Hello, I would like to hear your opinions about a good selfhosted messenger like discord.

To list exactly what I mean by that is:

  • No need for federation ( only will be used by friends )
  • E2EE
  • Support for direct messages
  • Support for discord like server management by which I mean the ability to set rooms and topics for such rooms.

From what I know, this seems to be more similar to slack alternative’s but wanted to hear opinions of others.

I have been thinking about either matrix, mattermost, rocket.chat or revolt chat.

I already have a XMPP server, but setting up encryption and client’s has turned away quite a few people I would like to get onto this platform.

EDIT: As pointed by other people E2EE isn’t needed for my usecase if no federation.

  • lemmyvore@feddit.nl
    link
    fedilink
    English
    arrow-up
    4
    ·
    7 months ago

    If you run things on your own server and have no federation there is no point in e2ee.

    Just because they run the server doesn’t mean the users want them to be able to access the messages.

      • lemmyvore@feddit.nl
        link
        fedilink
        English
        arrow-up
        1
        ·
        7 months ago

        Whether I do or don’t is irrelevant, it’s the fact I can read them that’s the problem.

        Nobody will use your selfhosted services if they know you’re able to snoop. People tend to actually be very privacy conscious. Ironically they keep using online services that shit on their privacy, but that’s mostly because they don’t realize how bad it is. Also it’s super ironic that this realization only comes around when they’re exposed to private selfhosted services.

        I get these kind of questions from friends and family all the time. I propose to backup their files on my server and enter them into the incremental backup rotation, one of the first things they ask is “so you’ll be able to see my files”. I propose to set up Immich so photos can be automatically backed up and they get face recognition and so on, they refuse because I would see all their photos. I offer them to use something like video or music streaming, they ask if I’ll be able to see whenever they go online and listen/watch something and when the answer is yes they say no thanks.

        And to be honest I don’t want to know those things either. And for some things it’s possible to avoid it, like for the files I can set up an encrypted backup. But I can’t help having access to Immich photos or see when they’re listening to music.

        Everybody needs their privacy and as a selfhoster you need to be very mindful of that.

        • poVoq@slrpnk.net
          link
          fedilink
          English
          arrow-up
          1
          ·
          7 months ago

          Uhm, honestly that’s a you issue if your own friends and family don’t trust you even that much.

          • lemmyvore@feddit.nl
            link
            fedilink
            English
            arrow-up
            2
            ·
            7 months ago

            You keep missing the point. When you have access to everything you can inadvertently be exposed to something you don’t need to see. I don’t want to get a notification from the backup system saying “folder /syncthing/dad/Furry Porn changed while we were reading it” and then have to go gouge my eyes out. This is the kind of thing that can happen when you ask someone to entrust you with ALL their most private stuff. Everybody has secrets and stuff they need to stay private.

            So instead of asking “am I trustworthy” you need to ask “do I REALLY want to fucking risk stumbling over super private stuff”? Because I can guarantee you will sooner or later.

            • poVoq@slrpnk.net
              link
              fedilink
              English
              arrow-up
              1
              ·
              7 months ago

              Sorry, but you are making excuses and you know full well that other online services are not any more secure, but less so. If something like your totally made up example would actually happen then you would need to have a stern talk with your dad about not uploading stuff like that to a remote computer, period.

              E2EE is a band aid at best and mostly used to justify using commercial services that are inherently untrustworthy.

              • lemmyvore@feddit.nl
                link
                fedilink
                English
                arrow-up
                1
                ·
                7 months ago

                Online services propose to people that their data is only seen by them and robots. You as self-hoster propose to them that their data can be seen by them and you, a dear friend or relative.

                If you think they’re going to prefer risking disclosure of embarrassing stuff to friends or family over faceless robots you are being very naive and have probably led a very happy, sheltered life so far. Which is great, don’t get me wrong, and I hope it goes on for a bit.

                • poVoq@slrpnk.net
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  7 months ago

                  Seen by them and any random employee, and in addition actively searched through by robots to sell data to advertisers or insurance etc.

                  And no, I have not lived a sheltered life, but I am telling you that if your friends and relatives do not trust you to not snoop on their stuff that tells me more about you than it tells me about them. Maybe something you should reflect on instead of finding excuses.