> Most of my contacts made the switch, and I’m now at roughly 95% Signal for day-to-day conversations
Years ago, I set up a Matrix server. I got some people to migrate, but ultimately even my husband stopped using it because the UI and accessibility of all the applications was so poor (and he has very bad eyesight, so this was a dealbreaker)
Looking for another alternative, I ended up with Telegram. It was pretty open, easy to work with, had great UI and even a ton of funny stickers and emojis, so I got nearly all my friends to migrate. I did NOT go for Signal because I do not need end-to-end encryption all the time, and having all the same conversations available on my desktop as well as on my phone was important, and still is. Unfortunately, it's also run by a severe weirdo.
Recently came across FluffyChat (https://fluffy.chat/), which works on matrix and has funny stickers and emojis ;)
WD-42•Feb 16, 2026
I've been using fluffychat for over a year. It's a nice interface and the client I used to convince less technical friends and family to give Matrix a try. Unfortunately major functionality like being able to send images becomes broken for long periods of time https://github.com/krille-chan/fluffychat/issues/2497
fuglede_•Feb 16, 2026
And for desktop apps, Cinny has custom emoji/sticker support. Would be nice if they played better with Element though.
ezst•Feb 16, 2026
Matrix has gotten to a complexity threshold that makes it near-impossible to have independent client/server implementations. Element is terrible, and many contenders are better in a way or another, but all lack some essential feature to turn them into practical alternatives.
Ar-Curunir•Feb 16, 2026
Signal supports desktop clients now, no?
jeroenhd•Feb 16, 2026
Has done for years now, but its desktop support is far inferior to even Matrix chat clients. It works in a pinch but you have to lower your standards quite a lot to use it as a true alternative.
toastal•Feb 16, 2026
How are you framing this? It’s an Electron app so it exists but doesn’t integrate or perform great. Last I recall you still were required to provide a SIM to sign up & you needed an iOS or Android primary device to even use the desktop client. Can you use a standalone, fast desktop application like you can these other protocols? I would say no, so “support” has shades of gray to it.
This is how I got kicked off LINE… they had a Chromium app that I could use tethered to an app, they disabled support for LINE Lite (which had light/dark theme, E2EE, texting, voice/video calls, debatable trackers (Firebase), even stickers & sending a location @ 8MiB instead of 200MiB+ of the “heavy app”), I refused to “upgrade” as it was a downgrade to me, & since I was no longer registered with a “primary” device, I was booted from the network. I don’t think I want these mobile-duopoly-required apps to be my primary means of communication with folks—especially now that my primary phone isn’t Apple or Google (luckily Open Whisper lets WhisperFish exist).
simgoh•Feb 16, 2026
> but doesn’t integrate or perform great.
Curious what you mean by this. I use the Signal Desktop app. It does what it's supposed to - send and receive messages in a timely way with no lag.
What poor performance are you seeing? What doesn't integrate?
DaSHacka•Feb 16, 2026
Not GP but I've also had issues with the Signal Desktop app (installed from the Arch repos).
Its overall a little sluggish in general (like most Electron apps though, in fairness) and occasionally clicking and dragging images onto the application will cause it to freeze and eventually crash.
Plus, the general usability issues present in all variants of the signal client (like no easy way of restoring previous messages on a new device).
It's not terrible or anything, but it's just a solid 6/10 application. I personally wish they were more open to 3rd party clients, so I could have something that integrates with my desktop environment a little better and is snappier, like my Matrix clients.
simgoh•Feb 16, 2026
I'll have to try clicking and dragging images onto the Signal application and see if I notice any difference. I usually actually click the button to add an attachment and then browse to it. I'm also on Win11 but I would hope the experience between OSs wouldn't be too drastically different.
foresto•Feb 16, 2026
I haven't used Signal desktop, but I find Electron apps in general to be very wasteful of system resources. Out of curiosity, I once compared an Electron-based chat app to a C++ alternative, and found that the former used about 25 times the RAM and generated more CPU load.
If GP's system resources are usually dedicated to other tasks, perhaps trying to run an Electron app on top of those led to resource contention, and poor performance. You wouldn't notice this if your hardware is overprovisioned for the things you do with it.
fsflover•Feb 16, 2026
Can I use it without iOS and Android though?
simgoh•Feb 16, 2026
No[1], but that wasn't what I was trying to get clarification on, or disputing for that matter.
The Signal desktop app works fine, but you are right, it is still tied to a mobile account and a phone number. This is the main downside to Signal. I read that the Molly fork will support multiple accounts and a self hostable server. It probably won't be federated, but that is not really a problem when you can use multiple accounts and avoids a lot of headaches that come with federation.
jandrese•Feb 16, 2026
The other downside of the Desktop is that it requires periodic re-verification with the device you used to set it up. Desktop users are definitely second class citizens in the Signal ecosystem.
Insanity•Feb 16, 2026
Telegram is almost on the opposite end of the spectrum of Matrix & Signal so I wouldn’t really consider it an alternative.
pavel_lishin•Feb 16, 2026
How so? I genuinely don't know, despite casually using both.
zadikian•Feb 16, 2026
Opposite end in terms of security. Telegram group chats have no E2EE, private messages aren't E2EE by default (you have to initiate it as a "secret" chat), and the encryption itself is home rolled.
Insanity•Feb 16, 2026
Yup exactly, their home rolled encryption is problematic in and of itself, but the fact that it lacks E2EE means you shouldn’t even trust it in the first place.
It,s quite clear what you never used it. UX wise it's one of the best clients and probably in the top 3 network-wise.
katdork•Feb 16, 2026
It's deeply insecure in most of the ways it is used.
gzread•Feb 16, 2026
But people don't care about security, that is obvious, they only care about UX
Insanity•Feb 16, 2026
I should have been clearer in my initial post, but I was referring to the security issues with telegram rather than the UI.
Klonoar•Feb 16, 2026
Their text explicitly acknowledges and waives away the security concerns for themselves.
next_xibalba•Feb 16, 2026
> Unfortunately, it's also run by a severe weirdo.
Marlinspike, Acton, or someone else? Why does this matter?
andrewflnr•Feb 16, 2026
I think they're talking about Telegram for that part.
fullstop•Feb 16, 2026
Yeah, Durov has some interesting takes on things and often not in a good way.
HumblyTossed•Feb 16, 2026
Over the years there's been a couple of apps that have tried to use email protocols as the backend for chat. I really wish those had gained popularity - there's a lot of overlap with messaging and email.
01HNNWZ0MV43FF•Feb 16, 2026
DeltaChat supposedly does that but I've never tried to interoperate it with email
gzread•Feb 16, 2026
Deltachat moved away from email, to their own protocol called chatmail
mbirth•Feb 16, 2026
Isn’t that still email/SMTP under the hood - just optimised for fast delivery?
ibejoeb•Feb 16, 2026
Isn't that just email then? I mean I guess you could wrap a bubbly UI around it, but you're not getting around the latency and spam. Those seem like dealbreakers to me.
mbirth•Feb 16, 2026
Latency isn’t that much of an issue. There might be greylisting for the initial message, but once the receiving server knows you, it’s pretty usable. And since everything is an email, you can “chat” with people that don’t use DeltaChat and they can reply using their normal email program. If you’re not using encryption, that is.
ibejoeb•Feb 16, 2026
I do like that last part. Still, it would be difficult to have a contemporaneous conversation that way.
ezst•Feb 16, 2026
Same, years ago, I set up a Matrix server, because it was advertised as the-new-XMPP (and I had done XMPP as a user, a long time before, and thought it had been quirky enough to warrant a successor protocol).
What I found with Matrix was the same terrible experience you describe, so I gave old XMPP a new look, and it's been great and continuously improving since. I sleep much better at night having my whole family using XMPP over a self-hosted ejabberd than I can using Matrix to talk with them (and synapse... Forget using synapse federated).
Flere-Imsaho•Feb 16, 2026
Telegram is very much more about IRC / Discord public chat rooms, rather than private group chats.
h4kunamata•Feb 16, 2026
Telegram is the only service I join that as soon I did it so, I received SPAM, added to random groups and you name it.
It has to be the worst service out there, better stick with WhatsApp over Telegram period.
iamcalledrob•Feb 16, 2026
Hosting chat infrastructure is surprisingly hard, but the real challenges emerge beyond C10K+ scale.
So self-hosting federated instances like this is pretty interesting way to scale.
morning-coffee•Feb 16, 2026
If the premise contributing to the conclusion to run their own chat service is:
> But Signal is still one company running one service. If they shut down tomorrow or change direction, I’m back to square one.
Aren't they in the same boat now with Cloudflare and Let's Encrypt?
frizlab•Feb 16, 2026
Yes, probably but they are “easily” replaced. More easily than Signal in any case.
Also if we go down this road, we’re all depending on our internet access provider at the very least too! At some point we gotta know when to stop trying to be fully independent from the rest of the world. He chose there.
yosamino•Feb 16, 2026
Not really. If their own their domain, then it's possible to swap out CF and LE for different companies.
That would certainly be a very annoying event, but not an unrecoverable one.
elric•Feb 16, 2026
There are obviously other CDNs (or whatever Cloudflare considers itself to be these days) and other certificate authorities. They are all interchangeable thanks to open protocols (HTTP, TLS/ACME in this case). Contrasted to Signal: there are no other implementations.
ezst•Feb 16, 2026
Re: Signal, it's even worse: they are openly opposed to federation and to letting alternative clients use their server. They demand control and obedience, which has always been suspicious-enough to defeat any goodwill effort on their side. Why would I have/want to trust them when XMPP is a viable federated alternative?
seba_dos1•Feb 16, 2026
I've been hosting a ejabberd instance for a few people for almost a decade now. It just works, takes close to no resources and needs almost no maintenance - just some trivial config checkups when migrating to newer major releases.
Around the same time I tried hosting a Matrix server with Synapse, but quickly stopped. It consumed a lot of resources when doing almost nothing, and it stopped running after an upgrade with some non-obvious error message, so instead of reanimating it I just abandoned it and moved to matrix.org with my personal account.
petre•Feb 16, 2026
Ejabberd is a bit overkill for a few people though. Prosody could be easily set up in 15 minutes or less. Also the config doesn't break when migrating to new releases.
ezst•Feb 16, 2026
For me too, ejabberd is the admin-friendlier/lower-effort one. Being more "monolithic", your calls will work straight out of the box because it ships a turn server properly configured out of the box, manage certificates over ACME for you, etc. Prosody isn't bad but has a reputation of needing attention to be paid to which incompatible modules not to enable together and overall more protocol knowledge. Both will run on a first gen RPi effortlessly.
maltris•Feb 16, 2026
I ran ejabberd, later prosody for a while. Eventually I stopped because the contacts went away and it was just not easy enough to set up for ordinary people.
Sad because the idea of running a federated chat service for your family and them having all their contacts there, is great from a data ownership point of view.
Went back to use a mix of WhatsApp, Telegram, Signal and Messenger because apparently there is always some people not wanting to use one or the other service, or only using one of them.
nicoco•Feb 16, 2026
Revive your prosody and set up https://slidge.im/ for Telegram, WhatsApp and Signal. It's not a proper solution I know, but at least you'll keep on using XMPP clients and they'll get better because they will have one more user at least. ;)
slmkbh•Feb 16, 2026
Google Talk and Facebook Messenger both used to be XMPP, and I used Pidgin for both, wonderful times...
frizlab•Feb 16, 2026
I used to use iChat AV, which was amazing (I still miss it).
singpolyma3•Feb 16, 2026
Facebook had an XMPP compatible bridge for a subset of their chat functions for awhile, but never "was XMPP".
WhatsApp OTOH still is a fork of XMPP.
WD-42•Feb 16, 2026
I’ve been running a matrix server for about 2 years for family. It’s… ok. Clients are bad. Right now nobody on iOS can send images because there is a bug in fluffychat preventing it. Kinda defeats the purpose of a chat for sharing baby pictures. Synapse is a beast. It’s basically taken over my entire VPS.
Joining rooms of various FOSS projects has been nice, but honestly I wish they’d all just stick to libera.chat
This article makes me wonder why we collectively ditched xmpp for matrix when it seems like the protocol is still miles ahead?
jamiemallers•Feb 16, 2026
The XMPP vs Matrix question is really about where the complexity lives.
XMPP puts complexity in extensions (XEPs). The core protocol is simple but you need to cherry-pick which XEPs your server and clients support, leading to fragmentation. Two XMPP clients might support completely different feature sets.
Matrix puts complexity in the protocol itself - the DAG-based event graph for federation is elegant but expensive. Synapse eating your VPS is the direct consequence of that design choice. Every room maintains a full causal history, which is great for consistency guarantees but terrible for resource usage.
The ejabberd comment in this thread is telling - "just works, takes close to no resources, needs almost no maintenance" for almost a decade. That's the XMPP experience when you accept the tradeoffs.
I think we ditched XMPP not because Matrix was technically better, but because Matrix arrived with a better story at the right time: a single reference client (Element) that actually worked, a clear spec (not 400+ optional XEPs), and federation that felt more like email than like "hope your server supports the same extensions."
The irony is that both protocols now face the same existential problem: your contacts won't switch. The network effects of WhatsApp/Signal/iMessage are the real enemy, not protocol design.
singpolyma3•Feb 16, 2026
> Two XMPP clients might support completely different feature sets.
This is of course true of Matrix as well. Just because you document everything in one place doesn't mean every app will support it all. Or that every app will even want to support it all. If every app were exactly the same there would be no point in having multiple apps, after all.
> The network effects of WhatsApp/Signal/iMessage are the real enemy, not protocol design.
Absolutely.
zadikian•Feb 16, 2026
Don't know if it's still this way, but I had the exact same experience with the XEPs a decade ago. Even message history is an extension, but at least it has broad support. File transfer was much harder to get right.
The servers (ejabberd included) also all defaulted to a simpler but less secure config, so I would've appreciated a writeup like this post back then.
dannersy•Feb 16, 2026
I am genuinely interested in hearing why we collectively ditched XMPP. I would love to hear someone who has been in the weeds on the development or even just following closely.
Edit: Seems someone beat me to it with a good reply.
singpolyma3•Feb 16, 2026
> I am genuinely interested in hearing why we collectively ditched XMPP
We didn't. It was never very popular, and is today more popular that it has ever been.
WD-42•Feb 16, 2026
It wasn’t popular? I remember using pidgin to talk to friends on google chat, facebook and my work contacts. It was glorious.
I haven’t had a reason to use an xmpp client in over a decade.
Likely you do or have without knowing it. The protocol is used in telecom quite a bit for all sorts of things. Jitsi is built on XMPP. Lots of games use it for chat - league of legends and unreal engine I believe. Xmpp shows up in all sorts of places if you look.
zadikian•Feb 16, 2026
Depends if you mean just the technology or using it in the small federated spirit. Google Talk and Facebook Messenger were XMPP all the way through and worked with vanilla XMPP clients. Slack wasn't XMPP but supported it via a gateway until it was dropped.
Not sure how popular the small federation was back then, but I know Mac OS X Server touted an XMPP server and that was a first-class feature of iChat.
philsnow•Feb 16, 2026
> Google Talk and Facebook Messenger were XMPP all the way through and worked with vanilla XMPP clients
I remember this, it was great to connect to absolutely every chat platform with bitlbee and pretend that all my chats were just DMs on some irc server somewhere
XMPP had rather bad name. Well-known design issues causing message losses, fractioned ecosystem due to varying implementation of extensions, unsuitability for mobile clients, absence of synchronization between clients, absence of end-to-end encryption. Most of these issues were (much) later fixed by extensions, but Matrix (or Signal for those who do not require federated one) was already there, offering E2EE by default.
Even today, E2EE in XMPP is rather inconvenient compared to Matrix due to absence of chain-of-trust in key management.
foresto•Feb 16, 2026
Google Talk support for XMPP: 2005-2013
Facebook Messenger support for XMPP: 2010-2015
Jabber.org support for new accounts: 1999-2013
First-class integration with two of the world's largest social networks put XMPP in practically everyone's hands for a time, but when all the major hosts left, network discoverability and typical account longevity dropped drastically. The landscape is bleak today.
And since then, our collective needs and expectations of a chat platform have expanded. XEPs have been developed to bolt much of that functionality onto the base protocol, but that has led to a fragmentation problem on top of the bleak server landscape.
This unfortunate situation might be navigable by a typical HN user, and perhaps we could guide a few friends and family members and promise to keep a server running for them, but I think the chances of most people succeeding with it are pretty slim today.
seba_dos1•Feb 16, 2026
Facebook never had "first-class integration". It was just a client bridge - you could login into Facebook Chat using your XMPP client, but it was a completely separate network, unlike Google Talk which was an actual federating XMPP server.
foresto•Feb 16, 2026
Fair enough. (Although all the XMPP clients that I used supported multiple accounts, so it made little difference from where I was standing.)
In any case, it contributed significantly to XMPP's reach and utility, and it's gone now.
foresto•Feb 16, 2026
(And my point regarding support on Google/Facebook was that their users could chat with me over XMPP without having to leave their familiar sites, sign up for anything new, or do anything else special. That put it in easy reach of the masses.)
Flere-Imsaho•Feb 16, 2026
We didn't. Big tech did, as XMPP broke down barriers so they lost their moats.
I.e. it worked too well.
kuon•Feb 16, 2026
Give me linux-> mobile voice call and linux-> Linux screen share and I would be happy.
Also plugin for gif selector.
But other than that, my ejabberd instance has been running for years with no effort.
yosamino•Feb 16, 2026
> linux-> mobile voice
I've been using Dino on Linux to talk to Conversations/Monal with video and it's been working pretty well.
Do you have a different experience ?
kuon•Feb 16, 2026
I was never able to connect to mobile client from dino. mobile->mobile works fine. I saw a new dino fork that might changes that.
nicoco•Feb 16, 2026
Web client, but I think movim has GIF picker and screensharing features. It even does multiparty video calls, compatible with dino. Since it's P2P, it does not scale well to a lot of users, but the developer is working on SFU support for larger video calls.
I've run an XMPP server in various states of professionalism for around 20 years now. From mom's basement all the way to a colocated server with a similar setup that's described in the post.
The only caveat I have not been able to solve is hosting an xmpp server for a different domain, like it's possible with email.
A client connecting the account joe.doe@example.ORG will find the server it wants to connect to via SRV to be , e.g., xmpp14.example.COM and expect a TLS certificate for "example.ORG" which that server does not have (nor can/should easily get) - which makes sense in a lot of ways, but limits the ways one can offer hosting services.
If anyone has creative solutions I'm all ears.
singpolyma3•Feb 16, 2026
You need a certificate for the domain you are going to serve of course. You can get one with ACME DNS challenges pretty easily (I have my clients set up a CNAME for the _acme-challenge subdomain of their domain).
yosamino•Feb 16, 2026
I worded that poorly.
Yes, that is of course correct. But that means that your clients have to trust you without technical safeguards, that you will not use this to get for certificates for purposes other than XMPP.
Which, in my mind, is a problem if the domain is not used just for XMPP, but lets say for a website as well.
Joe_Cool•Feb 16, 2026
You should be able to do that via DNS SRV entries.
_xmpp-client._tcp.domain.tld. TTL IN SRV priority weight port target
_xmpps-client._tcp.domain.tld. TTL IN SRV priority weight port target
example:
_xmpp-client._tcp.not-my-domain.com. 3599 IN SRV 5 0 5222 jabber.my-domain.com.
You could also build a reverse proxy setup. Then you wouldn't need the keys to the SSL certs. But that is probably overkill to run at your client: https://wiki.xmpp.org/web/Tech_pages/XEP-0368
I don't think I have seen a client complain about the cert being for jabber.my-domain.com
Which one is giving trouble there?
> The receiving entity SHOULD choose which certificate to present
> based on the domainpart contained in the 'to' attribute of the
> initial stream header (in essence, this domainpart is
> functionally equivalent to the Server Name Indication defined for
> TLS in [TLS-EXT]).
and 13.7.2 says
> Once the identity of the stream peer has been validated, the
> validating entity SHOULD also correlate the validated identity with
> the 'from' address (if any) of the stream header it received from the
> peer. If the two identities do not match, the validating entity
> SHOULD terminate the connection attempt (however, there might be good
> reasons why the identities do not match, as described under
> Section 4.7.1).
You can manually set a server in most clients, and I don't know how that is generally implemented. I guess that should work then.
But if you serve a certificate for jabber.example.com for a user trying to connect to an account user@example.com using SRV records then that mismatch will give you at least a certificate warning popup. And for good reason too: How would a user verify that a certificate
Correct, but that means you cannot share that domain securely with, let's say, a website. No ?
nicoco•Feb 16, 2026
TBH I am not well-versed into DNS and certificates and security, but I guess you have to trust your provider with a certificate for `example.com` if you allow them to manage JIDs of the form `anything@example.com`, indeed. Again, I am not very knowledgeable about the subject, so take this with a grain of salt.
fluoridation•Feb 16, 2026
I've always just used self-signed certificates. On first connect, the client will ask the user to trust your CA. There's no real difference in terms of security.
MYEUHD•Feb 16, 2026
Snikket ( https://snikket.org/ ) is an easier way to self-host an XMPP server. It's a pre-configured Prosody server in a docker image, and you can use it with any XMPP client you like.
> I still use Signal for most day-to-day conversations and I’m not planning to stop.
This will allow you to use your Signal account from your XMPP client.
Bridging audio / video calls isn't currently possible. But most other feature work across the gateway.
digiown•Feb 16, 2026
Obvious note but if you run this on anything other than your own computer it nullifies E2EE.
Bender•Feb 16, 2026
adding some example context [1] archive.ph for those that cant reach .ru sites, original URL at the top
I once looked into that and it just confuses me, it’s XMPP but requires an invite? And the snikket client only works with snikket servers, yet it’s actually all based on prosody and conversations? Everything about the project has alarms going off for me.
Trollmann•Feb 16, 2026
Invite only isn't that unusual for personal/friend&family servers. The author also set that in their prosody config.
The snikket client works with many different XMPP servers, why wouldn't it? As you mentioned it's based on Conversations and for iOS on Siskin.
MYEUHD•Feb 16, 2026
You're supposed to self-host it (or rent a hosted instance). But rather than having open registration (or creating accounts beforehand and sending the credentials), you generate invites and send them to your contacts. The invites onboard the users to install the app.
The Snikket client works with any XMPP server, and the Snikket server works with any XMPP client.
The Snikket clients are soft forks of existing clients. The reason of their existence is having consistent branding.
In fact, I recommend using Monal as an iOS client instead of the Snikket iOS one.
Note: you can set up invites on any regular Prosody / ejabberd server.
I'm the founder of both the Prosody and Snikket projects. Sorry about triggering alarms :) I can try to explain...
Prosody is a popular choice of XMPP server software. It's used for all kinds of stuff, from self-hosted chat servers to powering Jitsi Meet, to Internet-of-Things applications.
Prosody is extremely flexible, and has a bunch of configuration options that allow you to adapt it and extend it however you want. For some people, this is ideal. Those people should continue using Prosody.
Snikket has a different scope. It is specifically an answer to a question like "How can I easily make a self-hosted WhatsApp/Signal for my family/friends using open-source software?"
- Snikket contains Prosody, for the core chat part. But it's Prosody with a very specific configuration, and the configuration is part of the project, it's not intended to be modified by the person deploying Snikket. They only need to provide the domain name.
- Snikket also includes additional components that a modern chat service needs. For example, it includes a STUN/TURN server to ensure that audio/video calls work reliably (again, preconfigured).
- Snikket provides its own apps, which are tested and developed in sync with each other and with the server. This avoids the common problem of incompatibilities that occur when you have an open ecosystem such as XMPP, where different open-source project developers may develop features at different paces, leaving users to figure out which ones support which feature. It also solves the discoverability and decision fatigue for users (searching "Snikket" on an app store will get you an app that you know is compatible with your Snikket server, you don't have to go through a list of XMPP clients and figure out which one is suitable).
- Snikket servers are not designed to be open public servers (these are an administrative nightmare). Instead, your server is closed and private by default. As the admin, you choose who signs up to your server by sending invitation links. The invitations also serve to simplify the account setup process - no need to prompt users to "choose a server", etc. They just need to provide a username.
Projects such as Conversations differ by running a single public server (conversations.im) and guiding people to sign up on that server, or choose one of a long list of free public XMPP providers. In some cases that's all what you want. But onboarding a group of people that way is not fun (for example, they all have to share their addresses with the group add each other to their contact lists one-by-one - Snikket makes discovery of contacts within the same server automatic).
Beyond these things, Snikket is all open-source and XMPP. But there is a focus on making a good polished and secure "product", if you like, rather than supporting the entire diverse XMPP ecosystem which includes a range of software of varying quality (weekend projects and more recently, 100% vibe-coded clients). For example, Snikket servers require certain security and authentication features which some older codebases that have fallen far behind modern XMPP standards (think Pidgin, etc.) simply don't support today.
> it’s actually all based on prosody and conversations?
As mentioned, I develop Prosody. I also collaborate with the Conversations developer and other XMPP projects. There's nothing shady here. The goal is just to make a best-in-class XMPP project that solves one particular use case (and it was primarily my own use case to begin with of course - I wanted to move my family off WhatsApp).
andrewflnr•Feb 16, 2026
This project is exactly what I hoped existed. Thanks!
Semaphor•Feb 16, 2026
Ohh, wow. First off, thanks for prosody, been using it for several years, ever since I switched from my early 2000s jabber.org account to selfhosted.
And yeah, I get what you are saying, I'm using it the same way you envision snikket, just for my wife and I. Considering how much time I spent on the initial setup, I can very much see wanting a preconfigured version.
I guess the site was just too "non technical" and went over my head when I tried to grok it (before, a while ago, and now before writing the comment), the lack of a download option for the client on the snikket site combined with repeatably talking about invites just rubbed me wrong.
As I have already setup my server, and have gajim/conversations (which afaik are the best modern Windows/Android clients, for Windows probably even the only one storing modern xmpp) for desktop/mobile, I have no need for snikket, but my view now went from negative to very positive ;)
MattJ100•Feb 16, 2026
You're welcome!
I'm still experimenting with the messaging on the Snikket website. However my general approach with the site was to pitch Snikket to people who don't know what XMPP is, which is, frankly, the majority of people. Instead, I wanted to focus on explaining features it enables rather than protocol details. But I'm aware it has caused a lot of head-scratching among people who already know Snikket uses XMPP :)
I see Snikket as kind of a gateway into the XMPP ecosystem for people who are unfamiliar with it. After all, if you're already familiar with XMPP then the chances are you'll probably be happier with Prosody or ejabberd, and you'll already have opinions about which clients you want to use (e.g. the upstreams of Snikket).
philsnow•Feb 16, 2026
This is a great explanation; Prosody/ejabberd seem to kind of be "everything to everybody" but because they are so general it's hard to know if they're a good fit for any one particular purpose.
Snikket seems to just be a focus or lens on Prosody that answers that question for the mission statement you gave.
rw_grim•Feb 16, 2026
I am the current lead developer of Pidgin, and would like to reinforce the level of collaboration in the XMPP world. Even with Pidgin being very far behind in XMPP (and everything else) everyone has been very helpful as we're trying to catch back up and answering questions about the prosody instance we run ourselves.
remix2000•Feb 16, 2026
ejabberd is so much easier to set up than prosody, especially containerized. I would highly recommend checking multiple servers out before settling on one tbh.
digiown•Feb 16, 2026
Buried here is the fact that Gajim seems to have had big updates lately. I might just switch back to XMPP from Matrix, as all the matrix clients on Linux suck frankly. Conversations on Android is significantly better than any Matrix client I've used.
WD-42•Feb 16, 2026
Have you used Fractal? It's not perfect, but it's a Linux client that works better than any other client I've used on mobile.
drnick1•Feb 16, 2026
Agreed, I use fractal and a self-hosted server and it works great.
elminjo•Feb 16, 2026
I don’t know. The only good solution would be if all messaging apps used the same protocol so everyone could be reached.
But right now it is a mess. We can’t even message each other easily.
It’s ridiculous. But what am I talking about? We can’t even agree on the same measurement units.
yosamino•Feb 16, 2026
> The only good solution would be if all messaging apps used the same protocol so everyone could be reached.
That's exactly what XMPP was created to solve, an open standard that could be implemented by anyone. For a while it even looked like there was a chance for that to work out. Whatsapp, Google Talk, Cisco Jabber, and some others used to be based on XMPP.
Unfortunately it didn't quite pan out that way.
toastal•Feb 16, 2026
XMPP has been great to run on NixOS… the servers uses so few resources compared to something extremely heavy like Matrix. The Movim client has been wonderful too allowing users to have calls/sharing from chatrooms (MUCs)—supporting a pretty new XEP in the XMPP space—which means there’s no good reason to be on Discord anymore if you care about the freedom/privacy of yourself & your communities.
jszymborski•Feb 16, 2026
> OMEMO is built on the same encryption that Signal uses, so I’m comfortable trusting it.
I'm not saying that you shouldn't trust OMEMO (we all have our own threat models), but OMEMO and Signal have fewer similarities that people often assume and has some important caveats [0].
Oh I can't get enough those blog posts written in such confident language that it's easy to filter them out instead of having to realize midway reading how wrong every bold claim they put forward is… :þ
MattJ100•Feb 16, 2026
Be aware that this post has known issues that the author is not interested in fixing. In their own words (in response to clarifications by one of the OMEMO folk):
"I'll make an edit later about the protocol version thing, but I'm not interested in having questions answered. My entire horse in this race is for evangelists to f** off and leave me alone. That's it. That's all I want." [censorship of profanity mine]
You won't find this quote in the article with Ctrl+F, it's in the screenshot, where they omitted the original constructive comment by one of the OMEMO contributors that they chose to moderate, which you can find here: https://www.moparisthebest.com/tim-henkes-omemo-response.txt
So, by all means, read the blog post. But just be aware that its ultimate goal was not to be an unbiased accurate technical article.
jszymborski•Feb 16, 2026
The post is an opinion piece and not a technical article for sure, but I'm not sure the takeaway from that quote is that the article is inaccurate, but rather they aren't really looking to start a conversation but rather state their opinions. It seems they've made multiple edits where they believe there are inaccuracies.
FWIW, I personally think Henke is correct to state that creating "...a product based on XMPP+OMEMO that, exactly like Signal, can only communicate with other Signal users and always has encryption on." would largely address most of the critiques (or at least the ones that bother me most), but that Soatok is also correct in concluding that the XMPP ecosystem and the way OMEMO is used in clients today does not meet their definition of "Signal competitor"[0], which I think is still a useful way to frame things.
I went all in on xmpp to replace my traditional cell communications (text and calls) about a year ago, using Snikket on a VPS for the server, jmp.chat for an phone->xmpp gateway service, and a data-only esim for connectivity.
From my experience the biggest pain point gets the least amount of discussion in this post and that is the client landscape. I'm on iOS so I tried Monal and Siskin IM as my primary mobile clients and Movim/Dino as my desktop clients.
While I truly appreciate the effort the maintainers put into these tools I have to admit that the UX for Moanl and Siskin IM leave a lot to be desired and if you're used to something like Whatsapp or Signal it will prove a significant barrier to convincing friends and family to adopt your new platform.
I frequently encountered UI bugs and missing features using the iOS clients and for the life of me could never get notifications working reliably on mobile (a constant bug bear for users in the Siskin and Snikket user base).
For calls and texts on mobile, I don't think I ever managed to get a reliable notification unless the application was open on the screen on iOS. This meant that I frequently missed important calls or texts when out and about. On the desktop, Dino did manage to at least always alert me when a call or a text came through, but answering the calls on was always hit or miss on my laptop for reasons that allude me.
Interestingly the most full featured and reliable client turned out to be movim, which has the caveat of being a full featured formum/social network with an xmpp client embedded. On movim I would reliably get notifications for calls and texts and could "answer" calls in any browser connected to a microphone easily.
Another thing to note if you're looking to replace your phone service is that 3G/LTE radio is very tolerant to maintaining a reliable connection on the move, jumping between cell towers. The same cannot be said for an XMPP based call, and you will encounter significant latency and drop outs trying to hold a conversation driving or on transit.
I eventually gave up on the venture after missing a few too many important notifications, but if I was to go defiantly go all in again I think I would focus on self hosting a movim instance as my base "client", as it was the most reliable and easy to use of all the ones I tried. For mobile, I did hear good things about Conversations on Android but never got around to trying that one.
MattJ100•Feb 16, 2026
Yeah, iOS is definitely a weaker spot and we're aware of it. Monal is currently working on an overhaul of their UI (they have a grant allocated for it: https://nlnet.nl/project/Monal-IM-UI/ ).
There is also a new app in the works between Cheogram and Snikket. There is a beta available, but it's still young (and we won't apply any Snikket branding until E2EE is complete).
Thanks for sharing your experience!
kkfx•Feb 16, 2026
I've very recently try on my NixOS homeserver both Matrix and XMPP, with the target of having family/few friends own video-calls with chats aside mostly meant as shared scrap of text more than real chats to waste time on them. Something like "remember the milk" than else.
The experience was unpleasant in both cases; in the end, I have a working setup for both, relatively working at least, but what's really missing is a single application, something you can 'go install', 'pip install', or 'cargo build', also easy for distro packagers, that features:
- a text-based configuration
- an admin WebUI (for eventual storage cleanup, moderation etc)
- a client WebUI for users
including:
- text chat with optional file uploads
- audio/video chat
- other bits on the side like long-form notes Nostr-style for a blog with comments under articles etc (yes, it's connected, it's just plain textual communication).
The core of it is just a simple snippet of text, we can transmit to some privately, or to anyone openly, and in that sense, Nostr has got it spot on: you can do chats, emails, blog posts, because everything is just a bit of text rendered with any attached media. Unfortunately, as it stands, Nostr feels like an ecosystem that lacks a clear direction; XMPP seems to be largely abandoned, with enough complexity to put most people off; Matrix looks to be heading towards a commercial future riddled with issues that keep most people away, and in the end, we don't have much. Hosting BBB or Jitsi is even worse. Hosting Asterisk or Yate to use with softphones or classic VoIP desk phones is also problematic.
There's a lot going on under the bonnet now, but why an app hasn't emerged yet that brings together features we've more or less had for decades is a bit of a mystery to me. It almost feels intentional, as if it's designed to deny free communication to the masses by making life difficult on purpose.
Western0•Feb 16, 2026
And still You have centalize system
why not tox
grabshot_dev•Feb 16, 2026
Great writeup. I went through a very similar journey. Signal as the "good enough" default, then gradually wanting to own the whole stack. The bit about smacks and cloud_notify being essential for mobile is spot on, that was the part I always underestimated in past XMPP attempts. Without those two modules the experience is terrible on phones and it's no wonder people bounced off it.
One thing I'd add: if you're already running Caddy as your reverse proxy, you can use its on_demand TLS to handle certificates for the upload and conference subdomains automatically instead of managing them through certbot separately. Saves a moving part.
Curious how federation has been in practice. Are you actually messaging people on other servers, or is it mostly just you and contacts you've created accounts for?
b8•Feb 16, 2026
I grew up using XMPP (I'm 25), but today I use Briar and Signal. I use text and calls for my family, because no one else but me uses Signal so it's unfair for them to use one app to talk to me and no one else.
clarabennett26•Feb 16, 2026
The Cloudflare DNS challenge for certs is a nice touch — avoids exposing port 80 entirely. I set up Prosody a while back and the TURN/STUN config for voice calls was the part that tripped me up the most. coturn can be finicky with Docker networking if you're not careful about host mode vs bridged.
bovermyer•Feb 16, 2026
So, I have an XMPP account, but no one to talk to. How do you find people who use it?
I recommend that you also support implicit TLS for both client-to-server and server-to-server connections, instead of just STARTTLS. That'd be the "c2s_direct_tls_ports" and "s2s_direct_tls_ports" directives, on port 5223 and 5270 respectively. These should go into your SRV records, too. Also consider enabling SASL2.
pwndByDeath•Feb 16, 2026
For me the issue with the discord/signal/ telegram is they are all dependent on a 3rd party that could flip or disappear at any moment, to say nothing of the trust me bro privacy.
On the other hand, email is an example of a communication system that would persist if the major supporters dropped out,but then self hosting email is a nightmare.
Xmpp is better, but you still need DNS and TLS cents to participate.
There are some interesting reimagined network options that seem like they could break this. My current favorite being RNS and LXMF
bmenrigh•Feb 16, 2026
I ran my own XMPP server for about 15 years. Then 10(?) years ago Google's GChat migrated away from XMPP. I never had another XMPP conversation with anyone from that point on. I finally turned the XMMP daemon off off about 2 years ago to reduce my attack surface.
bmenrigh•Feb 16, 2026
I should add that I have a group of friends that only chat on "C", for C in:
* SMS
* Apple iMessage
* Email
* IRC
* Facebook Messenger
* Telegram
* Slack
* Webex Teams
* Discord
* Twitter (DMs)
* Signal
* Whatsapp
* A particular PHPBB web forum
Instead of being on top of all of these, I mostly neglect all of them, and then friends complain that they haven't been able to get a hold of me for 6 months.
XMPP was my own "solution" to this problem, which nobody else used.
24 Comments
Years ago, I set up a Matrix server. I got some people to migrate, but ultimately even my husband stopped using it because the UI and accessibility of all the applications was so poor (and he has very bad eyesight, so this was a dealbreaker)
Looking for another alternative, I ended up with Telegram. It was pretty open, easy to work with, had great UI and even a ton of funny stickers and emojis, so I got nearly all my friends to migrate. I did NOT go for Signal because I do not need end-to-end encryption all the time, and having all the same conversations available on my desktop as well as on my phone was important, and still is. Unfortunately, it's also run by a severe weirdo.
So yeah, I'm not really sure what to use now.
This is how I got kicked off LINE… they had a Chromium app that I could use tethered to an app, they disabled support for LINE Lite (which had light/dark theme, E2EE, texting, voice/video calls, debatable trackers (Firebase), even stickers & sending a location @ 8MiB instead of 200MiB+ of the “heavy app”), I refused to “upgrade” as it was a downgrade to me, & since I was no longer registered with a “primary” device, I was booted from the network. I don’t think I want these mobile-duopoly-required apps to be my primary means of communication with folks—especially now that my primary phone isn’t Apple or Google (luckily Open Whisper lets WhisperFish exist).
Curious what you mean by this. I use the Signal Desktop app. It does what it's supposed to - send and receive messages in a timely way with no lag.
What poor performance are you seeing? What doesn't integrate?
Its overall a little sluggish in general (like most Electron apps though, in fairness) and occasionally clicking and dragging images onto the application will cause it to freeze and eventually crash.
Plus, the general usability issues present in all variants of the signal client (like no easy way of restoring previous messages on a new device).
It's not terrible or anything, but it's just a solid 6/10 application. I personally wish they were more open to 3rd party clients, so I could have something that integrates with my desktop environment a little better and is snappier, like my Matrix clients.
If GP's system resources are usually dedicated to other tasks, perhaps trying to run an Electron app on top of those led to resource contention, and poor performance. You wouldn't notice this if your hardware is overprovisioned for the things you do with it.
1 - https://support.signal.org/hc/en-us/articles/360008216551-In...
Marlinspike, Acton, or someone else? Why does this matter?
What I found with Matrix was the same terrible experience you describe, so I gave old XMPP a new look, and it's been great and continuously improving since. I sleep much better at night having my whole family using XMPP over a self-hosted ejabberd than I can using Matrix to talk with them (and synapse... Forget using synapse federated).
It has to be the worst service out there, better stick with WhatsApp over Telegram period.
So self-hosting federated instances like this is pretty interesting way to scale.
> But Signal is still one company running one service. If they shut down tomorrow or change direction, I’m back to square one.
Aren't they in the same boat now with Cloudflare and Let's Encrypt?
Also if we go down this road, we’re all depending on our internet access provider at the very least too! At some point we gotta know when to stop trying to be fully independent from the rest of the world. He chose there.
That would certainly be a very annoying event, but not an unrecoverable one.
Around the same time I tried hosting a Matrix server with Synapse, but quickly stopped. It consumed a lot of resources when doing almost nothing, and it stopped running after an upgrade with some non-obvious error message, so instead of reanimating it I just abandoned it and moved to matrix.org with my personal account.
Sad because the idea of running a federated chat service for your family and them having all their contacts there, is great from a data ownership point of view.
Went back to use a mix of WhatsApp, Telegram, Signal and Messenger because apparently there is always some people not wanting to use one or the other service, or only using one of them.
WhatsApp OTOH still is a fork of XMPP.
Joining rooms of various FOSS projects has been nice, but honestly I wish they’d all just stick to libera.chat
This article makes me wonder why we collectively ditched xmpp for matrix when it seems like the protocol is still miles ahead?
XMPP puts complexity in extensions (XEPs). The core protocol is simple but you need to cherry-pick which XEPs your server and clients support, leading to fragmentation. Two XMPP clients might support completely different feature sets.
Matrix puts complexity in the protocol itself - the DAG-based event graph for federation is elegant but expensive. Synapse eating your VPS is the direct consequence of that design choice. Every room maintains a full causal history, which is great for consistency guarantees but terrible for resource usage.
The ejabberd comment in this thread is telling - "just works, takes close to no resources, needs almost no maintenance" for almost a decade. That's the XMPP experience when you accept the tradeoffs.
I think we ditched XMPP not because Matrix was technically better, but because Matrix arrived with a better story at the right time: a single reference client (Element) that actually worked, a clear spec (not 400+ optional XEPs), and federation that felt more like email than like "hope your server supports the same extensions."
The irony is that both protocols now face the same existential problem: your contacts won't switch. The network effects of WhatsApp/Signal/iMessage are the real enemy, not protocol design.
This is of course true of Matrix as well. Just because you document everything in one place doesn't mean every app will support it all. Or that every app will even want to support it all. If every app were exactly the same there would be no point in having multiple apps, after all.
> The network effects of WhatsApp/Signal/iMessage are the real enemy, not protocol design.
Absolutely.
The servers (ejabberd included) also all defaulted to a simpler but less secure config, so I would've appreciated a writeup like this post back then.
Edit: Seems someone beat me to it with a good reply.
We didn't. It was never very popular, and is today more popular that it has ever been.
I haven’t had a reason to use an xmpp client in over a decade.
Not sure how popular the small federation was back then, but I know Mac OS X Server touted an XMPP server and that was a first-class feature of iChat.
I remember this, it was great to connect to absolutely every chat platform with bitlbee and pretend that all my chats were just DMs on some irc server somewhere
Even today, E2EE in XMPP is rather inconvenient compared to Matrix due to absence of chain-of-trust in key management.
Facebook Messenger support for XMPP: 2010-2015
Jabber.org support for new accounts: 1999-2013
First-class integration with two of the world's largest social networks put XMPP in practically everyone's hands for a time, but when all the major hosts left, network discoverability and typical account longevity dropped drastically. The landscape is bleak today.
And since then, our collective needs and expectations of a chat platform have expanded. XEPs have been developed to bolt much of that functionality onto the base protocol, but that has led to a fragmentation problem on top of the bleak server landscape.
This unfortunate situation might be navigable by a typical HN user, and perhaps we could guide a few friends and family members and promise to keep a server running for them, but I think the chances of most people succeeding with it are pretty slim today.
In any case, it contributed significantly to XMPP's reach and utility, and it's gone now.
I.e. it worked too well.
Also plugin for gif selector.
But other than that, my ejabberd instance has been running for years with no effort.
I've been using Dino on Linux to talk to Conversations/Monal with video and it's been working pretty well. Do you have a different experience ?
The only caveat I have not been able to solve is hosting an xmpp server for a different domain, like it's possible with email.
A client connecting the account joe.doe@example.ORG will find the server it wants to connect to via SRV to be , e.g., xmpp14.example.COM and expect a TLS certificate for "example.ORG" which that server does not have (nor can/should easily get) - which makes sense in a lot of ways, but limits the ways one can offer hosting services.
If anyone has creative solutions I'm all ears.
Yes, that is of course correct. But that means that your clients have to trust you without technical safeguards, that you will not use this to get for certificates for purposes other than XMPP.
Which, in my mind, is a problem if the domain is not used just for XMPP, but lets say for a website as well.
I don't think I have seen a client complain about the cert being for jabber.my-domain.com Which one is giving trouble there?
source: https://datatracker.ietf.org/doc/html/rfc6120
https://wiki.xmpp.org/web/SRV_Records
Probably all of them.
Section 5.4.3.1
and 13.7.2 says You can manually set a server in most clients, and I don't know how that is generally implemented. I guess that should work then.But if you serve a certificate for jabber.example.com for a user trying to connect to an account user@example.com using SRV records then that mismatch will give you at least a certificate warning popup. And for good reason too: How would a user verify that a certificate
abcde.1234.jabber.freshhosting.donut
is valid for the account joe.doe@example.com ?
> I still use Signal for most day-to-day conversations and I’m not planning to stop.
You can run a Signal-XMPP gateway. See https://slidge.im/
This will allow you to use your Signal account from your XMPP client. Bridging audio / video calls isn't currently possible. But most other feature work across the gateway.
[1] https://archive.ph/4wi5t
I once looked into that and it just confuses me, it’s XMPP but requires an invite? And the snikket client only works with snikket servers, yet it’s actually all based on prosody and conversations? Everything about the project has alarms going off for me.
The Snikket client works with any XMPP server, and the Snikket server works with any XMPP client.
The Snikket clients are soft forks of existing clients. The reason of their existence is having consistent branding.
In fact, I recommend using Monal as an iOS client instead of the Snikket iOS one.
Note: you can set up invites on any regular Prosody / ejabberd server.
https://prosody.im/doc/modules/mod_invites
https://docs.ejabberd.im/admin/configuration/modules/#mod_in...
Prosody is a popular choice of XMPP server software. It's used for all kinds of stuff, from self-hosted chat servers to powering Jitsi Meet, to Internet-of-Things applications.
Prosody is extremely flexible, and has a bunch of configuration options that allow you to adapt it and extend it however you want. For some people, this is ideal. Those people should continue using Prosody.
Snikket has a different scope. It is specifically an answer to a question like "How can I easily make a self-hosted WhatsApp/Signal for my family/friends using open-source software?"
- Snikket contains Prosody, for the core chat part. But it's Prosody with a very specific configuration, and the configuration is part of the project, it's not intended to be modified by the person deploying Snikket. They only need to provide the domain name.
- Snikket also includes additional components that a modern chat service needs. For example, it includes a STUN/TURN server to ensure that audio/video calls work reliably (again, preconfigured).
- Snikket provides its own apps, which are tested and developed in sync with each other and with the server. This avoids the common problem of incompatibilities that occur when you have an open ecosystem such as XMPP, where different open-source project developers may develop features at different paces, leaving users to figure out which ones support which feature. It also solves the discoverability and decision fatigue for users (searching "Snikket" on an app store will get you an app that you know is compatible with your Snikket server, you don't have to go through a list of XMPP clients and figure out which one is suitable).
- Snikket servers are not designed to be open public servers (these are an administrative nightmare). Instead, your server is closed and private by default. As the admin, you choose who signs up to your server by sending invitation links. The invitations also serve to simplify the account setup process - no need to prompt users to "choose a server", etc. They just need to provide a username.
Projects such as Conversations differ by running a single public server (conversations.im) and guiding people to sign up on that server, or choose one of a long list of free public XMPP providers. In some cases that's all what you want. But onboarding a group of people that way is not fun (for example, they all have to share their addresses with the group add each other to their contact lists one-by-one - Snikket makes discovery of contacts within the same server automatic).
Beyond these things, Snikket is all open-source and XMPP. But there is a focus on making a good polished and secure "product", if you like, rather than supporting the entire diverse XMPP ecosystem which includes a range of software of varying quality (weekend projects and more recently, 100% vibe-coded clients). For example, Snikket servers require certain security and authentication features which some older codebases that have fallen far behind modern XMPP standards (think Pidgin, etc.) simply don't support today.
> it’s actually all based on prosody and conversations?
As mentioned, I develop Prosody. I also collaborate with the Conversations developer and other XMPP projects. There's nothing shady here. The goal is just to make a best-in-class XMPP project that solves one particular use case (and it was primarily my own use case to begin with of course - I wanted to move my family off WhatsApp).
And yeah, I get what you are saying, I'm using it the same way you envision snikket, just for my wife and I. Considering how much time I spent on the initial setup, I can very much see wanting a preconfigured version.
I guess the site was just too "non technical" and went over my head when I tried to grok it (before, a while ago, and now before writing the comment), the lack of a download option for the client on the snikket site combined with repeatably talking about invites just rubbed me wrong.
As I have already setup my server, and have gajim/conversations (which afaik are the best modern Windows/Android clients, for Windows probably even the only one storing modern xmpp) for desktop/mobile, I have no need for snikket, but my view now went from negative to very positive ;)
I'm still experimenting with the messaging on the Snikket website. However my general approach with the site was to pitch Snikket to people who don't know what XMPP is, which is, frankly, the majority of people. Instead, I wanted to focus on explaining features it enables rather than protocol details. But I'm aware it has caused a lot of head-scratching among people who already know Snikket uses XMPP :)
I see Snikket as kind of a gateway into the XMPP ecosystem for people who are unfamiliar with it. After all, if you're already familiar with XMPP then the chances are you'll probably be happier with Prosody or ejabberd, and you'll already have opinions about which clients you want to use (e.g. the upstreams of Snikket).
Snikket seems to just be a focus or lens on Prosody that answers that question for the mission statement you gave.
That's exactly what XMPP was created to solve, an open standard that could be implemented by anyone. For a while it even looked like there was a chance for that to work out. Whatsapp, Google Talk, Cisco Jabber, and some others used to be based on XMPP.
Unfortunately it didn't quite pan out that way.
I'm not saying that you shouldn't trust OMEMO (we all have our own threat models), but OMEMO and Signal have fewer similarities that people often assume and has some important caveats [0].
[0] https://soatok.blog/2024/08/04/against-xmppomemo/
"I'll make an edit later about the protocol version thing, but I'm not interested in having questions answered. My entire horse in this race is for evangelists to f** off and leave me alone. That's it. That's all I want." [censorship of profanity mine]
You won't find this quote in the article with Ctrl+F, it's in the screenshot, where they omitted the original constructive comment by one of the OMEMO contributors that they chose to moderate, which you can find here: https://www.moparisthebest.com/tim-henkes-omemo-response.txt
So, by all means, read the blog post. But just be aware that its ultimate goal was not to be an unbiased accurate technical article.
FWIW, I personally think Henke is correct to state that creating "...a product based on XMPP+OMEMO that, exactly like Signal, can only communicate with other Signal users and always has encryption on." would largely address most of the critiques (or at least the ones that bother me most), but that Soatok is also correct in concluding that the XMPP ecosystem and the way OMEMO is used in clients today does not meet their definition of "Signal competitor"[0], which I think is still a useful way to frame things.
[0] https://soatok.blog/2024/07/31/what-does-it-mean-to-be-a-sig...
From my experience the biggest pain point gets the least amount of discussion in this post and that is the client landscape. I'm on iOS so I tried Monal and Siskin IM as my primary mobile clients and Movim/Dino as my desktop clients.
While I truly appreciate the effort the maintainers put into these tools I have to admit that the UX for Moanl and Siskin IM leave a lot to be desired and if you're used to something like Whatsapp or Signal it will prove a significant barrier to convincing friends and family to adopt your new platform.
I frequently encountered UI bugs and missing features using the iOS clients and for the life of me could never get notifications working reliably on mobile (a constant bug bear for users in the Siskin and Snikket user base).
For calls and texts on mobile, I don't think I ever managed to get a reliable notification unless the application was open on the screen on iOS. This meant that I frequently missed important calls or texts when out and about. On the desktop, Dino did manage to at least always alert me when a call or a text came through, but answering the calls on was always hit or miss on my laptop for reasons that allude me.
Interestingly the most full featured and reliable client turned out to be movim, which has the caveat of being a full featured formum/social network with an xmpp client embedded. On movim I would reliably get notifications for calls and texts and could "answer" calls in any browser connected to a microphone easily.
Another thing to note if you're looking to replace your phone service is that 3G/LTE radio is very tolerant to maintaining a reliable connection on the move, jumping between cell towers. The same cannot be said for an XMPP based call, and you will encounter significant latency and drop outs trying to hold a conversation driving or on transit.
I eventually gave up on the venture after missing a few too many important notifications, but if I was to go defiantly go all in again I think I would focus on self hosting a movim instance as my base "client", as it was the most reliable and easy to use of all the ones I tried. For mobile, I did hear good things about Conversations on Android but never got around to trying that one.
There is also a new app in the works between Cheogram and Snikket. There is a beta available, but it's still young (and we won't apply any Snikket branding until E2EE is complete).
Thanks for sharing your experience!
The experience was unpleasant in both cases; in the end, I have a working setup for both, relatively working at least, but what's really missing is a single application, something you can 'go install', 'pip install', or 'cargo build', also easy for distro packagers, that features:
- a text-based configuration
- an admin WebUI (for eventual storage cleanup, moderation etc)
- a client WebUI for users
including:
- text chat with optional file uploads
- audio/video chat
- other bits on the side like long-form notes Nostr-style for a blog with comments under articles etc (yes, it's connected, it's just plain textual communication).
The core of it is just a simple snippet of text, we can transmit to some privately, or to anyone openly, and in that sense, Nostr has got it spot on: you can do chats, emails, blog posts, because everything is just a bit of text rendered with any attached media. Unfortunately, as it stands, Nostr feels like an ecosystem that lacks a clear direction; XMPP seems to be largely abandoned, with enough complexity to put most people off; Matrix looks to be heading towards a commercial future riddled with issues that keep most people away, and in the end, we don't have much. Hosting BBB or Jitsi is even worse. Hosting Asterisk or Yate to use with softphones or classic VoIP desk phones is also problematic.
There's a lot going on under the bonnet now, but why an app hasn't emerged yet that brings together features we've more or less had for decades is a bit of a mystery to me. It almost feels intentional, as if it's designed to deny free communication to the masses by making life difficult on purpose.
One thing I'd add: if you're already running Caddy as your reverse proxy, you can use its on_demand TLS to handle certificates for the upload and conference subdomains automatically instead of managing them through certbot separately. Saves a moving part.
Curious how federation has been in practice. Are you actually messaging people on other servers, or is it mostly just you and contacts you've created accounts for?
* SMS * Apple iMessage * Email * IRC * Facebook Messenger * Telegram * Slack * Webex Teams * Discord * Twitter (DMs) * Signal * Whatsapp * A particular PHPBB web forum
Instead of being on top of all of these, I mostly neglect all of them, and then friends complain that they haven't been able to get a hold of me for 6 months.
XMPP was my own "solution" to this problem, which nobody else used.