Home  Blog  Music ? Books Art About

$ cat Discord_Alts

Discord Sux: A review of alternatives

As with the enshittification of all commercial internet platforms, Discord fucking sucks. What was once a decent alternative to Skype (which was just VOIP for people who didn't want to setup teamspeak) is now an annoying, hyper-monetized, pedophile ran, infantilizing, information leaking, insecure POS. Oh and you can get your account banned at any time for just sitting in a server that does "bad" things like sharing epubs.

It seems like now is the time for alternatives. A few months ago everyone was scrambling for a Twitter alternative (Nostr > Mastadon btw), now everyone is scrambling for a >redditcostanzayeahrightsmirk alternative. Discord hasn't yet done a stupid controversy and people aren't scrambling for an alternative, but it won't be long I'm sure. Network effects can suck though, and friends are often hesitant to switch platforms unless it's familiar.

The rest of this post will be a short review of self-hostable Discord alternatives that can be acceptable to casual users, sorted from (IMO) least to most acceptable, with attention given to security.

IRC

+ As it's a protocol, you also have your choice of many different clients and extensions
+ Low bandwidth
+ Very extendable and scriptable, for clients, servers, and bots
- No chat history. When you join a server you only see what's posted after you join.
- Doesn't support media embeds (although some clients will render link previews)
- Not encrypted by default, but SSL or Tor routing can easily be set-up
- Just chat. There is no voice, video, or screen-sharing

Weechat IRC Client

IRC Cloud Client

XMPP

+ Like IRC it is a protocol, so you have choice of clients and extensions. There are plenty of options.
+ Google Talk, Skype, and WhatsApp have used XMMP as their chat foundations. It is battle-tested.
+ Supports Avatars, Statuses and Text Formatting
+ Encrypted by default with built-in TLS
- Just chat. No video or voice calls (in the base spec, can be done with extensions and supported clients)

Converse.js XMPP Client

Tox

+ Messaging protocol of choice by paranoid Russians
+ Encrypted by default
+ Supports Voice, Video, Screen Sharing, File Sharing, and Groupchats
/ Communications are P2P. No central server. WILL leak your IP if you're raw-dogging the internet, but traffic is easily routable through Tor (or just use VPN).
+ It being P2P though makes it trivial to create a server/groupchat. No need to self-host.
- It's a protocol but with a weak ecosystem. Not many clients available. Clients that are available look ghetto af (imo)
- Clients and protocol no longer under much development

QTox Tox Client

Revolt

+ Opensource Discord clone, very newb friendly.
/ Supports voice chat, but no video or screen sharing
- 3 years on still doesn't support encryption, but they're working on it they swear
- Uses its own shitty protocol of which its client is the only one that utilizes it. No ecosystem.

Revolt Client

Mattermost

+ E2E Encrypted by default
+ Supports voice, video, and screen-sharing
+ Supports slack/discord features like Threads and channel categories
+ Very actively developed. Marketed as a more resilient and hardened alternative to slack/teams. It gets corporate bucks to develop but (for now) stays opensource.
- No ecosystem. Mattermost client/server are your only options.

Mattermost Client

Matrix

+ Encrypted by default
+ Supports file uploads and formatting
+ Supports voice, video, and screen-sharing calls (although not all clients support this)
+ Actively developed protocol, plenty of clients and (home)server software to choose from.
+ Supports "bridges", so you can use Matrix and have messages cross-posted to Discord servers, Slack, or Teams.
+ Can self-host, pay to host, or select a "home server" that supports free space/group/room creation. The default Matrix home server (and other big ones like Mozilla) support this.
- In my experience, the protocol and first-party client is buggy and issues arise often relating to Key exchange, making chat histories often irretrievable.

Cinny Matrix Client

Element Matrix Client

A NOTE ON MATRIX FUNDING CRITIQUES AND CLAIMS THAT MATRIX IS A HONEYTRAP

Often when I see Matrix mentioned in discussions around Discord alternatives or secure messaging services I see ~"Matrix is honeypot!" in typical /g/ contrarian tones, sometimes they link this undated lukesmith article. I wasn't convinced by the links in the lukesmith article and did some further probing:

Up until 2017 Matrix was partially funded by AMDOCS
Some of the founders used to work for AMDOCS
AMDOCS is known to collaborate with MOSSAD

Also troubling:
Matrix isn't very transparent about where their money comes from. And most of Matrix contributed code is now done by the for-profit Element, (due to first-party clients building off the spec but making their shit proprietary and not contributing upstream, Element aims to be the most featureful and attract corporate usage as a slack/teams alternative) which is fine as long as it continues to be done under the Apache license. But if they decide to change license like Elasticsearch the ecosystem can be quite fucked.

And on the technical metadata leaks:
This is a much better overview of mentioned metadata leaks than the Luke Smith article. To note though, the metadata problem is being worked on in the form of P2P matrix overlay pinecone.

Still, it's a problem because governments kill based off metadata, and if frenchskid@matrix.org is spending a lot of time talking to russian@weloveransomware.com poor frenchskid can get into trouble if the government just asks Matrix nicely for the IP.

BUT all these metadata troubles can be solved if:
(As a User)
- Use VPN and Burner/aliased email
- OR Use an alternative homeserver that doesn't log and/or require email

(And as a Community Admin)
- Self-host and turn off federation. (Treat it like an IRC/XMPP/Mattermost server). Of course it's less convenient and is not quite a Discord alternative where you can use a single account to talk everywhere, but that's just part of the balance of security vs convenience.
- OR If you still want federation features (user@myserver can still talk to user@matrix.org and join other public rooms) but want your community to have its metadata silod, you can make your rooms only joinable my @myserver users.

No software is truly perfect, and despite the less than ideal background history of the project, I still trust it. I think the situation is very comparable to Tor and its US Military roots (and its insecure defaults and history of vulnerabilities). Smart infosec people tend to work for gov or gov related agencies (they pay a lot), the Matrix project has a lot of eyes on it and and the metadata issues are being worked on. But, like most things, it's not secure by default. As a Discord alternative it provides feature-parity and it's a helluva lot more secure and privacy respecting. It strikes a great balance between convenience, features, and security. If you're ultra noided setup IRC on an onion address lol.

Conclusion

Mattermost is currently the most mature and closest to having "feature-parity" with Discord. It has mostly corporate interests though and not privacy interests. It is pitched, and sold, as an alternative to Slack and Teams. Large companies like Uber have adopted the platform. This makes it very functional and you will be very unlikely to run into bugs or quirks unlike Element or other Matrix clients, where I frequently encounter UI bugs (panes spazzing resizing +-1px, color shifting) and key exchange failures.

I think Mattermost and Matrix are the two best alternatives. I enjoy the Matrix clients like Schildi much more than Mattermost, and although Matrix is still a little quirky and buggy, its seeing strong adoptionand with a little bit more maturity I think it will be much better than Mattermost as it is an extensible, federated protocol unlike Mattermost.