🆕 Software Suggestion | Teamchat: The Lounge & IRC

[Mikaela]

Basic Information

Name: The Lounge
Category: Team Chat / IRC
URL: https://thelounge.chat/

Description

Kind of open source https://irccloud.com/ that you can self host and alternative to Riot/Matrix using IRC, even with it's limitations.

Basic Information

Name: Internet Relay Chat (IRC) protocol
Category: Team chat
URL: https://ircv3.net/support/networks#networks

Description

The first instant messaging platform that is still widely used for open source software projects. I couldn't find/think of a better link, freenode is the biggest network nowadays. It can also be selfhosted.

Warning: many IRC users use it in plaintext without transport encryption.

---

Worth mentioning?

• HexChat as a simple GUI client
• Textual as a popular macOS client
• ZNC as a bouncer for any IRC client for receiving offline messages

[RyanSquared]

Warning: many IRC users use it in plaintext without transport encryption.

This can be customized per-server, and I believe a custom instance of The Lounge would let you set up encryption by default. It's something that the people at @hashbang have looked into as well. As a non-active admin of the service, I can say that we've had reasonably good results with enforcing TLS only, and only had a single user who had issue with it.

[blacklight447]

I don't think it would be wise to recommend people to choose options which are not encrypted by default.

[RyanSquared]

I think it's worth recommending a commonly used software that can be configured in ways that are TLS-only both on a client/server (more appropriately, "network", as most networks are configured by multiple servers) level and a channel level. That being said, I do understand the issue of promoting software that by default is not secure, and think that movements should be made to stronghand IRC software into being secure by default, though given it currently allows (and in some cases defaults to) insecure traffic.

Most importantly, IRC is still used in many tech communities and I think it's important to not only suggest secure solutions but also to do so in a way that can educate people on the optimal privacy and security capabilities of the implementations - if people are going to use the software anyways, it's a good idea to teach people how to make it secure.

[Mikaela]

IIRC currently some of our top recommenndations on the RTC page include Mumble and Rocket.Chat that also aren't secure by default.

IIRC it was agreed to target FOSS developers and similar who would currently go to Discord and Slack that are in centralized control of parties that don't appear to care about privacy particularly and I think IRC is currently a big platform that works as an alternative to those two, that we aren't currently naming

[Mikaela]

I have recently returned to IRC using selfhosted The Lounge and I am able to say some things.

• I truly think that IRC can be a good team chat platform, especially when selfhosted and given a client like The Lounge which seems to address much of complaints towards IRC (excluding E2EE which public Matrix rooms generally don't have either).
• The Lounge has default options that the hoster can configure and I think they had transport encryption by default.
• IRC network can be ran without plaintext support, I have been doing that in another role since 2018-05-29 (first not allowing plaintext connections at all, later for user friendliness allowed plaintext connections to get error message about the user being required to use TLS and disconnecting them(Stop complaining about plaintext listeners, they cannot be removed as users won't try 6697/TLS and we have need_ssl in every auth_block charybdis-ircd/charybdis#270)).

I think for now it should go to worth mentioning under https://www.privacytools.io/software/real-time-communication/#teamchat like XMPP is in https://www.privacytools.io/software/real-time-communication/#teamchat with the warning that there is currently no E2EE ircv3/ircv3-ideas#29.

Adjusting the original submission, I would suggest it only as a self-hosted solution as any big network likely has plaintext connections allowed and I think that is one of the concerns presented against IRC. I would also drop mentioning the "worth mentioning" from the original issue as I think readers nowadays would expect the server to store message history and mostly be unhappy with shell/bouncer setup not being so simple.

---

Idea:

Worth mentioning:

• IRC (maybe link to IRCv3) - Internet Relay Chat, the oldest team chat protocol still used by many open source software projects. [warning: no E2EE] [warning: unless you selfhost there is a chance of accidentally sharing data through connections that aren't transport encrypted]
  • Client: The Lounge - modern selfhosted web client
  • IRCv3 server software feature support table

[Mikaela]

#1651 questions.

Why I am making the suggestion

IRC is the oldest team chat protocol that is still alive and kicking, not everyone has moved to Matrix and I believe it's worth mentioning as an alternative to Slack, especially The Lounge.

My connection with the software

The Lounge: as I have previously reported, I have started using it and have been somewhat active on their issue tracker.

IRC:

• I am operator on PirateIRC which is using Charybdis IRCd on which IRC channel I have been somewhat active asking questions and they have been very helpful towards me.
• I am on some of the IRCv3 offtopic channels and know some people and they know me. This includes @RyanSquared from the above.

If anyone wishes (me) to assign the Conflict of Interest label for which I opened #1651 as an alternative, I will do so (unless someone else does it first).