How can we fix messaging?

Proprietary, centralized chat protocols are the problem and XMPP is the solution

by spitemim, 2022-12-02

Table of Contents

• The Problem
• The Solution
• What is XMPP?
• How to use XMPP
• Downsides of XMPP
• Conclusion

The problem

Normie chat platforms like Discord and Telegram have been a disaster for the human race. Back in the 90s when the internet was a bunch of nerds, people made sane choices for what technology to use. The most widely used technologies and protocols were ones that made sense from a technical standpoint, because the majority of the internet were nerds who cared about that kind of stuff. But as the internet was democratized and overrun with (1) normies and (2) companies looking to profit off of said normies, the set of widely used technologies has shifted from the most ethical, extensible, practical, and useful ones towards the flashiest and easiest ones. A prime example of this is messaging platforms: the nerds of the 90s used IRC and BBSs to communicate. Modern day normies use platforms like Discord, Snapchat, Telegram, or Whatsapp to do instant messaging. These platforms have pretty much nothing to offer other than convenience. Problems include:

• Centralized, and therefore subject to censorship and discrimination
• Typically not end-to-end encrypted, meaning the people operating the service can simply read your messages if they so choose
• Closed-source, meaning you have no idea what kind of tracking or spying the client might be doing.
• Often impossible to write custom clients for, or explicitly disallowed by Orwellian TOS

The common normie cope is “But! All my friends use <PLATFORM>, so I have to use it too!”

No, you don’t. If they are your real friends, they will sacrifice some convenience to message you on an alternate platform. If they’re a REALLY good friend or exceptionally rational (or autistic) they will listen to your arguments against centralized platforms, consider them, and possibly make their own decision to reject these platforms and use something less egregious.

The solution

The solution to modern instant messaging woes is simple: XMPP

What is XMPP?

XMPP stands for Extensible Messaging and Presence Protocol. It’s a simple, extensible, decentralized, and secure messaging protocol that’s been around since the late 90s. Allow me to explain how each of these adjectives applies to XMPP:

• Simple & Extensible
  • XMPP is a really simple protocol at it’s core. All the extra functionality it offers comes in the form of XEPs: extensions to XMPP’s base functionality. Not only does this mean you can use XMPP for broad information exchange usecases and not just instant messaging between your buds, but it means that the protocol is subject to change. This has allowed it to stand the test of time and remain secure and usable.
• Decentralized
  • XMPP is similar to email in that it’s a network of individual servers (e.g. gmail.com, protonmail.com, danwin1210.de, cock.li) that can send and recieve messages between one another. Users with a cock.li email address can send messages to users with a gmail.com email address, for example.
    The same thing is possible with XMPP. You can set up Prosody or Ejabberd on your server and have a working XMPP server within minutes. Once you register an account, you’re free to send messages to any other person on the network, even on a different server.
  • Notice how there’s no single point of failure in a decentralized network. If Discord’s servers go down tomorrow, no one can exchange Discord messages until their codemonkey engineers fix whatever broke. If your XMPP server goes down tomorrow, the only people affected are the ones using accounts on your server. Everyone with accounts on other servers can go on messaging as normal.
  • Since XMPP servers are so easy to set up, many people run their own servers just for themselves and their buddies. Running public servers is also very easy. As a result, users are pretty evenly spread across different homeservers which increases the strength of the network.
• Old
  • XMPP has been around for 23 years at the time of writing. In this time, many different XMPP clients and servers have been developed. This gives the user a lot of freedom in what platforms they can use — there are XMPP clients for Windows, Linux, iOS, Android, MacOS, *BSD, the web, and even Haiku! — and how they want their client’s interface to look.
  • Old protocols are often insecure because they were developed before digital security became a big concern (see: email). Thanks to the magic of XEPs, strong E2EE has been built into XMPP despite its age.
    • OMEMO provides good multi-device support and strong encryption based on the Signal protocol.
    • Most clients also have an option to encrypt messages with PGP.

Okay, I’m convinced. How do I use it?

To get started with XMPP, you need:

1. an XMPP client, and
2. an account on an XMPP server

Client

An extensive list of clients for different platforms is available on the Shadow Wiki, but if you just want to get started, let me list a couple top picks for each platform:

Linux

• Dino
  • Simple interface, lightweight, good featureset. GTK
• Pidgin
  • Pidgin is a multi-protocol messenger that supports IRC, XMPP, Matrix, and more with plugins. Supports OMEMO with lurch.
• Profanity
  • A TUI Jabber client with an extensive featureset. Supports OMEMO out-of-the-box. Needs some configuration to be usable.

Windows

• Gajim
  • Not my favorite client, but it’s visually similar to Discord which should make the Windows normies happy.

Android

• Conversations
  • A very featureful client that normies would feel comfortable with
• Conversations forks
  • There are a lot of good forks of Conversations that provide extra features and customization, such as blabber.im and monocles chat
• Yaxim
  • I want to recommend Yax.im, but it doesn’t have OMEMO support. You probably shouldn’t use it, but you should look at the website for Bruno, a themed version of Yaxim featuring XMPP’s cutest mascot.

iOS

• Monal
  • I haven’t tested it myself, but it looks normie friendly and consistently developed. I will probably update this when I end up testing it.

Web

• Movim
  • A very normie-friendly web-based XMPP client. It has some weird social network stuff added to it, which I’d just ignore if I were you. I have no idea how they do it but I don’t think it’s part of the XMPP network.

Account

Once you install a client, you need to register an account with an XMPP server. You have two options:

1. Host an XMPP server yourself (Recommended)
2. Register an account on a public XMPP server

Hosting a server yourself

Landchad.net has some great information on setting up a server and hosting various services, like XMPP, Matrix, Searx, Email, Mumble, etc.

• Get a Domain name | LandChad.net
• Get a Server | LandChad.net
• Prosody | LandChad.net

Using a public server

There are a lot of public servers to choose from. You can find extended lists on providers.xmpp.net, list.jabber.at, and the XMPP Compliance Tester’s Server Overview.

My word is not gospel and you should do your own research, but here are some decent ones I know of:

• 404.city
• anonym.im
• magicbroccoli.de
• nixnet.services
• og.im

Public servers will either have a web form to register an account, or will allow in-band registration from within your client.

XMPP sounds awesome. What’s the catch?

There are a few problems with XMPP (operative word being “few”). Allow me to outline the ones that I’m familiar with:

• XMPP is not popular
  • Simply put, XMPP does not have as many users as Discord or Telegram. There aren’t as many groupchats for niche topics on XMPP as there are on Discord. Finding someone on the street who already has an XMPP client set up is pretty rare, and asking every normie you meet to install an XMPP client so you can contact them is a fool’s errand.
    • Proposed solution: If you seek active rooms, you shall find them. They might not be focused on your favorite niche topics in the same way your favorite Discord server is, but that’s okay. Sometimes people have to make sacrifices in the name of freedom.
      Don’t even try getting a normie acquaintance to install and configure an XMPP client so they can contact you. Give them your phone number, and after you get to know them, maybe try asking them if they’d be okay with switching over to another app for better security and more features.
• XMPP can leak your IP address
  • XMPP voice/video calls are p2p, meaning the traffic goes directly between the participants in the call. If the person on the other end is analyzing their network traffic, they can get your IP address.
    • Proposed solution: First, you need to understand that someone getting your IP address isn’t a big deal. The geolocation of your IP address is usually a few cities off, and cannot be used to pinpoint your actual address. You can also find out which ISP someone is using from their IP address, and if you REALLY hate them and have a lot of extra money to rent a botnet, you can DDOS them for a few hours. That’s about it.
      Either route your calls through a VPN/proxy/TOR/I2P, or simply don’t do XMPP calls with people who would DDOS you, or who shouldn’t know what country and state you live in.
  • When you recieve an image from another user on XMPP, you’re downloading that image from the sender’s server. If they have access to the server logs, they could theoretically find your IP address.
    • Proposed solution: Don’t worry about it. If you REALLY have to worry about it, just use a VPN/proxy/TOR/I2P.

Conclusion

Everyone should use XMPP for instant messaging. If you’re a Discord user, ditch that bloated web-based platform and install XMPP. If you’re a boomer and you have it out for LE BIG TECH because they censor and ban with impunity, embrace decentralization/federation instead of fleeing to centralized alt-tech platforms which have the capacity to become just as bad as what you’re running from.

Other decentralized things you should check out:

• Pleroma - microblogging/social media
• Peertube - video sharing network
• Monero - untraceable cryptocurrency