In matrix pretty much everything is a public, logged append-only datastore (a room in matrix vocabulary). There is some access-control applied on top but it means that basically any server involved in some room (because their users are part of it) gets a full copy of the full history of the room including all user addresses.
In contrast, XMPP has a clearer threat model: your server knows about you, the server of a user you’re communicating with knows about you, 3rd party services you employ know about you (eg. chatrooms) but other users of that 3rd party service don’t. Practical example: when i join room [email protected] from [email protected] address, i’m giving the chatroom server (MUC server) a nickname to identify me with. When other users receive messages in the chatroom from me, they see it from southerntofu from chatroom [email protected] but have no idea what my actual JID (XMPP address).
That’s certainly good for reducing chances of having all your messages being logged by a sysadmin somewhere, but it’s even better for abuse-resistance. Having your address leaked in every public interaction is fine for most people but is a no-go for people who have stalkers or are targeted by harassment campaigns. See also this HN thread on XMPP and anti-abuse mechanism.
Matrix does have some metadata problems (not hating on Matrix though)
Interesting. Can you elaborate?
In matrix pretty much everything is a public, logged append-only datastore (a room in matrix vocabulary). There is some access-control applied on top but it means that basically any server involved in some room (because their users are part of it) gets a full copy of the full history of the room including all user addresses.
In contrast, XMPP has a clearer threat model: your server knows about you, the server of a user you’re communicating with knows about you, 3rd party services you employ know about you (eg. chatrooms) but other users of that 3rd party service don’t. Practical example: when i join room [email protected] from [email protected] address, i’m giving the chatroom server (MUC server) a nickname to identify me with. When other users receive messages in the chatroom from me, they see it from southerntofu from chatroom [email protected] but have no idea what my actual JID (XMPP address).
That’s certainly good for reducing chances of having all your messages being logged by a sysadmin somewhere, but it’s even better for abuse-resistance. Having your address leaked in every public interaction is fine for most people but is a no-go for people who have stalkers or are targeted by harassment campaigns. See also this HN thread on XMPP and anti-abuse mechanism.