Messager” section and not even in the “Worth mention list”. I went through their Issues on GitHub to see why Riot was removed as before it was listed above Wire in second place “against” Signal.
I didn’t really get a straight answer but from these two issues; 1049, 840. As it seems, Riot is soooo far from finished and the data being sent unencrypted is insane. I can’t believe they actually released the “Big 1.0” update. When it still should have been in Beta. Seriously.
The privacy concerns with Riot is so huge that I don’t even know why we are still “supporting” them w/Librem Chat. I don’t wanna use their service with my threat model.
Sure, Riot does keep making good Riot apps and the service that is almost similar to Discord. Maybe I am wrong, maybe they are on their way to fix all of the major and minor issues and I just haven’t heard about it yet? From the RiotX development they sure have removed all of the trackers embedded in the previous apps/versions on Android.
I saw Whonix is using qTox, preinstalled. While Tox is in the “Worth mention list” because it isn’t that great yet, development is kinda slow. We should maybe try to support them as much as Riot? To not just have one alternative to private and secure messaging and only use “decentralized” but Peer-to-Peer also? Without the need of physical servers.
PS. As in Quote>decentralized<Quote. I mean Riot isn’t decentralized if it has to rely on a centralized server? Or that’s just for signing up?
I second Jami - it is a great application. I don’t know enough about GTK development to know how much work it would take to make it libhandy-friendly - but! I know enough about Jami to say that I hope it is possible. I’d love to be able to use it easily on a phone
it’s really not understandable if purism would not up their guards and remove the matrix vector from its systems. It’s not only the impact this group happily implemented, but also the shown follow-up behavior.
I don’t work for purism but i’l spend my 2 cent there
Purism will offer 2 different technology for IM one is Matrix, and the other one is Xmpp. On android and ios the only reliable client is Riot, while in the Librem5 we gonna get 2 apps that will handle Matrix, one is Chatty and the other one is Fractal, so if you ordered a Librem5 you shoudn’t be concerned too much about Riot since you will don’t use it, btw the devs beyond Riot are developing RiotX that is a lot better and shoudn’t have trackers.
If you don’t like Matrix, it will be, i hope soon the Xmpp solution from purism, so you can use it
I use Riot since quite some time on a daily basis. And I can not understand this level of attack I see here on it.
It offers end-to-end encryption and it seems to work really well. The main issues with it, are, that it is too strict at times and somewhat annoying to handle UI wise when people change/reinstall their devices. But they are ever improving on this. Yes they have the beta warning (do they really though?) on the encryption feature. But I think this is them being extra cautious and humble, which is a plus in my book.
What I love about it, compared to Signal.
open source server
no mobile phone required
multi site support
no personal information like phone numbers required (but you still can use the ease of use for it if you so prefer)
i’ve been using matrix (with riot.im) and must confirm too, that it’s very nice, it’s user friendly, openly federated (it’s quite easy to run your own server, and it can send messages to everyone from there, try that with signal )
some of the rustlang community has been moving to matrix and their experience has been pretty good, from what i gather
i was skeptical at first too, but don’t think all the negativity is warranted !
overall, though, it looks like matrix is more of a IRC and discord replacement than for signal or other IM, and it’s true that the E2E encryption is still in heavy development so if that’s your primary concern then yes, it’s not the most mature solution
The Librem 5’s Chatty (fully integrated and compatible comunication with the entire world, hopefully soon also with added support for the jitsi-meet webrtc audio/video chat toolkit and its standard web browser compatible fallback links)
With installed plug-ins for