Jump to content

Instant Messaging: Difference between revisions

From Glowiki
← Older edit
Bacalhau (talk | contribs)
33 edits
Bacalhau (talk | contribs)
33 edits
 
(13 intermediate revisions by 2 users not shown)
Line 2: Line 2:


==IM Solutions==
==IM Solutions==
IM can be found in social media apps like Discord, Instagram, Whatsapp, Telegram and many others but its usually thru the use of a protocol. The most common protocol for IM is XMPP, though other options exist like IRC and WebRTC.
IM can be found in social media apps like Discord, Instagram, Whatsapp, Telegram and many others but its usually thru the use of a protocol. The most common protocol for IM is [[XMPP]], though other options exist like IRC and WebRTC.


==Privacy Concerns==
==Privacy Concerns==
On every IM solution there will always be metadata stored on every message, and some might not even have end-to-end encryption, which makes it harder to have a private conversation over the internet.
On every IM solution there will always be data stored on the server about their users and messages, and some might not even have end-to-end encryption, which makes it harder to have a private conversation over the internet. Furthermore, some servers might leak metadata which in some cases can be enough to track an individual.
 
The table bellow compares the privacy concerns of IM solution. Metadata shared, E2EE, if its federated, if its open source (clients and/or servers)


===Software Comparison===
{| class="wikitable"
{| class="wikitable"
! Software !! E2EE !! Federated !! License !! Metadata
! Software !! E2EE !! Federated !! License !! Data Collected !! Metadata
|-
|-
| XMPP || Optional (OMEMO/PGP) || Yes || Depends on server/client || JID of who send and who received the message <br> message content (can be encrypted)<br> timestamp
| XMPP || Optional (OMEMO/PGP) || Yes || Depends on server/client || JID (Jabber ID)<br>messages (can be encrypted)<br>timestamps<br>IP (depends on server)<br>Message history (depends on server config) || JID<br>Client name<br>Presence
|-
|-
| Matrix || Optional || Yes || Depends on server/client || Matrix IDs <br>Email addresses/phone numbers added to a user’s settings <br>Profile name and avatar of users.<br>Message content
| Matrix || Optional (MEGOLM) || Yes || Depends on server/client || Matrix user ID<br>Email (depends on server)<br>IP adress || timestamps<br>IP addresses<br>Presence<br>Everyone present in the room
|-
|-
| Signal || Yes (based on OTR/SCIMP) || No || AGPL-3.0 (spam detection source code not public) || Date of account registration and date of most recent login.
| Signal || Yes (signal protocol) || No || AGPL-3.0 (server), GPL3 (client and protocol) || IP adress<br>Phone Number || timestamp of last connection<br>contacts (hashed)<br>date of registration
|}
|}
==References==
===XMPP===
* https://xmpp.org/extensions/xep-0313.html
* https://xmpp.org/extensions/xep-0446.html
* https://xmpp.org/extensions/xep-0084.html
===Matrix===
* https://wire.com/en/blog/matrix-not-safe-eu-data-privacy
* https://hackea.org/notas/matrix.html
* https://forum.hackliberty.org/t/why-we-abandoned-matrix-the-dark-truth-about-user-security-and-safety/224
* https://gist.github.com/subpub/cbaa02ae2ec56ff19e63ea7126a78b7f
===Signal===
* https://eprint.iacr.org/2016/1013.pdf
===Metadata===
* https://www.tdp.cat/issues16/tdp.a308a18.pdf

Latest revision as of 14:24, 16 July 2025

Instant messaging (IM) is a technology that allows messages to be transmitted instantly. This article will focus on comparing features and privacy concerns between IM solutions.

IM Solutions

IM can be found in social media apps like Discord, Instagram, Whatsapp, Telegram and many others but its usually thru the use of a protocol. The most common protocol for IM is XMPP, though other options exist like IRC and WebRTC.

Privacy Concerns

On every IM solution there will always be data stored on the server about their users and messages, and some might not even have end-to-end encryption, which makes it harder to have a private conversation over the internet. Furthermore, some servers might leak metadata which in some cases can be enough to track an individual.

Software Comparison

Software E2EE Federated License Data Collected Metadata
XMPP Optional (OMEMO/PGP) Yes Depends on server/client JID (Jabber ID)
messages (can be encrypted)
timestamps
IP (depends on server)
Message history (depends on server config)		 JID
Client name
Presence
Matrix Optional (MEGOLM) Yes Depends on server/client Matrix user ID
Email (depends on server)
IP adress		 timestamps
IP addresses
Presence
Everyone present in the room
Signal Yes (signal protocol) No AGPL-3.0 (server), GPL3 (client and protocol) IP adress
Phone Number		 timestamp of last connection
contacts (hashed)
date of registration

References

XMPP

Matrix

Signal

Metadata

Retrieved from "http://wiki.based.pt/index.php?title=Instant_Messaging&oldid=57"