While Jitsi is open-source, most people use the platform they provide, meet.jit.si, for immediate conference calls. They have now introduced a “Know Your Customer” policy and require at least one of the attendees to log in with a Facebook, Github (Microsoft), or Google account.

One option to avoid this is to self-host, but then you’ll be identifiable via your domain and have to maintain a server.

As a true alternative to Jitsi, there’s jami.net. It is a decentralized conference app, free open-source, and account creation is optional. It’s available for all major platforms (Mac, Windows, Linux, iOS, Android), including on F-Droid.

  • The Cuuuuube
    link
    fedilink
    English
    1181 year ago

    Those are all SaaS providers with meeting software available. If someone was using Jitsi, it was specifically to not use a login with any of those providers. They’re actively deciding not to continue operation with this. Its like when OnlyFans declares they wouldn’t allow adult content going forward

    • Name
      link
      fedilink
      191 year ago

      Its like when OnlyFans declares they wouldn’t allow adult content

      So… Tumblr?

        • snooggums
          link
          fedilink
          221 year ago

          I laughed pretty hard at OnlyFans trying to remove the only thing that I was aware they hosted.

      • The Cuuuuube
        link
        fedilink
        English
        131 year ago

        Yeah but at least Tumblr had a majority of non porn content. Jitsi is almost entirely privacy wonks, and only fans is almost entirely porn

    • bedrooms
      link
      fedilink
      101 year ago

      I imagine that, at least, the videos wouldn’t go through those SAAS providers, and that’s relatively a plus still.

    • @masterspace@lemmy.ca
      link
      fedilink
      English
      51 year ago

      Those are all SaaS providers with meeting software available.

      With paid for commercial meeting software available.

      If someone was using Jitsi, it was specifically to not use a login with any of those providers.

      Or because they didn’t want to pay ongoing SAAS fees.

      They’re actively deciding not to continue operation with this. Its like when OnlyFans declares they wouldn’t allow adult content going forward

      It’s literally nothing like that since Onlyfans is not an open source project that lets you host your own instance and run it however you like.

      If you want anonymity run it yourself. If you want to use their servers it’s reasonable that they expect to know a modicum about how to verify you are who you say you are. There is literally no other way to prevent abuse other than identity verification of bad actors.

      • The Cuuuuube
        link
        fedilink
        English
        91 year ago

        I don’t know how I indirectly said that. I certainly didn’t mean to. Its less well known, perfectly fine, and it’s killer feature for a long time has been being decoupled from privacy disrespecting big tech companies

          • The Cuuuuube
            link
            fedilink
            English
            61 year ago

            “Main motivating factor” != “Only viable reason”

            Sorry for any unclarity I introduced. And yes, login via google vs full on google meet are two different things, but if I have to login via google for Jitsi I’m suddenly far more likely to use Jami

      • @anlumo@feddit.de
        link
        fedilink
        41 year ago

        My experience has been that Jitsi is much better when the connection is bad. However, its default setting is that video is cropped to be square, which is very bad. I don’t even think that the user can change that.

  • ubergeek77
    link
    fedilink
    831 year ago

    Why is everyone up in arms about this? The abuse of their free service was rampant. This isn’t a core project change, this is just a measure to keep a version of the project up for free without completely taking it down. They don’t even have a way to monetize this. An alternative was to simply shut it down and only allow you to self host it.

    I self host my Jitsi instance, but as a privacy nut, I don’t see a problem with this. Absolute privacy cannot always coexist with free anonymous services. Don’t blame Jitsi, blame the people who ruined it for everyone else.

      • ubergeek77
        link
        fedilink
        101 year ago

        In this case, it sure does sound like abuse. Considering the careful wording, combined with the seemingly kneejerk reaction of requiring authentication, there was likely illegal activity going on:

        Earlier this year we saw an increase in the number of reports we received about some people using our service in ways that we cannot tolerate. To be more clear, this was not about some people merely saying things that others disliked.

        Over the past several months we tried multiple strategies in order to end the violations of our terms of service. However in the end, we determined that requiring authentication was a necessary step to continue operating meet.jit.si.

        It was a free, anonymous service that let people stream video and send messages. Consider for a moment if that “video” was actually non-video data encoded to be streamed through Jitsi and sent to another location. Or, consider if the video was video, but was so egregious and illegal, that Jitsi had to take action. It doesn’t take a lot of thinking to consider the kinds of activities could have been going on.

  • @Kajika@lemmy.ml
    link
    fedilink
    511 year ago

    Earlier this year we saw an increase in the number of reports we received about some people using our service in ways that we cannot tolerate. To be more clear, this was not about some people merely saying things that others disliked.

    Cannot be less clear.

    Anyway I don’t understand why you’d need an account. I’ve always created rooms and share the link to people to invite. You can setup a password if you want privacy. Any reason to login?

    • @cerevant@lemm.ee
      link
      fedilink
      English
      551 year ago

      They are probably talking about using it to share CSAM or other illegal content. They need one person to login to be not anonymous so they can give it to the authorities if necessary.

      • 𝒍𝒆𝒎𝒂𝒏𝒏
        link
        fedilink
        281 year ago

        Yepp I agree, that kind of cryptic speak and this kind of drastic action taken by a FOSS project likely eludes to something of this nature IMO.

        If they want to continue to appeal to businesses they’re almost certainly not going to release a statement saying people were sharing illegal material on our platform especially when they’re not a big well-known company like Facebook, Google and Microsoft, where normal people tend to disappointingly dismiss bad findings with a “benefit of the doubt” stance.

        I assume their hosted version doesn’t have this limitation? In that sense, this news really is a non-issue I think, considering everyone usually has one of those three accounts. Someone looking for privacy should probably host their own IMO

        • @megsmagik@feddit.it
          link
          fedilink
          11 year ago

          I don’t understand, even if I use a google login I haven’t necessarily give my real name to google so why is it safer for them? Anyone can create a new email with google and particularly people sharing illegal material wouldn’t use their real personal email so what’s the point?

          • 𝒍𝒆𝒎𝒂𝒏𝒏
            link
            fedilink
            21 year ago

            Law enforcement can subpoena Google for breadcrumbs, and then go to data brokers for the missing pieces. It’s not perfect, but this likely isn’t the reason for Jitsi doing this.

            The real reason likely falls along the line of the extra requirement driving people away from misusing the service, if they now need a VPN + killswitch and a burner “faang” account to share illegal content. They’ll just go to the next common denominator sadly, resulting in truly anonymous services dropping like flies (anonfiles.io being the last example of this)

          • @esaru@beehaw.orgOP
            link
            fedilink
            21 year ago

            Is a mobile phone number not required for a Google account? In many countries, including all EU ones, you need to authenticate yourself when ordering a SIM card. This makes your phone number your personal ID. Your Google account is connected to your person, and what you do on Jitsi after logging in with your Google account as well. It’s easier to track back to you that way.

            • @megsmagik@feddit.it
              link
              fedilink
              11 year ago

              Yeah I didn’t think about the phone number, I made my google account a long time ago and they didn’t use to ask you for your number but now every service needs it for “security” reasons

      • @Smoke@beehaw.org
        link
        fedilink
        English
        81 year ago

        But why a Google/FB/MS account? Why isn’t an email account from an established provider enough, why centralise to three megacorps?

          • @Smoke@beehaw.org
            link
            fedilink
            English
            31 year ago

            I didn’t think I’d unironically hear “This is an advantage because now one company controls all your logins” as a reply to privacy concerns.

            • @cerevant@lemm.ee
              link
              fedilink
              English
              41 year ago

              I didn’t say that. Security and privacy are nearly opposites. This is a security decision.

        • Shadow
          link
          fedilink
          41 year ago

          There’s plenty of disposable email services out there.

          • @Smoke@beehaw.org
            link
            fedilink
            English
            21 year ago

            And they’re added to spam lists all the time. All you need do is draw up a list of the twenty most popular, because frankly Gmail and outlook already cover so many while leaving room for privacy-friendly providers.

    • garrett
      link
      fedilink
      11 year ago

      There was likely a broad campaign of abuse that violated some sorta law. There’s not really another reason for this move short of something that puts them in an untenable situation.

  • bmaxv
    link
    fedilink
    451 year ago

    @esaru

    “One option to avoid this is to self-host, but then you’ll be identifiable via your domain and have to maintain a server.”

    Makes it a non issue.

    It’s free as in freedom not as in free beer and that’s that.

    Jitsi doesn’t have to offer free service and they particularly don’t have to provide anonymity.

    The same is true for the fediverse, since the admins have info that could help identify users. That has it’s uses too.

    • @esaru@beehaw.orgOP
      link
      fedilink
      17
      edit-2
      1 year ago

      Jitsi remains free. As you can see, this isn’t about money but rather about privacy, which has diminished compared to before.

      The issue with centralized systems becomes more apparent: the provders are held accountable for their users’ actions.

      • Peter Bronez
        link
        fedilink
        81 year ago

        @esaru @bmaxv @technology concur that this reduces privacy for users of Jitsi’s hosted service. It also has some concrete benefits for Jitsi - they get to outsource account validation and security. Perhaps they were struggling to contain abuse.

      • @masterspace@lemmy.ca
        link
        fedilink
        English
        3
        edit-2
        1 year ago

        Privacy has not diminished, you can host your own instance of the jitsi software account-free and take on the liability of people using your server for child porn yourself if you want to.

  • flatbield
    link
    fedilink
    English
    42
    edit-2
    1 year ago

    Relax. Just use a different server. May not be exactly accurate either. How in the world do you have any idea who uses what server. I have never used this server.

    One way is join the FSF and use their server. There are others or host your own too. The load and cost needs to be spread anyway.

  • owiseedoubleyou
    link
    fedilink
    331 year ago

    It’s hypocritical to call your service “privacy friendly” and then require the use of a Google/Facebook/GitHub account to log in. I kinda understand the reason why they do this, but they could have at least allowed you to use a more private email provider.

    • @masterspace@lemmy.ca
      link
      fedilink
      English
      241 year ago

      Calling them hypocritical is hysterical when they offer all the source code for free and you can host your own instance that doesn’t need an account.

      • @esaru@beehaw.orgOP
        link
        fedilink
        111 year ago

        The software is free open source. But this case is not about the software. It’s about the web instance that the majority of the people was using. And that instance now lost its privacy feature and shouldn’t call itself privacy friendly anymore.

        • @masterspace@lemmy.ca
          link
          fedilink
          English
          2
          edit-2
          1 year ago

          What information is transmitted to GitHub when you sign in with your GitHub account?

          I’ll tell you: that you signed into jitsi.

          That’s it.

      • @VolunTerry@monero.town
        link
        fedilink
        English
        11
        edit-2
        1 year ago

        I agree with you and it’s an important distinction. But for me it’s also about the ethos of the developers or company. Promoting free and open source tools is great, but requiring the opposite as a prerequisite to use the largest publicly facing implementation of that is a very odd decision.

        • @masterspace@lemmy.ca
          link
          fedilink
          English
          91 year ago

          Is there another OAuth identity provider they should use? I agree that it’s ludicrous that advertising companies are the primary identity providers we use, but I have no issue with GitHub / Microsoft as an identity provider.

          At the end of the day they could create their own account system and take on the liability of storing passwords, but why? That’s not what their software is about and as instance admins it will take away their time and focus.

          At the end of the day I think what you’re chafing against is not their fault but a fundamental problem with open source software at the moment, we have no system of decentralized identity verification, and identity verification is basically a necessary part of ensuring your system isn’t abused.

          • @VolunTerry@monero.town
            link
            fedilink
            English
            11 year ago

            I’d personally prefer they didn’t implement any KYC-style identity verification at all in the first place, but it’s not my service or project and I’m not a paying customer, so my preference is largely irrelevant to them. But that said, I didn’t intend the comment to be damning, or even a particularly harsh criticism, just thought it wad an odd choice.

            If what you are saying is accurate, and there aren’t better options, I at least understand that choice a bit more. If they feel they need an identity provider for whatever reason, they should obviously choose the one they feel best fits that need. And as others have noted, different servers and instances can be spun up or utilized. Users can choose to utlize whichever fits their needs best, or none if none of them fit.

            Your other point is well taken though that it may be a gap in the marketplace. Sounds to me like a need waiting to be filled. I recall reading about some decentralized blockchain solutions for this sometime back, but do not recall the specifics. I haven’t followed along because it didn’t seem relevant to my personal or business needs at the time.

            If anyone else knows of alternative options that may be better or more privacy friendly, I’d certainly be interested to hear about them. And would chip in funding for any good FOSS projects that might seek to solve this problem.

    • viq
      link
      fedilink
      81 year ago

      @owiseedoubleyou
      It’s more likely about OIDC and not “email”. In which case they could have included Gitlab I guess. Let’s give them a while, they’ll probably figure out a list, this sounds like “how can we cover largest amount of people while adding fewest providers”
      @esaru

  • @ReversalHatchery@beehaw.org
    link
    fedilink
    31
    edit-2
    1 year ago

    I guess I don’t need their app anymore on my phone, then. More free space to me.

    Though using an other instance as mentioned by other comments is also an option, I think the mobile app supports that too, even if it’s a bit complicated

    Edit: after reading the article, this might really not be their fault. At the end they also encourage the reader to host it themselves. They are not very transparent with what’s the actual problem, though…

    • @rnd@beehaw.org
      link
      fedilink
      101 year ago

      Yes, the mobile app supports third-party servers, though I wouldn’t call it complicated.

      If you want to join a room, all you do is type/paste the full URL to it instead of just the name. “Open in App” functionality will also work regardless of the server.

      If you want to host one on a third-party server, you just go into the options and replace the “https://meet.jit.si” address with one of the third-party server. Then when you create a room, it will use that server.

      • Probably complicated isn’t the best word, my issue with it is that if I understand it correctly, you would always need to change the server address if you need to connect to a meeting that was created at a different server

  • Gunpachi
    link
    301 year ago

    This is indeed sad news. I made my friends (who don’t care about free software) switch from google meet to jitsi for video calls just the other month.

    The only thing that got them sold on jitsi was that it required no login.

    • viq
      link
      fedilink
      151 year ago

      @gunpachi
      There’s jitsi the software and jitsi the page. This affects only jitsi the page. There are many more pages where jitsi the software is reachable at.
      @esaru

      • Gunpachi
        link
        61 year ago

        Thanks. I am aware of other instances, but my friends and family don’t understand the point of it. Anyways… I’ll see if I can get them to try other instances of Jisti.

        • Tell them that it works the same way, no registration too, but the old one had to shut down.
          Technically, it did shut down, for those that don’t want to log in with anything.

  • @Jummit@lemmy.one
    link
    fedilink
    29
    edit-2
    1 year ago

    That said, it is completely understandable that some users may feel uncomfortable using an account to access the service. For such cases we strongly recommend hosting your own deployment of Jitsi Meet. We spend a lot of effort to keep that a very simple process and this has always been the mode of use that gives people the highest degree of privacy.

    Seems like you can avoid it by self-hosting. Still a very suspicious move, kinda defeats the whole point of an alternative to big tech conference services.

    Google, GitHub and Facebook for starters but may modify the list later on

    Maybe they could support some auth provider from some fediverse app? That would be kinda neat.

    • conciselyverbose
      link
      fedilink
      33
      edit-2
      1 year ago

      Earlier this year we saw an increase in the number of reports we received about some people using our service in ways that we cannot tolerate. To be more clear, this was not about some people merely saying things that others disliked.

      Over the past several months we tried multiple strategies in order to end the violations of our terms of service. However in the end, we determined that requiring authentication was a necessary step to continue operating meet.jit.si.

      This sounds to me like a pattern of people using it for actual serious crimes (with the obvious guess being video sharing of sex crimes/trafficking/kids). I understand that that justification is used for a lot of extremely invasive privacy violations, and stuff like scanning every file in the name of that is too far, IMO, but if you’re the only platform with resources to handle that traffic that allows anonymity, it’s very likely to grow at a significantly larger rate than the rest of your traffic.

      You can’t (shouldn’t) scan every file every individual sends to every other individual in order to prevent it, but once you have a platform that’s capable of supporting community-type activity, it’s a very real issue that you can face.

      “You can host yourself with your own choices on vetting participation because here are the tools to do it” isn’t really a bad line to draw. But you can’t have your servers be a central point for that.

  • @Moonrise2473@feddit.it
    link
    fedilink
    261 year ago

    Wasn’t easier to just shutdown the server?

    I use jitsi just because doesn’t have Facebook/Google/Microsoft login

  • andrew
    link
    fedilink
    English
    24
    edit-2
    1 year ago

    ITT: People not understanding the difference between a free publicly hosted instance and the OSS tool itself.

    • @esaru@beehaw.orgOP
      link
      fedilink
      10
      edit-2
      1 year ago

      This is about the free publicly hosted instance, used by the majority of the Jitsi users, who used it because they didn’t have to login with a Google/Facebook/Github account. Which they now have to.

  • elouboub
    link
    fedilink
    23
    edit-2
    1 year ago

    Lol, it was my GOTO specifically because it doesn’t require a login and I can send it to my parents who need minimal clicks to enter the room. I even have family that doesn’t have a github, facebook, nor google account, so they won’t be able to join.

    Amazing move Jitsi.

    Earlier this year we saw an increase in the number of reports we received about some people using our service in ways that we cannot tolerate. To be more clear, this was not about some people merely saying things that others disliked.

    What kind of “illegal things” were they doing? Say it, so that we can comprehend. Make it make sense.

    • snooggums
      link
      fedilink
      201 year ago

      Safe to assume it was child porn, because that ends up being an issue on any service that lets people share images or video privately. By not stating it directly, they don’t prompt news organizations to quote the company in click bait articles about how their platform enables child porn as if that wasn’t a universal issue that all services have to actively discourage.

    • bedrooms
      link
      fedilink
      181 year ago

      Tbf I’d not get angry if it was jihadist recruitment, child porn, human trafficking, etc. etc.

      • @knokelmaat@beehaw.org
        link
        fedilink
        71 year ago

        But won’t those criminals always find another way of communicating? If you’re doing something illegal, it’s worth it to you to go through some hoops to have safe and private communication. All this does is remove that option from less tech literate people.

          • @koper@feddit.nl
            link
            fedilink
            41 year ago

            Communication network providers in the EU generally aren’t liable for illegal activity of their users.

            • conciselyverbose
              link
              fedilink
              51 year ago

              That doesn’t make it a non-issue. Ignoring the obvious ethical issues, there are still serious costs to addressing conduct they’re made aware of, both in terms of actual man hours and mental health of any employees, and the actual bandwidth of the abusive traffic.

    • @jcg@halubilo.social
      link
      fedilink
      51 year ago

      If I’m reading it correctly, you only need one person in the meeting to have one of those accounts.