Matrix

3284 readers

1 users here now

An open network for secure, decentralized communication

founded 4 years ago

MODERATORS

k_o_t@lemmy.ml

What Matrix/Discord/Teams alternatives are there that FULLY support E2EE across Desktop and Mobile? (feddit.de)

submitted 9 months ago* (last edited 9 months ago) by Lemmchen@feddit.de to c/matrix@lemmy.ml

9 comments fedilink hide all child comments

Element for Android doesn't support searching in encrypted channels and I think you can't use E2EE in the browser at all(?), plus basically every other client has even more drawbacks when it comes to E2EE.

My team recently tried RocketChat, but E2EE is obviously an afterthought for that project as it has even more limitations than non-Element Matrix clients (no searching, no pinning, no file upload, no edit, etc.). Plus Jitsi integration seems to be buggy right now (at least on my Windows installation).

What else is out there that's not on my radar? Is Matrix with Element really the best option right now? Is there no project that puts E2EE above all else?

Edit: Should be self-hostable and (FL)OSS.

all 11 comments

sorted by: hot top controversial new old

[–] MentalEdge@sopuli.xyz 6 points 9 months ago* (last edited 9 months ago) (1 children)

Why wouldn't E2EE work in the browser versions of the clients? You just log in, verify from a logged in client, and then everything works. Decryption of message history can take a while, but it gets there eventually, and sending and receiving new messages should work with encryption, right away.

Search is tricky because the client essentially has to download, decrypt, then index, your entire user history. The server can't do the search for you, because it never sees your messages in cleartext.

Syphon does actually do this on mobile, but it's in alpha, and while it can do E2EE you have to export your keys from another client, then import them, to get it working. No easy emoji verification.

You might look at schildi, which is a fork of element with implementations for a a bunch of extra stuff. You'll have to get past the app icon, tho.

[–] Lemmchen@feddit.de 1 points 9 months ago* (last edited 9 months ago) (1 children)

I haven't tried Element Web for quite some time, but I remember having some issues with E2EE rooms. Maybe this has been resolved by now or maybe it was just the search not working there as well as on Element for Android. I can't really remember right now.

I am aware of SchildiChat, but AFAIK it doesn't provide search in E2EE encrypted rooms, just like Element (both on Android). On iOS they both support it (I think).

Maybe I should check out Syphon then. How polished is the client otherwise? Can it compete with Element?

Edit: Last Syphon release was October 3rd 2022 and the last commit six months ago: https://github.com/syphon-org/syphon/releases
I'd say that project is unmaintained.

[–] MentalEdge@sopuli.xyz 2 points 9 months ago* (last edited 9 months ago) (1 children)

Again, the web client, or any client, can't have search or message history that works at 100% until it has downloaded your user history, decrypted, and indexed it.

I've not had any issue sending and receiving encrypted messages in the web UI, nor accessing message history once I give it some time to catch up on decrypting it.

Syphon is in alpha, and thereby extremely basic, last I checked.

I think you'll have to just try it and see what state it is in, my issues with it were UI related and subjective, but otherwise I recall it being fine.

[–] Lemmchen@feddit.de 1 points 9 months ago* (last edited 9 months ago) (1 children)

Again, the web client, or any client, can't have search or message history that works at 100% until it has downloaded your user history, decrypted, and indexed it.

Doesn't change anything from the fact that the Android client simply doesn't have implemented that feature.

[–] MentalEdge@sopuli.xyz 1 points 9 months ago

No, but I'm not really referring to that. I'm referring to the fact that unlike an installed application, the browser version can't just cache a bunch of data, and have it reliably stick around for the next time you open the browser, nor even rely on the browser letting it download and handle as much data as it might need to to begin with.

So it might end up working not as well, depending on browser and settings, even though it's literally the exact same code as the desktop application.

[–] fartsparkles@sh.itjust.works 3 points 9 months ago (1 children)

Surely there is an XMPP client that does MAM. Been a while since I’ve looked into it to be fair.

[–] Lemmchen@feddit.de 1 points 9 months ago* (last edited 9 months ago) (1 children)

MAM does not seem to be a finalized standard, plus I don't understand how this is related to E2EE at all. I'm not terribly familiar with jabber, maybe you can enlighten me.

[–] Bronco1676@lemmy.ml 2 points 9 months ago

https://wiki.xmpp.org/web/XMPP_E2E_Security

XMPP has omemo and pgp as e2ee.

I've hosted https://prosody.im/ before I went to matrix.

You will need to enable some of the extensions, if you want to have group chats, chat history and so on. But after initial configuration prosody will just work (tm) and is absolutely lightweight.

The only reason I stopped using XMPP was, that no one uses it, which is sad, but I can't do much about it.

Also one important bit is, that most clients are not e2ee by default and you need to enable that you only want to send encrypted messages and not plain text.