• southerntofu@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    3 years ago

    In matrix pretty much everything is a public, logged append-only datastore (a room in matrix vocabulary). There is some access-control applied on top but it means that basically any server involved in some room (because their users are part of it) gets a full copy of the full history of the room including all user addresses.

    In contrast, XMPP has a clearer threat model: your server knows about you, the server of a user you’re communicating with knows about you, 3rd party services you employ know about you (eg. chatrooms) but other users of that 3rd party service don’t. Practical example: when i join room anarchism@chat.jabberfr.org from southerntofu@userserver.net address, i’m giving the chatroom server (MUC server) a nickname to identify me with. When other users receive messages in the chatroom from me, they see it from southerntofu from chatroom anarchism@chat.jabberfr.org but have no idea what my actual JID (XMPP address).

    That’s certainly good for reducing chances of having all your messages being logged by a sysadmin somewhere, but it’s even better for abuse-resistance. Having your address leaked in every public interaction is fine for most people but is a no-go for people who have stalkers or are targeted by harassment campaigns. See also this HN thread on XMPP and anti-abuse mechanism.