https://snikket.org/hosting/

They can host it for you.

As for Gajim, I have been using it for years and never had history sync issues. Maybe you expect to be able to sync old e2ee messages on new devices? That is impossible to do with OMEMO and actually an intended security feature.

Well, I get your frustration. But I also disagree.

There are several different things at play. first of all I think Matrix has made some non-optimal design decisions with their protocol. For example I think e2e-encryption should have been mandatory for clients to support from day one. With like 2 mandatory verification processes that are well-documented and taught to the users.

The second thing is, some clients are bloated and also expose weird stuff to the user. For example the device-keys (session-/room- whatever). That should be build on-top the encryption and handled without the user knowing anything about it.

That would leave us with 3 concepts to understand:

1. How to do the emoji-verification to verify new devices and other people
2. You need to do 1 backup to make sure you don’t ever lose access to your account, just write down a sequence of words or characters on paper or do a screenshot
3. a screen that shows you which devices are logged into your account with a button to delete them. No further handling of cryptographic keys

And I think with a few limitations that are due to the history of Matrix’s development, they strive to become that and aren’t far away from it. I don’t think it’s too complicated. I’ve taught 15 year old kids how to do the emoji-verification and why that’s important.

And it is important… If you take end to end encryption seriously, there is no way around verifying the other end once. You can see which messengers take it seriously and which don’t. For example WhatsApp doesn’t ask you this. And it can’t ever detect if this is really the person they claim to be. The only thing it can do is assume it and make sure the person at the other end doesn’t change. And the backup is non-negotiable, too. You either do that yourself, or let your provider do it. But then they have access to your messages.

And this isn’t Matrix’s or XMPP’s fault. security and convenience are somewhat on opposing ends and you can’t have both at the same time. It’s somewhat like this, and it’s a limitation of how the world is:

You’re free to choose where you want to be on that triangle. You can have something with many features and very secure. But that won’t be easy to use. Or you want something easy, but it won’t ever be secure. Matrix tries to be everywhere, but that can’t work. You can just disable encryption on Matrix, this will do away with all of that complicated stuff immediately, at the cost of some security. But you could also use WhatsApp or iMessage to talk to your friends. My grandma could use it, but it has other downsides.

I’ve been with the FLOSS people and advocating for freedom and empowerment of the user for quite some time. It’s always a struggle. You always have to actively fight for your freedom. And if you want to stay in control of your data, you have to take matters into your own hands, to some degree. And that is some work. You have to learn concepts and gain a certain amount of literacy. The other option is to give up parts of your autonomy.

With that said, I still think Matrix could do a better job and make it easier. I think it’s usable. But I’d be happy, too, if I could recommend it to more of my friends without there being any catch. In fact, I recommended it to other people and like 3 friends use it, my dad, my spouse and like 15 other people I know from real-life. They’re not all tech-savy and it works. There have been some issues, but that was some time ago and issues have become less and less over time.

It’s taken me forever to reply because (a) I feel guilty about short replies to long messages, (b) I had to think about this a bit, and © I almost exclusively access Lemmy on my phone and I hate typing long messages on my phone. Not an excuse, just an explanation. There are no good Lemmy desktop clients, but I’ve finally logged in to my instance’s web interface to respond to this. 3 months later.

So, yeah. I honestly didn’t pay much attention to whatever backstory the software authors were selling; I was looking for a feature set, and Session had it. I got some of my circle using it, and we eventually stopped because message delivery reliability was iffy, and there were enough of some UI issues with (e.g.) attaching photos that everyone drifted back to what we were using before. I’m sure Session will improve, but just for the record, I haven’t been using it because of technical reasons.

I don’t have an issue with cryptocurrency per se. There are issues with current implementations, but the fact that it’s used for laundering money or scamming people is also an argument that can be made for fiat money, but you don’t see people saying we shouldn’t use dollars because a vast amount of them are used to enable the military industrial complex that is killing people around the world. I haven’t read that Bitcoin is being used to fund any of the attempted genocides currently underway – but fiat money has. People have been scamming people using regular money for far longer than cryptocurrency has existed. A lot of people have lost a lot of money trying to get rich in various cryptocurrencies; do you think more people have lost more money in cryptocurrency than people have lost trying to dabble in the stock market? Have more fortunes been ruined by cryptocurrencies than were ruined by the collapse of the “legitimate” currency of Germany during the Weimar Republic? And what, exactly, is a “fake economy?” If people are willing to exchange goods and services for A Thing – whatever that Thing is – it’s a real economy by definition. The argument that because the currency isn’t endorsed or backed by a government means it’s not real seems debatable, at best.

While I think a debate about the relative merits and evils of cryptocurrency is a good thing to have, since the OP topic was messengers, to answer your questions: in the entire time I used Session – and though today it’s still on my phone and receiving messages, although nobody’s sending any – I would not know that the developers behind Session had some grander vision involving cryptocurrency unless it had been brought to my attention here. That they want to improve privacy by using an anonymous method of payment for services – one not based on the collection and sale of metadata, or on a traceable currency (which all electronic fiat transactions are) seems reasonable. I imagine that, eventually, they’ll build something like Lightning into the app, so users can transfer cryptocurrency to other users, or to the operators of their servers. If it ever gets to the point where you must pay to use the service using crypto, then maybe I’d be concerned. It’d be no worse than buying tokens at a video game arcade – a practice that was around for more than a decade without an indignant uprising.

I think it feels sleezy to you because the devs are also interested in integrating cryptocurrency into the Session ecosystem, and you believe cryptocurrency=bad. I think it doesn’t feel icky to me because I’ve been working as a software developer since long before Bitcoin was introduced; and I understand how blockchains work, and know what “proof-of-work” means and what it implies; and I’ve watched the evolution of the internet and the growth of the web, and lived through the eternal September; and I saw how email turned from a communication tool for people in higher ed into a way for scammers (and legitimate businesses) to deliver spam. And I believe that a very many people will try to take advantage of other people and take their money, and they’ll use any possible tool to do so. But I believe that scamming is not fundamental to the nature of cryptocurrencies in the same way that killing people is in the fundamental nature of a gun, any more than buying heroin is fundamental to the nature of a dollar bill.

Sorry that was pretty unclear lol

I was linking to another comment I wrote in this thread about this very strange cryptocurrency-based chat thing. I sort of had the impression maybe you have some prior knowledge of this. I never heard of it and find it puzzling just what the heck they are up to. I am not gonna use it because it smells bad. But am now interested to know what sort of business is going on. The person who recommended it sounds very satisfied with the chat interface. Why/how is it attached to crypto? Just… so weird.