You already lost the data at that point and you really don’t want to play roulette with data that has the potential of killing your users. Just imagine what could happen if a gay man from Saudi Arabia joined your instance and that data leaks.
No, data must be shared between instances for federation to make any sense and the operators of other instances don’t necessarily share your views about privacy and security. Lets take for example a matching algorithm like the one OkCupid used to use. You answer some questions and based upon those people are recommended to you. If you want to see people from other instances as well, the answers to the questions must be shared between all federated instances; but at the same time these answers contain private details about you. I don’t think a workable solution to this problem exists, even if you come up with an algorithm that allows you to make decisions on anonymized data. The danger of deanonymization due to a bug is too high.
I would have serious concerns regarding data privacy. You share intimate and very private details about yourself on these apps that could be used for blackmail. I wouldn’t feel comfortable sharing that on a federated network. For example, how would you ensure data isn’t logged by a hostile server operator. A company is at least forced to play lip service to privacy laws. The theoretical operator of fedi-date.ru can do what they want.
It has only three letters and its on the .com top-level domain. That’s it.
So this is a man-in-the-middle attack waiting to happen isn’t it? Buy the domain, setup a reverse proxy that points to the original hexbear server IP and start logging all requests.
True which is why WhatsApp, Facebook Messenger and Telegram still reign supreme. Don’t forget that its a minute for each person I want to contact, why bother if I already have the phone number of everybody I know. SimpleX targets a different market than the previously mentioned Messengers, and that’s OK, but it also means its a no-go for anyone outside that market. Signal on the other hand is targeting the same market and thus is a viable alternative and for that reason I could convince my friends and family including my grandmother to use it instead.
With Signal you just have to install the App and make an account to start chatting with your friends and family. SimpleX requires me to send a link or QR code to everybody I want to interact with. You will have a hard time convincing anyone to do that. Compare that to the first Twitter exodus, people chose Bluesky over Mastodon because picking a server was ‘difficult’. The average person doesn’t care about technology at all and will always pick the path of least resistance.
SimpleX is cool, but fails the “my grandmother can use it” requirement. Signal has the huge benefit that is just as easy as WhatsApp. With Simplex you have to invite each of your friends individually.
That is exactly what it says. They knew about security issues in their library and didn’t fix them for years. This isn’t being ignorant, this is negligence.
I do, use Signal if you care about privacy. They are the only game in town when it comes to reasonably secure chat software. Sure, I would prefer a federated alternative but I haven’t found one yet that is always end-to-end encrypted, open source, implements forward secrecy, and is user friendly enough to be used by my grandmother.
Don’t use Matrix the devs knew about sidechannel vulnerabilities and ignored them for years. This is peak negligence and should immediately disqualify you from touching anything security related.
I don’t think control features help much when one of the most basic question that you can ask is “What is your gender and who would you like to date?”. As I have already outlined in another comment in this thread, this information has to be shared with the federated network and is already enough to get people into serious trouble should it get into the wrong hands.
Alternatively think about it this way. Would you hand over this kind of information to a total stranger? Would you take on the responsibility of handling data that could literally kill someone if you make a mistake?