Web client, but I think movim has GIF picker and screensharing features. It even does multiparty video calls, compatible with dino. Since it's P2P, it does not scale well to a lot of users, but the developer is working on SFU support for larger video calls.
Revive your prosody and set up https://slidge.im/ for Telegram, WhatsApp and Signal. It's not a proper solution I know, but at least you'll keep on using XMPP clients and they'll get better because they will have one more user at least. ;)
TBH I am not well-versed into DNS and certificates and security, but I guess you have to trust your provider with a certificate for `example.com` if you allow them to manage JIDs of the form `anything@example.com`, indeed. Again, I am not very knowledgeable about the subject, so take this with a grain of salt.
The targeted audience of this website is, for now, developers. Communicating is hard.
https://joinjabber.org/ is/was an attempt at something more user-focused. It is not linked to the XMPP Software Foundation. BTW, joining the XSF and participating in discussion around protocol evolution, communication strategy and these sort of things is free, and only requires asking for write permission on the XSF wiki to add an application page. Everything happens in the open (mailing lists, chat rooms). We value democratic processes.
It is used in a non-federated context as the underlying in a lot of places (NATO, Zoom, british Military, Grindr, Jisti…). Federated usage is mostly private chats that don't really want to advertise that they do use it. It is sad because public groups also just work, but I know clients are missing a few features that would improve usability/UX. Some people are working on that, cf https://movim.eu/ for instance.
It does not have to be automatic. Easy to expose that through options, most clients do that. Also, I don't need pictures shared to be at the utmost best quality.
In practice, in federated networks bad actors end up being blacklisted. It does not provide any "formal" guarantee, but… it tends to work fine enough. For this specific "deletion request" feature, of course it should always be seen as a convenience thing, and absolutely not about security.
As with many engineering things, it's tradeoffs all the way down. For instant messaging, a federated approach, using open protocols, offers what I value most: decentralisation, hackability, autonomy, open source. My options in this space are Matrix or XMPP. I have not attempted to self-host a matrix server, but have been very happy with my [prosody](https://prosody.im/) instance for almost a decade now.
I don't know what's wrong with XMPP other than the network effect collapsed when the GMail chat thing was killed, while the mobile client options were poor for a very long time.
Matrix has the appearance of being a drop in replacement for Slack or Discord, but the design decisions seem so compromised that the only explanation is they did manage to establish a (somewhat weak) network effect? It certainly is not a good look for an open source project to be running on Slack or Discord (free/cheap plans rugpulled or to be soon.) Then that leaves IRC, which has a network effect collapsing at a much slower pace.
I never got far enough to try hosting a matrix server, but reading the linked post -- Matrix definitely is not GDPR compliant. The combination of whatever end form of ChatControl the EU gets along with possibly hundreds of other laws across the world and individual US states makes me think the days of a public facing non-profit or small startup running a project like this are over. (Or maybe the future of open source is funding lawyers while the development is all done for pennies by AI?)
The GDPR is being neutered anyway because the EU caved in to Trump.
Not being chatcontrol compliant? That's a feature not a bug. Nobody wants that anyway. Just another stupid US lobby (Thorn).
A big organisation won't be able to run matrix for everyone no but that's the cool thing about it. People can run their own for smaller groups of people.
An open protocol can mandate indeed, but that is still in the realm of pinky promise security. A better design for a privacy-friendly chat protocol is to not write a lot of stuff on a lot of different remote servers when that's not necessary IMHO. One of matrix's selling points is to be censorship-proof though; in that case copying stuff as much as possible makes a lot more sense.
You are right, though I still prefer "weak feature" as a term :) There's enough value in such things. Cryptography crowd is concentrated on omnipotent Eve breaking ciphers, and that wrench from xkcd, but I dare to claim that majority of both commercial and private leaks happen just because well-intentioned users don't have enough capacity to keep track of all the things, and proverbially think twice. Features like "unsend", or timed deletion are indeed laughable on their purely technical merits, but do wonders saving users from grave mistakes anyway.
It's hard to explain to a non technical user. Something like "We tried to delete the message, but some of the people who received your message might still have a copy." Does not sound great and is going to be hard for a non technical user to understand and hard to implement in a way that a non technical user will find satisfying.
So if I was a dev on matrix/element and this feature came across my plate I would have to weigh it against features that I know can be implemented in a way which make technical and non technical people feel satisfied and better about the application.
reply