this post was submitted on 17 Jul 2023
1178 points (96.5% liked)
Technology
59285 readers
4501 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Matrix is a security nightmare. Everyone should stay clear from it till possible solutions are found for the ongoing concerns.
Tbh, I don't think encryption matters that much for are usually public chat channels.
The private communication should be safe since i think the users will usually pin the keys for each other.
The problem comes from federation. You never know where your messages are synced to + what will happen if instances are defederated. Matrix might become something really cool, if it spends 1-2 years solely on security. Otherwise... it's just nothing more than an epic (and misleading) name + some IRC legacy vibes.
But you do know where your messages are synced don't you? You can check your chat partner's homeserver. Or am I mistaken?
yeah, messages are only sent to servers that are in a room, so its very easy to see and know what servers are storing the messages/metadata
And even IF a server is storing your messages — doesn't E2EE make that irrelevant? It doesn't matter if they store it as long as they cannot decrypt it. I don't quite understand @SevereLow's concerns.
yeah thats another point as well, not all rooms on matrix are encrypted, it for example makes it pointless to encrypt public rooms that anyone can join