About matrix and riot

Thanks for your reply, so i could be happy for a better matrix.org server policy and configurations, so if an user will just use it for personal chat will know when the message is deleted it is for real also from the server

Signal has some privacy issues.

IIRC, they also require a phone number to sign up for an account.

Hi, I just found this interesting app called Ring. What is interesting in this open-source app is that it works P2P, with E2E encryption without any server.
If I understood well, the server is your phone/desktop. I know that this feature about Matrix is kind of vapourwave for the moment, but I would like to share anyway, maybe this can help to get such feature in Matrix

Ring and Tox (https://tox.chat/) are both interesting because they’re P2P, but the drawback is that it’s much harder to get 100% availability, which is pretty important for calls and instant messaging.

https://matrix.org/docs/guides/privacy_notice.html
New matrix privacy policy thank you @matthew for this

Just a few questions

  1. password are encrypted with ssl as i read technically what does mean? Ssl as i know is a kind of encryption used for transmission not for storing data i could be wrong i hope someone can answer me
  2. username, avatars and mail and other user account are encrypted too?

Very glad that we’ve finally got the new privacy policy out; hopefully folks agree it’s an improvement. Sorry it took so long.

I’ve just clarified the password wording (https://github.com/matrix-org/matrix.org/commit/ed9f9026bc74646aed1bd914385ed3e4ae6eedb7) - thanks for the prod. Passwords are only ever stored on disk having been hashed (and salted & peppered).

When a client sends a password to the server, it does so over SSL / TLS (HTTPS), so it’s encrypted in transmission too.

Username, avatars and email are not currently stored encrypted as need to retrieve them on a regular basis in order to actually use them to run the service.

Why not stick to IRC as the protocol for communication or in short, for chat.?

Trying to evangelize a protocol (matrix in this case) that is not yet standard for this kind of communication seems to be only reasonable for a company that is already part of the oligopoly.

Using IRC is a political decision since big companies will not rely on such an open protocol or standard that has been around for decades and is already widespread, since they cannot control and change it at will. This can be used as an advantage for open projects like this one.

I can understand that the IRC protocol does not contain all the features that are mentioned here, but on the other hand there exists an IRC channel for exactly this project and trying to separate the developers from the eventual users by protocol doesn’t seem like the way to unify communication. How does communication about this project differ from communication that is enabled by this project?

If decentralization is conceptually a requirement, then end to end crypto seems like a much less important factor, since you have the ability to choose the server you are using for communication. so you an choose a server you trust (an option you don’t have with one of proprietary systems)

I really like your idea to produce secure and privacy-honouring device and software solutions, thanks for your prior and current efforts!

IRC does not scale well. Servers are arranged in the spanning tree with only one path between any two of them. This causes frequent network splits once the number of servers grows beyond a handful. All users are known to all servers and any user can get a list of them (at list protocol sais so, in practice this has been disabled for efficiency reasons, once the userbase on average IRC network got to ten thousand or so). Than again, this is my knowledge from 1997, perhaps IRC protocol has undergone major changes since then.

2 Likes

I don’t really understand why a company selling itself on maximum privacy and security should trust a relatively unknown organisation like matrix to do what everyone is trying to avoid Google doing, ie storing and controlling all their private data, whether it is peertopeer, encrypted or whatever. I want all my data stored locally or totally under my control and I don’t want a junk of unnecessary and dubious matrix software embedded in the browser/OS.

Then why don’t you start your own matrix server under your control?

It is like saying that my organization should never had run a sendmail service because someone else relatively unknown invented it, and stay with …AOL.

The phrase “a relatively unknown organization” is an argument against avoiding the “well known and established Google”. It means avoid the unknown and stay with the good known ones. Viva Apple and Google.

Are you sure you want a place in purisms forum?

6 Likes

You misunderstand. I don’t want matrix at all. I don’t want social networking. I don’t want WebRTC in the browser. ( I have been unable to find out if Purebrowser avoids the usual IP leak problems).
The Librem phone is obviously only going to provide very basic features for a long time. This is all I want to start - a basic secure browser, email (maybe Protonmail), conventional phone and text to talk to the real world.
It is obvious that complexity enables bugs and hackability, whether we are talking Open Source or not, PureOs core should be minimalist.

You can chose not to use said functionality, but I prefer a encrypted calling/chat solution over convential insecure cellular networks for my uses.

2 Likes

The devastating Notes on privacy and data collection of Matrix.org (that where posted above) seem to have lead to a fork!

They left github for https://gitlab.com/thegridprotocol/home.
Strangely https://www.gridify.org seems cloudflared.

4 Likes

The issue depend on server or is about the protocol? I mean if i made my own server i’m ok or there is still privacy problems?

Seems to be the protocol.

Data sent on a potential regular basis based on a common web/desktop+smartphone usage even with a self-hosted client and Homeserver:

The Matrix ID of users, usually including their username.
Email addresses, phone numbers of the user and their contacts.
Associations of Email, phone numbers with Matrix IDs.
Usage patterns of the user.
IP address of the user, which can give more or less precise geographical location information.
The user's devices and system information.
The other servers that users talks to.
Room IDs, potentially identifying the Direct chat ones and the other user/server.
1 Like

I think the first 3 points are resonable i mean people must find you, what usage pattern means? About ip addresses i hope will be holded by your home server without the need to be spread over matrix.org or other federated server
Users devices and sys info… Why???

@matthew could we have some clarification?

2 Likes

okaaaay… that’s a LOT of metadata, and many are critical… now I start to understand why Librem Chat is still not on F-Droid, while Librem Social and Librem Mail are there :

To me, there is no need at all to track metadata in a discussion. If they want to improve the app, why just do not put an option in the menu linked to the git in order to open an issue ?

Can somebody explain this, really?

Was matrix produced with, and by, a privacy attack vector against instant messaging?

Is what they tell not what they mean, and sell to some other end?

So that finally it had to lead to a riot, making a fork? Transforming “matrix” into “grid”, to actually allow for decentral, federated, separation of concerns?

That’s the official response


https://matrix.org/blog/2019/06/30/tightening-up-privacy-in-matrix

What do you think?

1 Like

Does not sound like they disable the call-home address book upload anti-feature by default, and would only do opt-in for specific queries, instead of bulk data uploads.

Is this their “solution”?: Continuing to let all installed clients contact their servers, but now enforcing personal authentication for their central vector services, requiring acceptance of their “privacy policies”?

Could the PR matierial not sound like PR material, if the goal would be to develop a protocol that would not require to accept any external privacy breaching policy?

Could another protocol, instead, promote a default no-data-collection policy for clients and homeservers?
Maybe requiring something like some form of “tainted” flag if a home server or client wants to do data-collection that requires to be accepted to comply with the GDPR?

Maybe a way to implement this might be some form of a GPL+data-sufficiency copyright?

EDIT: Or is the GDPR already sufficient?

Any comments on the quote below, like in the pdf response from matrix? To avoid it from falling under marketing gibberish for promoting a larger privacy impact vector.

It is (is it?) right that not-allowing something does not-necessarily mean not doing so, but still keeps the option for rating freedom and privacy equally high (as – any low to negative number)?

Reading this now, could be revealing a different kind of accuracy depth, possibly including but not limiting the spreading of some FUD regarding own homeservers and other apps?

and as mentioned in #matrix:matrix.org:

“basically, there’s some stuff we could do better; we’ve almost finished a project to do so as per that post. much of the other stuff in the original gist is alarmist BS - mixing together innocuous stuff with a few legit issues in order to scare people and promote a hostile fork.”

1 Like