Comment on What If: Signal Was Part of the Fediverse?
poop@lemmy.blahaj.zone 1 year agoOnly if the signal crew collectively fell down, hit their heads and forgot about their whole mission of protecting metadata privacy. Matrix is a privacy nightmare (compared to signal). It offers optional encryption for the actual text of the messages sent, but everything else from room membership lists to reactions are unencrypted and stored for every by the server. The end to end encrypted message feature was bolted on after the rest of the thing was built, and it shows.
We’ve seen signal.org/bigbrother/ where signal proudly shows that they don’t have any metadata about their users to turn over. There’s a reason we don’t see anything like this for matrix.
Matrix is good at federating, but fucking horrible at keeping your information safe.
derin@lemmy.beru.co 1 year ago
I don’t think you understand why current servers operate the way they do.
Matrix server implementations function on the idea that your data lives in the server, so of course it needs that information (who is here, who is talking to whom) - or else, as an example, if you lost your devices you wouldn’t be able to recover your info (like on Signal).
I don’t want Signal’s Peer-to-Peer solution. I own my server, so I’m okay with keeping my own metadata. I want my communications with others to be encrypted, but recoverable if I lose access to my devices.
I think what you want is a Peer to Peer encrypted solution, which Matrix is working on, but isn’t available yet.
Follow this site for info on Matrix’s progress in that space: arewep2pyet.com What you’re looking for is info on Pinecone.
TLDR: poop wants a peer-to-peer encrypted network, Matrix is not that, so poop runs their mouth a little.
Further reading:
Matrix’s architecture today means that the servers can see who their users are talking to, and when - but not what (assuming it’s end-to-end encrypted). Just like a PGP mail service like Protonmail. Because Matrix stores conversation history on the server (unlike Signal) so you can get at it when from multiple logins, you end up with that metadata stored on the server.
We’re fixing this by working on P2P Matrix (as per the blog post - it’s one of the main initiatives that the funding is going towards). matrix.org/blog/2020/…/introducing-p-2-p-matrix explains how P2P addresses the metadata problem.
(…)
poop@lemmy.blahaj.zone 1 year ago
Not sure why you think I don’t understand why matrix operates the way it does and I’m especially not sure why you think you know what I want. To help clear it up: I want a secure, decentralized encrypted messaging system that doesn’t let anyone but the participants access any information about their conversations, just like everyone else. What I DONT want is people misrepresenting the current landscape, as many in this thread are doing. End to end encryption of the actual text of the messages is not at all good enough, and Signal has made enormous strides in demonstrating alternative options. I’m not a fan of the usual things people don’t like about signal (phone numbers, centralized server architecture, mixed feelings on removing SMS from Android). Matrix addresses almost all of these, and does a lot of other cool things, but does so at the cost of a lot of privacy. I want people to stop acting like matrix and signal offer the same level of privacy. I get it, decentralization is good, but can we please not misrepresent the offerings of current decentralized solutions compared to current centralized ones just because we like the architecture of one more?
I’ve operated matrix servers and I’ve looked at the database to see what it knows. It knows a lot, and if a service provider was compelled to turn that over, it could be bad. We should be honest about what the server knows so people can make rational decisions.
derin@lemmy.beru.co 1 year ago
I understand that end to end encryption of messages alone is not good enough… For you.
The current landscape is very exciting, and I see matrix taking the correct steps in the correct direction. I don’t see that with Signal.
Signal’s core design isn’t great for me, bordering unusable. It’s peer to peer - I want the security of a server (my server) managing my shit.
As an aside: If I have one more person message me asking what happened to their signal messages, after reading a post from someone online and switching to signal for a while, I’m going to lose it. It’s a platform the prefers security over usability.
On matrix I get a new device, log in, authenticate the new session from my old one, and watch as my content comes back. That’s it right there. That’s the magic I want.
What I don’t want is “got a new device, don’t have recovery keys? Fuck you.”
Your desire of a secure, decentralized encrypted messaging system is shared by me, I’m just not going to trash a system that does the majority of what I want over minor concerns regarding metadata.
And the alternatives you’re touting apply to you, a person whose needs are different from mine. They are unusable to me.
I hope my tone wasn’t too incendiary, I’m trying to make the point that our needs are different, not that either of us is invalid.
Honestly I feel like XMPP handles the majority of what you want, why not just use that?