Then why don’t you start your own matrix server under your control?
It is like saying that my organization should never had run a sendmail service because someone else relatively unknown invented it, and stay with …AOL.
The phrase “a relatively unknown organization” is an argument against avoiding the “well known and established Google”. It means avoid the unknown and stay with the good known ones. Viva Apple and Google.
You misunderstand. I don’t want matrix at all. I don’t want social networking. I don’t want WebRTC in the browser. ( I have been unable to find out if Purebrowser avoids the usual IP leak problems).
The Librem phone is obviously only going to provide very basic features for a long time. This is all I want to start - a basic secure browser, email (maybe Protonmail), conventional phone and text to talk to the real world.
It is obvious that complexity enables bugs and hackability, whether we are talking Open Source or not, PureOs core should be minimalist.
Data sent on a potential regular basis based on a common web/desktop+smartphone usage even with a self-hosted client and Homeserver:
The Matrix ID of users, usually including their username.
Email addresses, phone numbers of the user and their contacts.
Associations of Email, phone numbers with Matrix IDs.
Usage patterns of the user.
IP address of the user, which can give more or less precise geographical location information.
The user's devices and system information.
The other servers that users talks to.
Room IDs, potentially identifying the Direct chat ones and the other user/server.
I think the first 3 points are resonable i mean people must find you, what usage pattern means? About ip addresses i hope will be holded by your home server without the need to be spread over matrix.org or other federated server
Users devices and sys info… Why???
okaaaay… that’s a LOT of metadata, and many are critical… now I start to understand why Librem Chat is still not on F-Droid, while Librem Social and Librem Mail are there :
To me, there is no need at all to track metadata in a discussion. If they want to improve the app, why just do not put an option in the menu linked to the git in order to open an issue ?
Was matrix produced with, and by, a privacy attack vector against instant messaging?
Is what they tell not what they mean, and sell to some other end?
So that finally it had to lead to a riot, making a fork? Transforming “matrix” into “grid”, to actually allow for decentral, federated, separation of concerns?
Does not sound like they disable the call-home address book upload anti-feature by default, and would only do opt-in for specific queries, instead of bulk data uploads.
Is this their “solution”?: Continuing to let all installed clients contact their servers, but now enforcing personal authentication for their central vector services, requiring acceptance of their “privacy policies”?
Could the PR matierial not sound like PR material, if the goal would be to develop a protocol that would not require to accept any external privacy breaching policy?
Could another protocol, instead, promote a default no-data-collection policy for clients and homeservers?
Maybe requiring something like some form of “tainted” flag if a home server or client wants to do data-collection that requires to be accepted to comply with the GDPR?
Maybe a way to implement this might be some form of a GPL+data-sufficiency copyright?
Any comments on the quote below, like in the pdf response from matrix? To avoid it from falling under marketing gibberish for promoting a larger privacy impact vector.
It is (is it?) right that not-allowing something does not-necessarily mean not doing so, but still keeps the option for rating freedom and privacy equally high (as – any low to negative number)?
Reading this now, could be revealing a different kind of accuracy depth, possibly including but not limiting the spreading of some FUD regarding own homeservers and other apps?
“basically, there’s some stuff we could do better; we’ve almost finished a project to do so as per that post. much of the other stuff in the original gist is alarmist BS - mixing together innocuous stuff with a few legit issues in order to scare people and promote a hostile fork.”
Just to clarify: The blog post says, enforced agreement to the policy was a means to make everybody AWARE of the defaults, not to hinder anybody to change them. It also says that it’s unfortunate that those on other instances are NOT necessarily aware of said defaults (as they don’t see that policy).
This is also not a protocol thing. It’s the defaults of clients and servers. All of those things can be changed and improved. For example, I’d expect Purism to use different defaults.
However, I also understand the point that for adoption beyond the geek circle this kind of convenience can be viewed as important. I just don’t assume they do it with bad intentions.
But who is assuming something? It just became obvious that there is no intention at Vector inc. to change the global out of the box default, to stop shipping a central data collection system, in favor of a decentral network that might still allow for some hosts catering to the “I publish the private contact data of my friends” type of people.
The question is if “Jami encrypted message chat and video call” 's current implementation of an optional name server service is already better or can still be improved.
Does the sentence have a spin conveying something that is not said?
Truth is, only they can change the default, so pure privacy respecting companies will have to support a fork that does not require accepting server “privacy” policies, and to use the fixed system instead.
It’s time to ask the question “how does Vector make money, what is his business model?”.
This topic seems to show that they are not trying to delete tracers (in order to clearly remove the suspicions), but to change a privacy policy that the end user must accept.
I reached a point where I was sure of Purism’s good intentions. But between this problem (concerning Vector), but also the Librem Chat which depends on this protocol, I’m starting to wonder if Librem 5 will really respect privacy by default or if it should be diverted (ex: Firefox instead of Pure Browser, a private instant messaging instead of Librem Chat, Silence instead of SMS by default, etc.).
I’m not accusing anything, but I’m not a fanboy either: I’m wondering.
Imo the weak points are just because they are young and have a lot of work to do, so is not ideal yet, but i think community should keep an eye as every project to be sure they improve the privacy in their systems. They changed riot/matrix privacy policy for a request i’ve made in this topic, so i think they will improve also the other part. I’ve chatted with matthew and someone else who work on the project in their official room and my impression is they made some improvement on privacy side and they know there is a lot more to do but now they must focus on the protocols and riotx client, to offer a working service.
I have some issue with riot i’ve opened some ticket about it, so i agree they must focus to make the system usable.
After they reach this goal i think you should keep ask for have a fix on this privacy issue
We have erased all of the data where there is any chance that the data subject didn’t understand how, why or with whom their data was being shared.
We’ve made a change to Sydent so that it no longer persists new associations relating to users on homeservers not run by New Vector.