# Welcome to chat.phryk.net! #
Is it getting hot in here? Are you tired of all that surveillance yet?
With the corporations of surveillance capitalism on one side, state agencies on the other – and caught between them everyone using the internet – today, it's not only likely but downright guaranteed that you – yes **you**! – are *under surveillance*. > ## Take refuge and communicate ## > > * Securely > * Anonymously > * *Freely* > > *On chat.phryk.net!* Henlo and the bestest of welcomes to **chat.phryk.net**! Here, a dedicated team of raccoons from [phryk evil mad sciences, LLC](https://phryk.net) offers free and secure communication for leftiststerrorists in the form of a pretty damn spiffy, invite-based messaging service that integrates into the larger, decentralized **XMPP** network. This service is, in big part, a reaction to legislation from the EU Parliament about the automated analysis of the contents of private communications as well as their forwarding to law enforcement agencies. Said legislation, colloquially dubbed ChatControl, already legalized this practice with another piece of legislation planned to make it not only legal, but *mandatory* for the providers of "number-independent interpersonal communication services" like E-Mail and Messengers. You can read more about it in our short [article tackling the issue]. [article tackling the issue]: /article/chatcontrol ## XM–WHAT now? ## **XMPP** – *eXtensible Messaging & Presence Protocol* – refers to the technical specification underlying this service. No worries if you're not a techie, there's no need to know about the nitty-gritty specifics, but there are a few key qualities you should know about because they explain why we advocate the use of XMPP for secure communications between lefties. > Some of this might seem boring – and maybe it is – but in an > age of ubiquitous surveillance you can't really afford not > knowing this shit at least at a surface level if you want > to make informed decisions. * Support for multiple types of strong End-to-End Encryption (E2EE) * Decentralized * Free & Open standard * Extensible * Not bound to established unique personal identifiers * Wide array of software using it * **XMPP** software covers pretty much any system imaginable * We can basically guarantee someone ran this on a toaster * We're only half-joking, someone probably actually did. > If you want a more detailed explanation of these points, > feel free to partake in the consumption of our text > [X as in Freedom: Why dissidents have ample reason to use **XMPP**][x-freedom]. [x-freedom]: /article/x-as-in-freedom ## Features, features, features! ## * Messaging with other users on this or any other reasonably secure server in the wider **XMPP** network * Chatrooms * File transfers * STUN/TURN NAT traversal to support audio/video chats * End-to-End Encryption enforcement * Mobile connectivity optimizations * Support for parallel logins with message synchronization * Ephemeral message archive – messages are deleted after one week * Browser client in case you can't install apps/programs * Web-based invites to onboard *our* comrades. ( ͡° ͜ʖ ͡°) * 100% score on [compliance.conversations.im]! * Fully IPv6-enabled * [Free & Open-Source][foss] [Prosody] on a Free & Open-Source [FreeBSD] on disks encrypted with AES-256 ## Okay, cool – what do I need? ## If you have an invite to this service – nothing! Just go through the invitation process and you'll get logged onto the service right here in your browser. Otherwise, you mostly need an **XMPP** client, mostly. We say mostly, because this service is currently *invite-only* – but don't worry, **XMPP** still has you covered with lots of servers. You can take a look at the [Server Directory at the IM Observatory][server-directory] to see if anything listed there strikes your fancy. Personally, we deem [jabber.systemli.org] and jabber.ccc.de trustworthy but audio/video chat might not work properly. An **XMPP** client is the program used to communicate through an XMPP service. We do offer a [in-browser access][conversejs] if you can't install a client on your device or are still undecided, but we *very* strongly recommend going native – and we have a few recommendations. All of these are [Free & Open-Source Software][foss] and support the [OMEMO E2EE standard][omemo-spec], which has quickly become the most popular E2EE scheme in the **XMPP** ecosystem. | Platform | Client | E2EE for File Uploads | E2EE for Chatrooms | E2EE for audio/video chats| |-------------------------------|-------------------|-----------------------|-----------------------|---------------------------| | Android | [Conversations] | **YES, UNVERIFIED** | **YES, UNVERIFIED** | **YES, UNVERIFIED** | | iOS | [Siskin] | **UNVERIFIED** | **UNVERIFIED** | **UNVERIFIED** | | macOS | [Beagle] | **UNVERIFIED** | **UNVERIFIED** | **UNVERIFIED** | | Linux, BSD | [Dino] | **YES, UNVERIFIED** | **YES, UNVERIFIED** | **NO, UNVERIFIED** | | Windows, Linux, BSD, macOS | [Gajim] | **UNVERIFIED** | **UNVERIFIED** | **UNVERIFIED** | After installing one of these, it's simple – just enter your JID (`@phryk.net`) and password and start chatting! [compliance.conversations.im]: https://compliance.conversations.im/server/phryk.net/ [foss]: https://en.wikipedia.org/wiki/Free_and_open-source_software [Prosody]: https://prosody.im/ [FreeBSD]: https://freebsd.org/ [server-directory]: https://xmpp.net/directory.php [jabber.systemli.org]: https://www.systemli.org/service/xmpp/ [conversejs]: https://chat.phryk.net/converse/ [Conversations]: https://conversations.im/ [Siskin]: https://siskin.im/ [Beagle]: https://beagle.im/ [Dino]: https://dino.im/ [Gajim]: https://gajim.org/ [omemo-spec]: https://xmpp.org/extensions/xep-0384.html ## Roadmap ## This service already offers a lot of features, but is still lacking some things we want in order to further improve the security and usability of **XMPP**. What's there? What's to come? > Please note that we only talk about *server* capabilities here, to see what > each of the **XMPP** *clients* we support can do, please refer to our [list of > supported clients](/clients). | Feature | Are we there yet? | |-----------------------------------------------|-------------------| | Basic **XMPP** | YES | | Mobile Optimizations | YES | | File Uploads | YES | | Community Chatrooms | YES | | Invite-based Registration | YES | | Invite Creation for Community Members | NO | | TLS-only Setup | YES | | STUN/TURN NAT Traversal Service for A/V Calls | YES | | Settings Bot or Dialogue | NO | | Improved Moderation Tools | NO | | Self-destructing Message Archive | YES | | E2EE enforcement Grace Periods | YES | | E2EE enforcement for Direct Messaging | YES | | E2EE enforcement for Chatrooms | YES | | E2EE enforcement for File Uploads[^fc] | NO | | E2EE enforcement for Audio/Video Calls | NO | | Extended Cryptographic [Canaries] | NO[^c] | | Client-side or Encrypted Contact Rosters[^r] | NO | | Automated testing | NO | For more information about the protocol-level capabilities of this service, see our entry at [compliance.conversations.im](https://compliance.conversations.im/server/phryk.net/). [^fc]: End-to-End-Encrypted uploads are an area of ongoing research in the **XMPP** community, with only one preliminary [XEP] that has limitations and is supposed to be superseded by a well-engineered follow-up. As such, full-fledged official support and enforcement will take a while. [^c]: We put a good bunch of work into this, but it's currently just not possible with [GnuPG] because it's a [giant] [garbage] [fire]. We're currently waiting for the good folks at [Sequoia] to finish and release the python bindings for sequoia-sop so we can do this in a way that's not complete shit. 🤷 [^r]: This is not a feature most (if any) non-P2P messaging solutions have and might not be technically possible/viable, but we're planning to look into it anyhow. **XMPP** is already better than Signal in this regard as your JID won't be leaked to everyone in the same chatroom as you. [Canaries]: https://en.wikipedia.org/wiki/Warrant_canary [XEP]: https://xmpp.org/extensions/xep-0454.html [GnuPG]: https://en.wikipedia.org/wiki/GNU_Privacy_Guard [giant]: https://mastodon.social/@phryk/107807889352807387 [garbage]: https://mastodon.social/@phryk/107866591938927511 [fire]: https://github.com/vsajip/python-gnupg/issues/172 [Sequoia]: https://sequoia-pgp.org/