
The State of Mobile XMPP in 2016 - e12e
https://gultsch.de/xmpp_2016.html
======
stonogo
Related:
[https://news.ycombinator.com/item?id=2069810](https://news.ycombinator.com/item?id=2069810)

To this day, XMPP is a bandwidth-hungry, unreliable mess of a protocol.
Despite the enthusiasts having an XEP they can flash for every objection, the
sad fact is servers and clients support varied subsets of XMPP, and it's a
rare day when everyone involved supports all the features everyone wants to
use.

The author seems to think that XMPP is qualified to compete with WhatsApp.
While WhatsApp recently abandoned several platforms, for many many years they
had even S40 (dumbphone) support. I tried to find XMPP/Jabber clients for S40
phones for YEARS, and every single one I found would immediately crash with
OOM errors.

It's easy to blow off complaints like mine, because everyone on hackernews has
a Samsung Universe S2000 or an iPhone 128 Plus, but these are real concerns
that real people have in the real world. Wholly aside from network effects,
even nontechnical users said "why do I need a smartphone to send text
messages?" and "because XML" is not going to convince them.

XMPP is just a bad protocol, a holdover from an era where gleefully wrapping
everything in XML was the new hotness. I hope we're moving past Global XML
Obsession, and I hope I don't have to hear XMPP evangelism once we get past.

~~~
sweden
People are always bashing XMPP around but truth to be told, my experience with
the Android client Conversations is pretty damn good.

I use the Android client with a personal XMPP server based on Prosody and I
frequently use it to communicate with a friend who is also running his own
XMPP server and the experience is very good. We never lost a message, we can
share pictures just like in WhatsApp, we can send any type of file and the
battery usage is unnoticeable.

It seems to me that the people who bash XMPP are people who never actually
used it and they are just echoing myths from the last decade.

~~~
mindcrime
_It seems to me that the people who bash XMPP are people who never actually
used it and they are just echoing myths from the last decade._

That's my take as well. At this point "XMPP sucks on mobile" seems to be just
an outdated meme that keeps replicating itself, but has little actual
relevance.

------
mindcrime
I use Xabber on Android and it works great. All the hysteria over how bad XMPP
is on mobile is over-stated in my experience. Battery life is barely affected
by Xabber, compared to the main drains, like Gmail, Facebook, etc. And it
pretty much "just works". I think anybody avoiding XMPP because they heard "it
doesn't work on mobile" out to give it a try for themselves.

------
zanny
Just a reminder, since this blog did not mention it at all, Matrix is great,
is NOT an XML hellhole, and has their own implementation of Axolotl for
private messaging: [https://matrix.org/git/olm/](https://matrix.org/git/olm/)

And Vector is pretty great too. I had the pleasant experience this weekend of
making a new chat room to persistently share photos with relatives this
weekend using it. And the Android client is really solid as well.

~~~
Zash
XMPP is great, NOT a JSON hellhole, and has its own implementation of Axolotl
for private messaging:
[https://conversations.im/omemo/](https://conversations.im/omemo/)

And Conversations is pretty great too. etc...

~~~
Arathorn
Honestly, there isn't a big XMPP v. Matrix thing (or at least I wish there
wasn't). A good example is on the Olm side of things, where the OMEMO guys are
investigating whether there's value in using Olm as their double ratchet
implementation:
[https://github.com/anurodhp/Monal/issues/9#issuecomment-2080...](https://github.com/anurodhp/Monal/issues/9#issuecomment-208063040)
etc.

~~~
Zash
Then why, every time XMPP is mentioned, do droves of people praising Matrix
and bashing XMPP show up out of nowhere?

~~~
Arathorn
I guess an overabundance of enthusiasm from the wider Matrix community, i
guess. Speaking on behalf of the Matrix core team, we genuinely wish the XMPP
community the best - for as long as Matrix & XMPP end up interoperating
nicely, we're working towards the same goal of open communication. Hell, I
spend most of my life atm wandering around wearing an XMPP hoodie!

If you like XMPP's philosophy of passing stanzas around, XML and XEPs, then
use XMPP. If you like Matrix's philosophy of eventual-consistent synchronising
conversation history, JSON and a monolithic spec, then use Matrix. Different
tools for different jobs.

It's like SMTP and NNTP. You can use both of them to have conversations. They
look kinda similar. You can build bridges between them. But they are totally
different architectures and philosophies however and there's room in the world
for both :)

------
nycticorax
So... in practical terms, what's the simplest way for me to get an account on
an XMPP server that supports all these modern XEPs? I _could_ maintain my own
XMPP server, but I'd really rather not. Life is short, etc. Is there a
reasonably-trustworthy company that I can just pay to use their XMPP server? I
gather FastMail used to support this, but no longer does.

~~~
inputmice
have a look at
[https://account.conversations.im](https://account.conversations.im) I'm - the
author of the essay and developer of Conversations - are running this server
with one of the ejabberd developers. That server is really up-to-date and has
everything you need to run Conversations. (every XEP mentioned in my essay)

If you want alternatives there is jabber.at, which has also proven to be very
well maintained in the past.

And there is jabber.de (but they don't have MAM (yet))

~~~
nycticorax
This looks like a nice service, and the price seems very reasonable. Hope it
works out well for you!

------
spriggan3
Nice, I think XMPP is more relevant than ever, in an era of messaging apps
that are incompatible with each others. I hope businesses come to their senses
and provide a layer of interop with a standard such as XMPP. It's a win-win
for everybody.

------
aftbit
Can anyone point to a comprehensive set of good XMPP clients for different
platforms? It looks like Conversations is pretty solid for Android. What is
there for Linux desktop? Terminal? I know about Pidgin and related ilk - where
can I find which XEPs it supports?

~~~
subway
[https://developer.pidgin.im/wiki/SupportedXEPs](https://developer.pidgin.im/wiki/SupportedXEPs)
might be a good start.

~~~
SamWhited
Please don't recommend Pidgin; Pidgin is the IE6 of the chat world… it's
terrible, it holds back the rest of the world, and it just won't die (although
I know this was in response to the question; just sayin')

~~~
detaro
So what desktop client (Win/Linux) do you recommend instead? (I use pidgin,
but mostly because that's what I've always used, it has quite a few
weaknesses)

~~~
Zash
You could try [http://swift.im/](http://swift.im/)

------
jmspring
Given MiTM, etc attacks, why does this particular statement not sit well with
me?

"Any discussion on end-to-end encryption in XMPP should begin with a reminder
that in a federated system end-to-end encryption is not always necessary. When
you trust your provider encrypting the transport layer is sufficient."

~~~
e12e
If you trust the CA system (eg https, imaps) and your provider follows the
spec and forces ssl, there isn't any particular mitm danger.

Like if you use mail internally in a domain, eg Gmail, outlook.com etc -
there's no obvious mitm attack surface. Users logs into Gmail over https or
imaps, emails user2@gmail either via https or smtps - and user2 logs in the
same way (similar for self-hatred [lol, there were a few autocorrect errors,
leaving this one in - appropriate for "self-hosted"] email).

As far as I know xmpp federation is "point2point", and the current standard
demands ssl. So user1@jabber1.tld talking to user2@jabber2.tld will have the
communication protected by the CA system and TLS from client1 via server1 to
server2 down to client2.

It is a system of many devices, each of which might be compromised, but
traditional mitm isn't the biggest danger in this case.

------
erikb
The last time I tried a mobile xmpp client it had a very ugly, painful user
interface and needed to send me notifications when people where coming online
or offline (which happens all the time with unreliable mobile internet).

That's the only reason I don't use it. If there's a good client I happily use
it.

~~~
akerro
What app did you use? Conversations, ChatSecure and Xabber on Android and all
of them are really good.

------
ausjke
A naive question, can you do picture/images inside xmpp?

I hope irc can support inline images especially for web clients.

~~~
betaby
Yes. In fact anything.

~~~
ausjke
[http://getkaiwa.com/](http://getkaiwa.com/) some good info on xmpp on that
page.

most xmpp client still show inline-image via http-url, I failed to find any
xmpp client that can natively insert an inline image just like what other
popular IM messengers do these days.

------
Borating
Related Communication freedom [1]

[1]
[https://communicationfreedom.wordpress.com/jabberxmpp/](https://communicationfreedom.wordpress.com/jabberxmpp/)

------
hannob
While this tells you which XEPs you should enable for a modern XMPP experience
it doesn't tell you how to do that. In my experience the documentation
especially for ejabberd is lacking and it's often not trivial to find out.
Also this begs the obvious question: Why aren't the options to have a modern
XMPP server enabled by default?

~~~
emias
> the documentation especially for ejabberd is lacking

If you happen to remember specific things you were missing on
[https://docs.ejabberd.im/](https://docs.ejabberd.im/) we'd be happy to hear
about them:

[https://github.com/processone/docs.ejabberd.im/issues/new](https://github.com/processone/docs.ejabberd.im/issues/new)

------
KaiserPro
why is XMPP shite? just look:

    
    
      <message from="juliet@example.com" to="romeo@example.net" xml:lang="en">
        <body>Art thou not Romeo, and a Montague?</body>
      </message>
    

69 chars just for the from/to. every. message. (more or less)

There is already a concept of session, why send the full ID? not just a short
ID.

each byte costs energy, in this case most of the energy is spend on
boilerplate, stuff that can be inferred much more cheaply.

Fortunately its not wrapped in HTTP, as that'd add _even more_ boilerplate
each transaction.

~~~
y0ghur7_xxx
[https://tools.ietf.org/html/rfc6121#section-5.2.1](https://tools.ietf.org/html/rfc6121#section-5.2.1)

because the message can be sent to different devices (resources) the user is
connected with. This is not accidental complexity like you make it out to be.
It is needed and wanted.

Or are you advocating a binary protocol? Personally I really like the messages
exchanged with xmpp: they are easy to understand and easy to craft. I think
the success of http too, lies a little bit in the fact that it is human
readable.

~~~
KaiserPro
But they are not human readable. They are only readable by humans because can
be converted to text with a text reader. For a protocol to be good, it needs
decent debug tools.

Yes I am advocating a binary protocol. If you want to have decent battery
life, then you need to be efficient. This is the tradeoff you need to make.
for something like text, I really don't understand peoples fear of binary
protocols.

As an aside clients have memory nowadays, there is no reason to send the full
ID for the sender in each message (unless of course you are doing encyption,
but even then, once you've exchanged keys its moot) a client needs to keep
track of buddies that are online, so this data can be cached, and a local ID
used instead.

------
leeoniya
timely, given
[https://news.ycombinator.com/item?id=11834935](https://news.ycombinator.com/item?id=11834935)

