Ok so, here I am again asking another question 🙈🙊 But hear me out: I read this post here about, if there even is a good privacy messenger that can be trusted. Someone in the comments mentioned Conversations (a XMPP client for Android). This made me look into XMPP and at the moment I am giving Conversations a try. Reading into XMPP, I couldn’t find a problem security or privacy wise. Also it seems like it does not matter what server I use (atm. we are on 07f.de) since it is all e2e with OMEMO. Am I missing something or is it really this good? And if I dont trust anyone, I could host my one instance of ejabberd, right?
You have to trust the servers with your metadata, and that the servers have their inter-server communication locked down, but at least you can choose/operate servers.
Some clients are a bit flaky with their e2e encryption defaults or from a UI perspective it is easy to send an unencrypted message (in a new chat for example) before noticing that was how it was set.
There are a few XEPs the server needs which enable things like OMEMO, efficient mobile data/battery use, offline and multiple device deliverability, file transfers, etc. Audio/video calling has various requirements as I think xmpp only facilitates the setup of the call.
ok but if I’d recommend a client to the people I want to text with via xmpp I can be certain which client they use. My idea isnt to write with strangers but only with real people I know (friends and family).
It is great as a private communication app for a close group. I’m running my own server because you have to trust your server operator with metadata, and because I found random public servers to be too short-lived for sustained usage by non-tech people.