xmpp.org · Domains · Slashdot Mirror

Because using standards is so 2000 & late by ArhcAngel · 2018-04-20 01:21 · Score: 5, Insightful · on Google Is 'Pausing' Work On Allo In Favor 'Chat,' An RCS-Based Messaging Standard (theverge.com)

XMPP (formerly known as Jabber) has been around since 1999 and has most if not all of these features. Any it is missing can be submitted and added as it's an open standard. Google has essentially embraced its role as the new Microsoft and has begun their EEE march. Chrome has become the new IE6 with all of the non-standard extensions they've rolled out without so much as submitting anything to W3C for consideration. I'm now looking for alternatives to all Google properties.

Reinventing the wheel by grasshoppa · 2018-04-16 06:14 · Score: 1 · on France is Building Its Own Encrypted Messaging Service To Ease Fears That Foreign Entities Could Spy on Private Conversations (reuters.com)

Why not just audit https://xmpp.org/ and call it good?

Have you ever read the XMPP protocol? by jediborg · 2017-03-14 06:54 · Score: 1 · on Ask Slashdot: How Would You Solve the Instant Messaging Problem?

As a programmer, i have had to read a many white papers and technical specifications. For a work project I started writing a perl script that used XMPP protocol to send messages to co-workers on a OPENFIRE server. For this I had to read the XMPP specifications, and OH MY GOD are they the most beautifully written and clearly explained technical documents I have ever had the privilege of reading: https://xmpp.org/rfcs/rfc6120....

And developing apps using the XMPP protocol was super easy and fun. Sadly, the protocol was mostly abandoned due to lack of features we have seen in proprietary implementations. E.g. XMPP clients don't have universal support for in-lined pictures and video (showing someone embedded youtube video or the picture instead of http://imgur.com/aabbbaa or http://youtube.com?watch=blah) It has no support for video messaging (it was build for chat and IM) nor does it have support for screen-sharing. Also if you close your XMPP client and someone sends you a message, you don't get that message when you log in again. Some servers implement an extension that kinda does this, but because its not an official part of the XMPP protocol its spotty and unreliable. Various XMPP clients tack one or multiple of these features onto the XMPP spec, but this fragmented support tends to drive people away instead of too it.

But if ALL you want is a protocol for real-time chat rooms and instant messaging of text-only, man is XMPP fantastic, cheap, easy to use, and reliable.

Re: Why not just use telegram? by fbobraga · 2016-06-03 05:08 · Score: 1 · on Facebook Nixes Access To Chats Outside Of Messenger Walled Garden (arstechnica.co.uk)

remember XMPP?

Re:Google becoming too powerful? by mrchaotica · 2016-05-02 07:53 · Score: 3, Interesting · on Chrome Overtakes Internet Explorer For Most Popular Desktop Browser (thurrott.com)

What's the end-user alternative?

What we really need is to make a concerted effort towards replacing all these centralized web services with distributed equivalents:

Google Search -> YaCy
Gmail, Google Drive, etc. -> OwnCloud
Google Maps -> OpenStreetMap
Hangouts -> XMPP
Youtube -> ???
Facebook -> Diaspora
Etc...

XMPP by BitZtream · 2015-01-02 06:12 · Score: 5, Insightful · on Unofficial WhatsApp Library Gets End To End Encryption Before Official Clients

http://xmpp.org/rfcs/rfc3923.h...

Seriously, stop using proprietary carpware.

Its one thing when proprietary offers you some benefit, but when it comes to IM, using anything other than XMPP from someone who supports federation is just as retarded as using email from someone who doesn't do proper SMTP.

The point is that Google uses XMPP.... by ornia · 2013-01-24 13:08 · Score: 5, Informative · on Privacy Advocates Demand Transparency From Skype

The fact that Google is based in the US is far less important than the fact that the backbone of their communications infrastructure uses a protocol with an open specification (RFCs included). Google Talk (also including Gmail Chat) provides every single person with a Google account a connection to the macrocosm of every federated XMPP server on the Internet, which also happens to be a benefit for those who want secure, end-to-end encryption on a service not controlled by a single company.

XMPP (aka Jabber), as an open protocol, has been implemented in a gigantic amount of both client & server software, in both free/libre and proprietary projects, and on many platforms. Google accounts (meaning every single Gmail, Youtube accounts, and almost all Android users) all have 100% standards compliant XMPP accounts as well, meaning they can use any client they choose. You don't need to hear it from me, read what Google themselves have to say on the matter:

In addition to the Google Talk client, there are many other clients out there that provide a great communications experience. We believe users should have choice in which clients they use to connect to the Google Talk service and we want to encourage the developer community to create new and innovative applications that leverage our service. To enable this, Google Talk uses the standard XMPP protocol for authentication, presence, and messaging.

What does this mean for those who care about security? For one, you can choose software that includes Off-the-Record end-to-end encryption (OTR) such as Pidgin with the OTR plugin on GNU+Linux or Windows, or Adium (which has OTR built-in and enabled by default) on Mac OS X. On Android you can use Beem or Gibberbot, although I personally recommend Beem (and if you are using iOS you obviously don't give a shit about security anyway). By using OTR, Google has no idea what you are typing, even as you use their servers to send & receive XMPP data. As a bonus, you can proxy any of these applications over Tor, so Google has no idea where you are even connecting from, anonymising your IP address.

Because of the benefits of an open protocol, the fact that Google is in the US is far less of a problem than Microsoft being in the US because Skype by design restricts your ability to know how it communicates with Microsoft's supernodes and other Skype clients. This is the very nature of proprietary software: to subjugate you, keep you ignorant, and wield power over you. Google may not be perfect, but at least they are committed to using open standards as the base level of their communication networks, and explicitely encourage people to use what software they want, allow proxied and/or Torified connections to their services, & allow you to use end-to-end encryption with crypto keys that YOU control.

TL,DR:

I am very happy to find out a friend has a Google account, so that as soon as they use it with OTR encryption, I can communicate with them safely & securely from my own XMPP server with end-to-end encryption using an standard, open protocol. Incomparably better than Skype.