Comparison of different server-client networks providing activity streams to users ==================================== The goal of this table was to provide an overview of the security and privacy provided by server-client networks providing activity-streams. | project | license | distributed | supports node isolation | server-to-server encryption | 1-click E2EE* | database encryption sceme | supports cloning[^5] | encryption of private messages | PFS chat | wall-to-wall interaction | supports post editing and unsend private message | other | |-----------+---------------+-------------+-------------------------+-------------------------------------------+------------------------------------------+-----------------------------------------------------+-------------------------+-------------------------------------------------------------------------------------------------+-----------------------------------------------+--------------------------------------------------------------+--------------------------------------------------+------------------------------------------------------------------------------| | hubzilla | ISC aka MIT | yes | yes | Zot (PKI) + TLS | yes (via JavaScript, AES-256) | content obfuscation, private keys hidden in the DB. | yes, partly implemented | impossible to message privately in plaintext | no | yes, multiple separated channels possible within one account | yes | privacy built in, run your own @ home, nodes are called hubs | | diaspora | AGPLv3orlater | yes | no[^1] | PKI + SSL/TLS[^1] | no[^2] | mostly plaintext | no | ? | no | yes, no naming policy | no | nodes are called pods | | facebook | proprietary | no | no | planned, probably not implemented yet[^3] | implemented but not offered to users[^4] | unknown | no, walled garden | no, 3-d party plugin Cryptocat and pidgin is availiable but the user is not informed about this | no, with Cryptocat: yes, with pidgin+OTR: yes | only one wall allowed | only post editing | "real name"-policy enforced, advertising-driven, for profit company US-based | | twitter | proprietary | no | no | unknown | no | unknown, probably none | no, walled garden | no | no | yes | only post editing | advertising-driven, for profit company US-based | | | | | | | | | | | | | | | This table was edited with emacs using org-mode. [^1]: https://wiki.diasporafoundation.org/Federation_protocol_overview [^2]: forks providing this exists [^3]: http://news.softpedia.com/news/Facebook-Aims-to-Encrypt-Everything-Between-Data-Centers-433091.shtml [^4]: http://www.computerworld.com/article/2488773/cybercrime-hacking/facebook-holds-back-on-end-to-end-encryption.html [^5]: see the hubzilla help files for details about this feature.