Nostr Web Client

The main difference between SimpleX/Session and XMPP/Matrix is that:

SimpleX/Session hide metadata even through you're using other people's servers.

While as XMPP/Matrix don't hide the metadata at all, but expect & empower the end user to run their own server.

So something like self-hosted XMPP, with a Tor Onion, is a higher level of privacy than trusting random SimpleX/Session servers, but also a higher barrier to entry, as most are not willing to read docs and pay for a VPS.

Side note: You can configure an XMPP client like Gajim to force Tor, even if it's not system-wide.

SimpleX does have a self-host, but if you just use your own server, then it labels/identities these accounts as you. So you'd have to have a popular server, and even then the other person in your conversations picks the other server.

Ok, let's pause here and resume tomorrow.

Reply to this note

Please Login to reply.

Discussion

wertyyryyr 1y ago

nostr:npub1lnjpw7at64lkf5cz5lcymdx3zayc8c60hlp8ykqxpjcjlagyehyqlr8v28

DrZhivago 1y ago

You should shill your own services to help others self-host. It's easy when you have help. Marketing is not evil!

SimplifiedPrivacy.com 1y ago

I can't tell if you're being sarcastic lol. Yes we have a service: https://simplifiedprivacy.com/email-cloud-combo/index.html

Systemling32 1y ago

SimpleX recently got the private routing feature which sends out messages over your trusted inbound SMP server. That way you won't ever connect to any servers except the one inbound relay your can set to a trusted one.

If you assume with XMPP that both users are using Tor, than I would say if both users on a SimpleX chat are using Tor with random SMP servers, it's just as secure.

No information can be gained by the SMP servers except that there are messages going out from one queue and that's it.

SMP Servers only ever get to see one side of the communication, never the reply. Add to this the absence of user accounts, you cannot build a social graph and tracking by IP does not work if both sides use Tor.

Interested in your thoughts, but SimpleX over Tor is a much lower barrier to entry than both sender and receiver having to anonymously host a XMPP server behind Tor.

They also would have to run a new XMPP Server per person they contact so as to not link identities by using the same .onion for more than one conversion.

ede3d957... 1y ago

Hosting your own Simplex Server over Tor is straight forward. But I wonder what can be done to make it even more private?

Systemling32 1y ago

SimpleX over Tor seems to me like top notch security. With a self hosted SimpleX server that is For only, you of course require your communications partner to also use Tor

ede3d957... 1y ago

Even better would be to seek i2p integration for nostr:npub1gsunl7x2y8ka4rn72y9zmzh0j8ntw8ln3956dxe4vg2mldpt4svsuzfy6l.

SimplifiedPrivacy.com 1y ago

If you host your own SimpleX and your friends use it on a Tor Onion, This is essentially "turning it into XMPP". So yeah that's fine if you're using simplex anyway with other accounts

VidarReturns 1y ago

We need a mobile XMPP client that forces all connections over onion. Great write up.👍