A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
Moderators
FOSSDLE PieFed
I get that WhatsApp is not a platform to use if you care about your privacy, but WTF is "Delta Chat" and why would I switch to it rather than say Signal?
As I've understood, Delta chat is based on the IMAP protocol and uses the infrastructure of your email provider. Thus, it uses no own server infrastructure, but has the also the downsides of the protocol and some issues with many email providers.
Wikipedia.de - Delta Chat (no English version available yet)
This turned out to be the deal-breaker for me. GMX kept locking me out of my account because of the DeltaChat messages. They're (of course) full of cyphertext and to email providers this must look a look like spam.
The open-to-abuse nature of email claims yet another victim.
On the other hand, GMX (and web.de) is a notoriously bad influence on email communication and will randomly block mailservers if they feel like it while flooding all of their own users with spam. The world would be a better place without 1&1 / united internet.
But it's a free Europe-based provider that's not US big tech. A better suggestion?
To be clear, I use a *paid* service (Mailbox.org) for my main email, *as everyone should do*.
I agree with your recommendation. As for free/freemium email providers, there's Tuta for one. I'm hoping that there are others.
Right, they don't support the advanced login protocols some providers like outlook require. That was a deal breaker, because deltachat was pretty much the last encrypted messaging service which worked in China.
I also prefer Signal, but I think the point here is that Delta Chat is decentralized.
Imo it's already difficult enough to convince friends and family to use Signal. Delta Chat would be even more difficult to pull off.
It's hard to get techies to see that, plan for the lease savy user.
How is it different? In my experience it’s easier as they’ve already heard of email.
The difference is signal has millions of users and most people have already maybe heard of it.
The other difference is that promoting more and more obscure, useless shit ruins your credibility for when you're trying to get them to Lemmy or Signal or Mastodon.
Signal is an absolutely fine product and doesn't need to be decentralized right now.
So is Matrix and it's way more popular. But recommending anything other than Signal at this point is a waste. Fediverse chat is a more complex conversion for many who are still in the connect via phone number stage for chat. Fediverse is an easier story for other platforms.
Because delta chat is using an open protocol (email) and you can run your own servers meaning it is decentralized unlike Signal. Also it is actually anonymous unlike Signal, so you don’t need to give anyone your phone number and people can’t find where you live just by knowing your username.
So not an instant messaging protocol but rather a technology that the whole world would do differently if they could go back in time?
Could you be more concrete? In what relevant way do you think it does not work as an instant messenger? Keep in mind that Delta Chat is not a theoretical thing and it works as well as any other messenger.
Regarding SMTP:
Never mind:
PGP is a very curious choice. A quick Google search says a downside of this is that it does not provide "forward secrecy". From the Wikipedia page on forward secrecy, it prevents things like the following.
If an adversary can steal (or obtain through a court order) this static (long term) signing key, the adversary can masquerade as the server to the client and as the client to the server and implement a classic man-in-the-middle attack.
I get that you're using AI directly related to your point, but it's still a lot of shitty AI spam.
Use it for your own research, but don't foist that on us.
I asked specifically for relevant issues and you just link general issues with smtp that have no impact on Delta Chat?
Delta Chat sends encrypted messages over it so that’s irrelevant.
Your phone can run LLMs, it can send a couple packets. Also this “chattyness” can be seen as an advantage as it is extremely robust and works on any network however inconsistent.
Yeah duh? It’s decentralized. You can’t ensure that the recipient doesn’t take down their server?…
Etc. I feel like I’m wasting my time replying to all these because it seems you didn’t even take the time to read them yourself.
So XMPP?
Should definitely be the go-to
If you use your email, it's anonymous but you have to use your email which is almost never anonymous and has your phone number. Also you sometimes have to "Create an app-specific password" that delta chat will use and gain full access to your email account, which is way worse than signal or any other application. And for some accounts, you have to use your real password, and maybe disable the spam protection.
Am I wrong somewhere or is that a really stupid idea?
If you struggle making a new email address, this is not for you.
Which applies to 99% of people making Delta Chat not a viable alternative to WhatsApp.
The Fediverse has the same problem that Linux, and Open Source in general, struggles with. The barriers to entry and network effects work against widespread adoption.
Until technology is packaged in a way that makes it dead simple and/or unavoidable, people won’t make the effort to move en masse.
Our words must be dead simple too.
'Open source' is a very ambiguous, confusing, phrase that makes it too easy for anti-libre software to scam.
During onboarding of the app you only choose a name and get a random email address
You do not need to give your number anymore to use Signal.
You cannot make a Signal account without phone number so that’s not true.
But we are not obliged to share it with our correspondents.
Unregistered users can't chat, so it needs a number, as OP said.
Yeah I’d rather not share my identity though. Seems like an odd requirement for a “private” messenger
you need a phone number to make an account. but you can chat with others without divulging your phone number
Unregistered users can't chat, so a number must be divulged to Signal, as OP said.
Did anyone tell the WhatsApp users?
How can we tell them if we aren't in Whatsapp?
Try meeting more people.
Eww
Join obv. 😜
Frankly it's the first time I hear about Delta chat
Never heard of DeltaChat why not signal??
It's a good one (Signal as well, though). My favorite design decision was to tie it into the email ecosystem, so if anyone tries to block it, they will have to block email, which their business buddies won't be happy about.
Some more here:
https://media.ccc.de/v/36c3-oio-154-delta-chat-e-mail-based-messaging-the-rustocalypse-and-ux-driven-approach-ybti-wefixthenet-session-
Because Signal is not decentralized nor anonymous
Not federated, but definitely anonymous. All Signal messages are E2EE, and Signal can't even access your messages. They literally have a page where they list every time they've been asked by the government to give info, and they can't. https://signal.org/bigbrother/
Wait that’s really funny
with these its more about whos using it
Yeah. Bit hard to switch messenger apps when they don't talk to each other if nobody you're talking to switches with you.
Doesn't delta use email under the hood, an insecure protocol?
You're better off using something like Matrix, XMPP, SimpleX or Signal.
Email? So its just encrypted SMS?
Might come down to the metadata, then, like SFTP vs FTPES or GET vs POST.
Sms and email are not remotely the same
I've worked with both in my career. Tell me more...
I guess so. It's encrypted data sent over email from what i understand. Tbf i'd rather trust software built with protocols specifically built for secure and private messaging, and email is known to not be that.
The protocol doesn’t really matter when you send encrypted messages over it like Delta Chat. Signal is not private nor decentralized and SimpleX doesn’t have encrypted group chats last time I tried
Maybe. My comment was based off of what i understood from the website
Could you elaborate on this? haven't heard of this point (is it due to the jurisdiction on a 5 eyes country?)
It actually does now. It's a very solid choice i'd say :)
You need a phone number to sign up which requires identification in most countries.
Also anyone who knows your username can ping where you are at any time: https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117
You are confusing privacy with anonymity. You aren't anonymous because your user is linked to a phone number, but your communications are private due to how their encryption works.
On the location attack: it is a matter of configuration and your location will be as ambiguous as thousands of miles.
Finessing the terms does not stop them demanding a phone number.
Interesting, thanks. I think SimpleX fixes a lot of signal's issues, but the only problem i have that it is funded by VC and quite new.
They are open source and decentralized and indeed there are already a few forks.
Ah so they are just capturing users currently and will have to make return on investment later? That’s a no from me.
so I found it interesting and checked it out. the protocol is all well and good but the problem is social. I'm simply not going to send people my delta chat Id and ask them to message me there instead if they have delta chat installed. I had the same problem with session messenger.
when I meet someone irl I'm trading phone numbers. not asking if they have app X installed.
this might be useful for open source projects where you can use ur delta chat id instead of ur email. but it's not something I would use unless it's a requirement to join some community I wanted to.
the problem signal solves by tieing accounts to your phone number is contact discovery. thanks to user IDs you no longer have to share your phone number with people u want to chat with, and can only share your user id
plus signal guarantees the metadata is encrypted. is the same true for delta chat?
I've tried a ton, and DeltaChat came close, but there is no edit option for messages, since under the hood, it uses email. The apps on both iPhone and Android also had issues with notifications. I convinced a few family members and friends to use it and then had to convince them again to move to Signal. Lost a few of them in the process.
The point of my story is to say... If you think you'll have a hard time convincing people to get off WhatsApp/Texting, just go to Signal. It is much more mainstream and at least it isn't Facebook.
I'm resigned to friends and family being almost impossible to get off WhatsApp. Despite being Meta it is also quite difficult to enshittify. If they manage it, I might be able start a conversation but until then it has to stay.
For everything else Fediverse related I'm using Matrix as most Lemmy business happens there (Lemmy uses it for secure DMs so it makes sense). I will try and move people across from other chat platforms to Matrix on an ad hoc basis.
Basically it's an Open source Whatsapp, but you use Email, instead of a phone number
So like matrix?
It's email, adapted to a chat UI.
Oh that's good.
I've often wondered how could I make my instant messaging less instantaneous, while giving a new app access to my banking emails.
Right? I did try Delta many years ago, and I really recommend using a new email account for it.
You can now also choose to just be assigned a new email account when you start using Delta Chat (only drawback is that you can’t send unencrypted emails with that email account so you can’t use it for anything other than chatting)
Oh, cool. TBH I don't think that's a drawback, just customised to the very specific usage. So you get a _@deltachat.org email or something?
If you struggle making a new email address, this is not for you.
Yea but not in vc debt so without the incentive to sell out users
What VC money has Matrix taken? Genuinely curious
30 million dollars https://element.io/blog/element-raises-30m-as-matrix-explodes/
You can argue that element is not matrix but you’re fooling yourself. Others even have to look at how element implements stuff instead of following the matrix spec
Good to know, thank you for the link
Matrix has bridges for every other chat service, so all your friends who refuse to switch don't have to.
SimpleX is the best alternative right now, email is a very bad protocol
there's also session
https://getsession.org/
unfortunately privacy and usability are inversely related. session is private. I loved it. but I had no one to chat with 😃
I had no idea if any of my contacts were on session or not.
Don't use Session