A tiny selfhosted federated messenger for the decentralized web. - GitHub - balzack/databag: A tiny selfhosted federated messenger for the decentralized web.
Just a hint for people searching a tiny selfhosted messenger with encryption and apps for iOS and android.
It says it’s federated. When you are your own provider, e2ee doesn’t matter nearly as much (you probably have a bunch of personal files, backups, services running on the same box anyway).
Edit: I would gladly take constructive comments with the downvotes. For a moment I thought we were on “selfhosted”, where “you are your own provider” should resonate in with most
Your comment is spot on. e2ee is critical when there is server side replication or when you are using a public server, but neither is typically the case with Databag. e2ee imposes some limitations such as preventing server side processing of content which is useful for streaming. In my opinion e2ee is needed when you don’t know where the content resides, but when you do it’s overkill.
The point of federation means your content doesn’t only stay on your server. The person you’re talking too can be on a different one and their admin can see them too. Also, I wouldn’t want to be able to access content from any user - it’s a “no trust needed” thing.
with databag, the content only resides on the hosting node, or on the device of a topic participant. in the case of matrix.org, federation means your content will live on other servers, but that’s not the case for databag.
your point about the admin being able to see the content is valid. if the databag node is hosted by someone else, then they to would have access to the content if e2ee is not used.
oh no
It says it’s federated. When you are your own provider, e2ee doesn’t matter nearly as much (you probably have a bunch of personal files, backups, services running on the same box anyway).
Edit: I would gladly take constructive comments with the downvotes. For a moment I thought we were on “selfhosted”, where “you are your own provider” should resonate in with most
Your comment is spot on. e2ee is critical when there is server side replication or when you are using a public server, but neither is typically the case with Databag. e2ee imposes some limitations such as preventing server side processing of content which is useful for streaming. In my opinion e2ee is needed when you don’t know where the content resides, but when you do it’s overkill.
The point of federation means your content doesn’t only stay on your server. The person you’re talking too can be on a different one and their admin can see them too. Also, I wouldn’t want to be able to access content from any user - it’s a “no trust needed” thing.
with databag, the content only resides on the hosting node, or on the device of a topic participant. in the case of matrix.org, federation means your content will live on other servers, but that’s not the case for databag.
your point about the admin being able to see the content is valid. if the databag node is hosted by someone else, then they to would have access to the content if e2ee is not used.
Could anybody ELI5 this one?
Sounds like end-to-end encryption is opt-in. Thus, a default configuration leaves communications unencrypted and vulnerable to eavesdropping.
Bingo