Some of the big weaknesses of running a self-hosted Zulip server for your community are:
- Your server admin can see DMs (or at least metadata, not sure if Zulip does E2E for DMs). The same is true for centralized services in theory, but unless you're a terrorist or a person of interest to a major government, it's extremely unlikely that a Discord employee will have an incentive to spy on your messages specifically. Your admin is likely part of your community and may know you personally, so the temptation is much, much higher.
- If the admin dies and nobody else has the keys to the kingdom, the server can go down at any point, and there's no way for users to reconstitute the network semi-automatically. Discord servers don't just go away unless somebody actively makes them to.
- It's much less secure in practice, it relies on your admin to always be on guard and constantly update their server to prevent vulnerabilities, either in Zulip or in the myriad of other self-hosted services running on it. One guy in his basement that goes on vacation once a year and has family responsibilities is far more likely to make mistakes than a team of trained cybersecurity professionals.
- Many Discord users are in 20+ servers. Anything that doesn't provide a one-click server joining experience (for users who already have an account on a different server) is nowhere near a Discord replacement.
- People want bots (for things like high-fidelity Youtube music streaming on voice channels), and those are mostly Discord-only.
- Anything open source will be worse at phishing and fraud / abuse prevention by definition, as many fraud-prevention approaches rely on the fraudster blindly guessing at what the code and ML models (do you even have ML models for this) are doing.
> it's extremely unlikely that a Discord employee will have an incentive to spy on your messages specifically
No, but history shows some unscrupulous staff members will always snoop, whether its just pure interest or something more nafarious like intent to sell on the black market. This makes the risk of your private data being leaked > 0, which should always be treated as a valid risk.
> If the admin dies and nobody else has the keys to the kingdom, the server can go down at any point
This is how infrastructure works, and supposed to work, besides the point that servers "die by themselves" which of course isn't true in reality. You decrease the bus factor if this is a problem for you.
> Discord servers don't just go away unless somebody actively makes them to
If all the sysadmins at Discord died and nobody else has the keys, exactly the same problem happens. Discord though surely have multiple backups of the keys and so on, something you too can do when you have your own infrastructure, so overall that argument feels almost dishonest, since you don't compare the two accurately.
> Anything open source will be worse at phishing and fraud / abuse prevention by definition
What? Completely orthogonal concerns, and if your main "fraud-prevention approaches" depend on security by obscurity, I'm not sure you should even attempt to be involved in those efforts, because that's not what the rest of the industry is going by a long mile.
> People want bots (for things like high-fidelity Youtube music streaming on voice channels), and those are mostly Discord-only.
Actually, the further I get in your comment, the more it seems like you don't actually understand what Zulip offers nor what the parent comment is about. Music streaming on voice channels? Completely outside the scope of Zulip...
----------
I think you have to understand the comment you're replying to a bit better, before attempting to lift Discord above Zulip. They're specifically talking about Zulip as an alternative "for managing the firehose of busy communities", not as a general replacement for every single Discord "server" out there. Yet you've responded to the comment as that's what they've been doing.
> This is how infrastructure works, and supposed to work
No, infrastructure doesn't have to work this way. This is a very old-school mentality.
Sign the content with a key that you control. Back up the content locally. And boom- your server is easily replaced. It only helps copy data around and performs certain conveniences.
I've been working on this full-time for a few years. If we succeed, we solve link rot (broken links) on the web.
Well, you're basically repeating what I'm saying, but with more detail. It's still what I true, "the one who holds the key holds the kingdom", just shifting it to the user rather than the admin. This is great, and works too, but doesn't make what I say less true.
- Your server admin can see DMs (or at least metadata, not sure if Zulip does E2E for DMs). The same is true for centralized services in theory, but unless you're a terrorist or a person of interest to a major government, it's extremely unlikely that a Discord employee will have an incentive to spy on your messages specifically. Your admin is likely part of your community and may know you personally, so the temptation is much, much higher.
- If the admin dies and nobody else has the keys to the kingdom, the server can go down at any point, and there's no way for users to reconstitute the network semi-automatically. Discord servers don't just go away unless somebody actively makes them to.
- It's much less secure in practice, it relies on your admin to always be on guard and constantly update their server to prevent vulnerabilities, either in Zulip or in the myriad of other self-hosted services running on it. One guy in his basement that goes on vacation once a year and has family responsibilities is far more likely to make mistakes than a team of trained cybersecurity professionals.
- Many Discord users are in 20+ servers. Anything that doesn't provide a one-click server joining experience (for users who already have an account on a different server) is nowhere near a Discord replacement.
- People want bots (for things like high-fidelity Youtube music streaming on voice channels), and those are mostly Discord-only.
- Anything open source will be worse at phishing and fraud / abuse prevention by definition, as many fraud-prevention approaches rely on the fraudster blindly guessing at what the code and ML models (do you even have ML models for this) are doing.