Comments
throwaway38yyzew wrote (edited )
Throwaway here, this affects many other FOSS projects like the Tor Browser which has a high usage meek-amazon pluggable transport. It's really sad to see that the Russia block of Telegram and another app (which apparently relies on Amazon) gave the financial incentive to Amazon to drop support for this (Russia blocked a ton of Amazon's IPs). As you can see yet again, capitalism in action. Sad.
quandyalaterreux OP wrote
Federated protocol: you have to keep banning IPs
That's something very easy for censors. I mean just look at the Tor Project's bridge distribution, even though there are loads of non-public bridges, China is able to keep up and block virtually all of them. But, domain fronting works in China.
Non-federated protocol: your mobile phone number, which is associated with your real name, is your ID
Federated protocol: your account on a server is your ID
I agree, a phone number isn't the best thing, but a federated protocol is worse since you're giving more metadata by associating your account with a particular instance (e.g. [email protected]).
I don't see how is non-federated better. Best case scenario, they are equally bad.
I think Moxie did a pretty convincing case against it: https://signal.org/blog/the-ecosystem-is-moving/
quandyalaterreux OP wrote
I'm not sure why you keep bring that up as a grave issue. The one aspect of XMPP that is a privacy concern is how the roster is maintained by default.
Because with centralization Signal can make sure that their servers don't have too much metadata (see https://signal.org/bigbrother/eastern-virginia-grand-jury/) but with decentralization where's that guarantee?
quandyalaterreux OP wrote
Replying to !deleted4389 (#42,592)
Yes, as his employee Joshua Lund says,
Federated services also offer no by design solution to metadata.