Are there other messaging apps which are equally bot friendly. Telegram bots are just so nice and scriptable, I don't use it for anything else, just a personal bot (so maybe all this bloat and sketchiness doesn't matter) but I'd be happier to use another scriptable platform
Even being able to have bot custom keyboards/buttons is pretty great
I use Telegram a lot, but Matrix is even more friendly to scripting. If you're just using the bots for yourself, you can setup a non-federated Dendrite instance and just write bots for it.
I like how flexible matrix bots are but there are some problems that I'm not able to easily solve, like finding out when a new person joins a matrix room because the m.join event is used for user info changes as well as joins.
Edit: I found this [1] table that hopefully simplifies things, I'll see if that works out.
Run your own XMPP server - prosody or ejabberd - and you have all the freedom in the world to use it for whatever purpose you want whether that be remote control, 'bots' or anything else. If you're a resident of the EU you'll also escape the 'chat control' [1] (mass surveillance) law which is a boon. Prosody runs happily on a SBC like a RasPi 2 or higher - even a RasPi 1 would work - and takes next to no maintenance to keep it up and running.
Do you have suggestions for XMPP client libraries (across any language)? I really wanted to do this myself but it seems that the first few results I found across several different languages haven't been actively maintained.
Web: xmpp.js or converse.js (the latter is a full client, but can be embedded "headless" with any custom UI you like)
Python: slixmpp
Go: Mellium or go-xmpp
Rust: xmpp-rs
Java: Smack
Any platforms I missed?
There is also the Snikket SDK in development, which is still in its early stages, and designed for XMPP IM apps specifically (whereas most of the libraries listed above are generic and can be turned to any purpose). The SDK is still lacking a few big things like E2EE, but already has calls and some other stuff.
Edit: I should add that building a good messaging app is a lot of work (ask anyone who has tried it, regardless of protocol). If that's what you're doing, consider contributing to or at least starting with an existing project.
The Vector people who develop Matrix run a centralized server with APNS client certificates (from Apple) that allow them to push notifications to every single Matrix iOS user when they receive messages. This centralized server is a notification proxy for all iOS users that use that client.
With federated systems, notifications are a big problem on iOS because the apps don't actually get to run in the background in the traditional sense. They can periodically "refresh", or they can be opened by a user, or they can be woken up by a notification. Notifications can only come from Apple, and can only come via Apple from the app's developer.
Even selfhosted Mattermost pushes notifications to users via the Mattermost organization's centralized APNS notification proxy. It's an annoying form of phone-home, and I think it may even leak message content to the publisher (because the notifications can contain message data).
If you self-host an XMPP server, you can't get realtime notifications of messages on iOS unless you have the app actively open and foregrounded so the app itself can maintain a connection to the server. The moment (or, actually, 15-20 seconds later) you lock your device, poof goes the connection.
XMPP is not end to end encrypted, and is a dying (and weird) protocol. If you're going to selfhost anything, Matrix (via dendrite or synapse or whatever the current state of the art is) is probably the correct answer.
Your perception of XMPP is over a decade out of date. XMPP has push notifications and end-to-end encryption in all the modern apps.
You're quite right that a situation such as you describe (requiring the app to be open to receive messages) would be a horrible experience. Support for push notifications was a solved problem years ago.
There is no way for your selfhosted xmpp server to deliver notifications to an iPhone unless you are the publisher of the xmpp client app you use (which requires doxing yourself to Apple and paying $99/year if you don’t want to sign new binaries every week).
The server support is irrelevant; this is an iOS/APNS issue.
fwiw Element and Element X support UnifiedPush & ntfy on Android these days, so you can avoid routing everything via FCM/GCM/C2DM or whatever Google's push system is called these days. There isn't an equivalent on iOS yet though, so if you want to use your own push server, you have to build your own IPA.
Try Pushover for sending notifications for that. Super easy API, one time $5, and excellent features for message priority/retry/etc to allow for some messages to notake a sound and others to wake the dead up.
This is pretty clever design to me. If Apple & Google don't try to change their policies to skirt around it, it seems like a good way to build so-called super apps on their respective platforms.
Building a Telegram bot is incredibly easy, and a lot of digital services are more then capable of being handled in that format. Being able to easily charge for that built into the actual software library? Win-win to me.
I mean there’s already examples of this: Line and WeChat.
I can only speak on Line. It has so many things built into it. Including: a news app, retail coupons, calling, messaging, payment (both in app and at retail). A few more extreme things the app offers: cellular plans, car/bike/home/life insurance, and brokerage services.
Another example of a “super” app, but one that’s not built off a messaging platform would be PayPay. It’s a popular QR code payment platform in Japan. It includes many of the services offered by Line but in a more integrated way.
Yellow stars are already used heavily in apps for ratings, favoriting, marking as important. And previously as stickers of approval on your childhood homework.
In the example animation of purchases, note all the exciting confetti and sunburst reward-like animations... for spending money.
Not only are they introducing a level of indirection over money (you're not spending real money, but some fun imaginary thing), but they're also appropriating and misusing a popular favorable symbol.
Just show what these things cost in familiar real money (or at least make it a stylized gold coin already), stop preying upon children, and stop manipulating adults.
> Just show what these things cost in familiar real money
Which real money? US dollars? Canadian dollars? Australian dollars? App is by Russians so maybe rubles? But their offices are in UAE so maybe dirham?
For a company looking to facilitate international transactions and storage of value… making their own “currency” actually doesn’t sound entirely unreasonable.
Real money in the currency of the buyer, so they know how much it costs.
Content can be priced manually by region and currency, falling back to current exchange rate to seller's selected currency. (Of course, more dynamic pricing is possible, but that also has its own ethical issues to be careful of.)
I see that lots of people mention it's missing E2E, but that's also the convenient part of it. You have all your chat history in the cloud, can open it at any new device including huge sizes of video and images.
Signal is good for E2E but not comparable in terms of convenience.
Several problems:
On mobile. Desktop not supported. Everything else is clear text and readable by telegram and authorities. Of course it’s missing encryption!
Really, telegram is being naked for 99% of the time, with an optional clothes feature that is limited and mobile only.
Whereas signal is fully dressed, all the time.
Signal is 100% encrypted, all groups encrypted, all messages encrypted, all contacts encrypted. The vendor knows when your registered… that is all.
Of course people who don’t understand the sheer dystopia of cleartext coms and visible social graphs —
They will say “when I need them “ I will encrypt. No, you must encrypt all the time. Messages must be indistinguishable. You don’t just encrypt the sensitive stuff, you should encrypt everything!
It is effectively missing E2E, because it misses the point completely. The point of E2E (and, particularly, PFS) is to a) exist before you even realize you need it; and b) make your private and not-so-private conversations indistinguishable from each other.
In other words, you want your chats with news and memes E2E by default, so when you chat about something sensitive you a) don't have to do anything, b) won't forget about it until it's too late and c) won't give away the fact that this particular conversation suddenly went private.
Telegram management is weirdly stubborn af in this regard. Which could be either "we know better" syndrome, simple ignorance, or even malice. They, however, undeniably know their ways with UX and marketing, so, once again, as in an old Russian proverb, we end up with a barrel of honey, with a spoonful of tar - the nicest-looking but crappily implemented tech always wins.
Majority of Telegram users don't really care about E2EE, IMO. I've been using the platform since 2016 and have been very happy thus far. What we care about are the ease of use, richness of the platform and rapid release of new features. Things you don't see on E2EE-focused services.
It's unethical to be the honey in the surveillance trap of any communications system that is not e2ee always and by default. You're exposing your friends and associates to easily avoidable and unnecessary hazards.
Each iteration I dislike Telegram a bit more. It used to be the sleek "flagship killer" among chat software, but now it's slowly becoming bloatware. Their positive stance on pyramid schemes was were it all went downhill.
It appears that the stars are worth $0.05 each, so this will either be great for microtransactions, and/or lead to some insane money laundering issues.
TBF Telegram doesn't exactly have a direct connection to Toncoin. It's primarily a community project which they heavily promote, since the SEC got on their case about Gram's direct integration.
Has Telegram made any active effort on the encryption/privacy side in the last years?
With no E2EE except in unpractical, single-device "secret chats", it falls behind the majority of chat platforms (aside from Meta-owned ones, at least), and feels like a Western WeChat more than a place I would like my data to be owned by. Which is a shame because its UX is consistently great.
Fantastic features. Telegram is the modern day Winamp. Amazing software with a cohesion in it's features unlike the buggy, broken, hideous Google Suite for example.
Trying to stand up an alt currency backed by Russian oligarchs with deep ties to Russian intelligence services? I smell a federal ban if this catches on.
Even being able to have bot custom keyboards/buttons is pretty great