nothing to see here, just organizing the resistance over megaphone
private, but not anonymous, encrypted overlay network. yggdrasil is used to encrypt sunshine gardens' internal infrastructure and is the backbone of our CDN.
# DO NOT LIST THESE ON YGGDRASIL PUBLIC PEERS
Freenet is built on the principle of small world networks. By connecting to nodes of people you already know, and the people you know in turn connect to people they know, one should be able to reach all nodes in a Freenet network.
for optimal security, consider peering with sunshine gardens' mesh network and using a yggdrasil address in your freenet configuration.
IDEALLY xmpp + omemo
this is the ideal self-hosted option and may require significant effort to deploy.
MOBILE CLIENTS should use remove google apps from their android device and run fdroid conversations. for the purposes of security, google play services should be considered a rootkit. 1:1 conversations should be encrypted with omemo. encrypted group chats are also possible, but are not supported by all clients.
1: fdroid conversations
DESKTOP CLIENTS are not that great. dino and gajim are among the best available options, but both have UX issues.
ALL CLIENTS should choose a server operator that they trust.
SERVERS should verify compliance to ensure correct operation of encrypted clients. sunshinegardens.org operates an ejabberd server which has shown itself to be a very efficient and easy to admin program. prosody is another option which may not scale as well as ejabberd, but has the plus of working mostly out of the box. for additional privacy, operating an xmpp network within tor is an option.
a properly configured xmpp server should be able to facilitate file sharing and, by extension, a variety of collaborative workflows.
4: xmpp compliance
ONLY IF NECESSARY telegram
fdroid telegram supports encrypted channels using public sources which have allegedly been verified secure. use this as a last resort for communicating with contacts who do not have access to a secure android device.
7: fdroid telegram
DO NOT matrix
CLIENTS are bloated and feature insecure-but-convenient key verification.
SERVERS have unpredictable performance and require excessive over-provisioning to perform adequately.