From: Boris Kraut To: undisclosed-recipients: ; Date: Thu, 30 Jan 2014 22:57:14 +0100 Message-ID: <20140130225714.dF_d7l@busy.local> Reply-To: Boris Kraut Subject: [.plan] Zitat des Tages Georg Lukas: > XMPP was not designed for modern-day smartphone-based instant > messaging. However, it is the best tool we have to counter the > proprietary silo-based IM contenders like WhatsApp, Facebook > Chat or Google Hangouts. > > [...] > > The only conclusion from that debacle can be: do not save any > logs. This imposes a strong conflict of interest on Android, > where the doctrine is: save everything to SQLite in case the > OOM killer comes after you. > > [...] > > On Apple iOS, background connections are killed after a short > time, the app developer is "encouraged" to use Apple's Push > Service instead to notify the user of incoming chat messages. > > This feature is so bizarre, [...] you need to send all the > content you want displayed in the user notification as part > of the push payload. That means that as an iOS IM app author > you have the choice between sacrificing privacy (clear-text > chat messages sent to Apple's "cloud") or usability [...]. > > [...] > > In the second group, there are apps that use their own custom > proxy server, to which they forward your XMPP credentials (yes, > your user name and password! [...]) [...] Unfortunately, your > privacy falls by the wayside, leaving a trail of data both with > the proxy operators and Apple. > > So currently, iOS users wishing for XMPP have the choice > between broken security and broken usability -- well done, > Apple! [0] http://op-co.de/blog/posts/mobile_xmpp_in_2014/