EDIT: changed to more accurately represent how Matrix operates.
The issue is that due to the way Matrix is structured, it essentially spreads copies of unencrypted metadata to every instance participating in those rooms, So it’s federated, but difficult to actually keep metadata from being spread around even if you don’t federate with the main Matrix server, if any server you do federate with dies, it’ll get spread there. You’d have to be extremely cautious who you federate with to avoid that, or not federate at all, which defeats the purpose.
As an alternative, Movim, which uses XMPP and is also federated, does not spread meta data around like that.
What Metadata is shared if I may ask?
Content should be encrypted and therefore private.
This might not be perfect but should already be a step up from discord right?
AFAIK; the time sent, size, sender and recipients of messages, and reactions/emojis are shared across all participating servers unencrypted, even on encrypted messages.
The issue is that due to the way Matrix is structured, it essentially copies ALL of your serber’s metadata to every instance, including the main Matrix server.
This is false. Data is only copied to instances participating in the relevant rooms.
You’d have to be extremely cautious who you federate with to avoid that, or not federate at all,
Or just don’t invite users into your private rooms if they come from servers that you want to exclude.
Agh, you’re quite right. Thanks for correction. I crossed my wires and misremembered how it worked after reading this article about it a while back. Edited my previous comment to reflect that.
I suppose in theory that shouldn’t be an insurmountable problem, though in Matrix’s case it’s a big roadblock, as the main Matrix server hosted by Matrix themselves has unfortunately become the defacto main server that most people use, which means not federating with it massively reduces the ability for someone to just be able to seamlessly hop onto your server unless they too are on one of the smaller, less popular servers.
In the example given in the video, it would likely be a bit of a deal breaker if you met someone in an online game somewhere, and then invited them to your self-hosted Matrix server, only to discover they are on the main potentially israeli intelligence-tied Matrix instance, meaning you’d have to explain they need to create an account elsewhere to be able to join your instance. It would be pretty awful UX.
in Matrix’s case it’s a big roadblock, as the main Matrix server hosted by Matrix themselves has unfortunately become the defacto main server that most people use, which means not federating with it massively reduces the ability for someone to just be able to seamlessly hop onto your server unless they too are on one of the smaller, less popular servers.
Maybe. But on the other hand, Matrix is only just beginning to become known among gamers, and there are a lot of us. Seems like a good time for people to stand up a new servers and invite the gaming masses.
it would likely be a bit of a deal breaker if you met someone in an online game somewhere, and then invited them to your self-hosted Matrix server, only to discover they are on the main potentially israeli intelligence-tied Matrix instance,
I’ve seen occasional claims of that for a few years now, yet not once have I seen any credible evidence of it. Not in their own weekly reports. Not from journalists. Not in spec drafts or issue trackers or organizational structure. Nowhere. This particular legend smells more like fearmongering to me. At the most, it looks more like the distant connection that the internet has to the US military: Sure, part of its origin story might have been there, but it’s not relevant any more.
(Also, if your goal is to avoid Israeli intelligence-tied people seeing your room meta-data, you probably shouldn’t be inviting strangers to join. After all, there’s no way to know who they really are, regardless of what homeserver they use or what chat platform you’re on.)
For what it’s worth, account portability (giving people a way to switch homeservers) is on the Matrix roadmap.
Seems like a good time for people to stand up a new servers and invite the gaming masses.
Personally I don’t think it’s ready as a Discord replacement, based on the troubles displayed in the video, such as not being able to get things like video calls or screenshare working easily when self-hosting.
I’ve seen occasional claims of that for a few years now, yet not once have I seen any credible evidence of it.
I’m assuming you haven’t seen the GN video in the OP yet, but they go into that connection, which they personally feel is bad enough to not use it. The issue is that Matrix was created and funded by Amdocs, an Israeli company with possible connections to Israeli intelligence.
The matrix foundation themselves admit to being funded by Amdocs, such as here on their blog:
As unpopular as VC funding is in some circles, the Matrix community owes a huge debt of thanks to Element’s investors (Status, Notion, firstminute, Dawn, Automattic, Protocol Labs and Metaplanet) and Amdocs for funding over $50M of work on both Matrix and Element since 2017.
How is Matrix[.]org funded? For the first three years of Matrix’s development (2014-2017), most of the core contributors worked for Amdocs, who paid for them to work fulltime on Matrix. In July 2017, Amdocs considered the project to be sufficiently successful that it could now self-support and so stopped funding.
They also specifically attempt to offer their chat services to law enforcement, such as the time they bought a booth at a law enforcement convention, which caused this controversy.
I don’t have a problem with the org offering services to law enforcement, governments, businesses, etc. Funding like this is how they are able to pay the bills without turning to venture capital or user exploitation.
I did see the GN video. They explicitly stated that they didn’t find a hard link. And, as you pointed out, Amdocs stopped funding almost a decade ago.
You seem to have made up your mind, though. I won’t try to change it.
Amdocs stopped funding it, but Martix and the company developing Element are both still made up of ex-Amdocs people. If they are connected to Israeli intelligence, it’s not as though they suddenly aren’t potential agents just because they stopped being officially funded by Amdocs.
I find it irritating that element’s website promotes their origins as the creators of matrix but doesnt anywhere actually give names that could be researched. Yes i could get the directors details from Companies House but frankly its just easier for me to move on and not use their software.
XMPP is a shitshow of its own, very fragmented architecture. different incomplete implementations. each server can chose which features (extensions) to turn on and which not) so you can’t be sure that the person you are trying to talk to on the other server can have access to the same features, like threads or voip.
I have previously read that omemo 2 implementation is insecure. my previous experience with it 4 years ago made me give up after encrypted messages were getting lost when messaging between different clients
there is no one flagship app for XMPP that works cross platefrom and has all features implemented. heck I can’t even find a windows that support voip. and their will be none. cause xmpp has lost all traction.
As for Movim, I hate using web apps. bad user experience in general. add to that I don’t remember it ever having been audited
I have previously read that omemo 2 implementation is insecure.
It’s not insecure. The origin of that myth is this blog, however the creator deleted a response left by one of the OMEMO developers, which explained that the newer versions of OMEMO were essentially open betas, and that when a final stable release is made, only then should the client developers implement a newer version.
The Blog author’s response to deleting that comment was:
“I’ll make an edit later about the protocol version thing, but I’m not interested in having questions answered. My entire horse in this race is for evangelists to f** off and leave me alone. That’s it. That’s all I want.”
there is no one flagship app for XMPP that works cross platefrom and has all features implemented.
The Movim client is installable on all platforms as a PWA, which prevents confusion. But if you use other clients, it is true that they have differing feature support.
heck I can’t even find a windows that support voip. and their will be none.
Movim is that client. It supports Group voice/video calls and screensharing w/ audio share (a recent addition, which currently requires a chromium based browser to share the audio). Sure, it’s not a native app, but neither is Discord (it’s just another Electron app).
We need a federated solution now, otherwise we’ll all just hop to another centralized platform with all the pitfalls that brings.
As for Movim, I hate using web apps. bad user experience in general.
As the video mentions, it’s worth some inconvenience for the privacy, and currently there is no other federated Discord alternative besides XMPP and Matrix (and matrix has way too many issues to even consider, IMHO).
The community adopting Movim or supporting it with donations and bug reports will help it develop and become more polished, and there are efforts to standardize a common XMPP package platform to make deployment simpler and easier. The entire landscape for Discord alternatives all have their downsides, XMPP is the only current option that could become a long-term, permanent solution.
I’ve had matrix and element set up on my personal domain for a while, but I’ve only used them for evaluation so far. The system and network resources used are HUGE…
I’ve been setting up movim and a seperate xmpp server for a little while, and I have some initial opinions:
xmpp (prosody) appears to be much better optimised than matrix (synapse)
matrix and element are much easier to set up
movim is a huge PITA to deploy yourself (especially in a container… you’re basically on your own at the moment)
xmpp requires tcp ports and ssl certs that should be easy to set up… unless you’re on a cgnat network. Matrix can be set up through a cloudflare tunnel with https no problem, but xmpp requires some networking elbow grease.
the mandatory certificates probably make the xmpp network safer?
Even with the mautrix discord bridge copying the exact layout of discord channels into element, movim seems more familiar to me. I haven’t really had enough time to evaluate movim, but it seems like it’s trying to appeal to discord users, and element is clearly not. Element feels like a well funded enterprise tool that is doing its own thing.
commet (with 2 m’s) chat is a very faithful discord clone for matrix, but it’s very barebones.
Either way, I am gonna deploy both and let my friends/discord channel users decide what works best.
I’m rooting for xmpp at the moment, but I will be happy with anything that is self hosted, encrypted and federated.
Hopefully I don’t end up having to maintain both protocols with a bridge!
movim is a huge PITA to deploy yourself (especially in a container… you’re basically on your own at the moment)
Yeah, hopefully the dev or the community work on making it easier to deploy in a container at some point.
but it seems like it’s trying to appeal to discord users,
It is! But that focus is somewhat recent. The dev recently started a funding campaign to accelerate development, and just landed channels with rooms last week, so it’s still rough around the edges, but the pace that they’re implementing this stuff is impressive. They’re later going to work on having drop-in voice rooms as well.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
No game suggestions, friend requests, surveys, or begging.
No Let’s Plays, streams, highlight reels/montages, random videos or shorts.
No off-topic posts/comments, within reason.
Use the original source, no clickbait titles, no duplicates.
(Submissions should be from the original source if possible, unless from paywalled or non-english sources.
If the title is clickbait or lacks context you may lightly edit the title.)
EDIT: changed to more accurately represent how Matrix operates.
The issue is that due to the way Matrix is structured, it essentially spreads copies of unencrypted metadata to every instance participating in those rooms, So it’s federated, but difficult to actually keep metadata from being spread around
even if you don’t federate with the main Matrix server, if any server you do federate with dies, it’ll get spread there. You’d have to be extremely cautious who you federate with to avoid that, or not federate at all, which defeats the purpose.As an alternative, Movim, which uses XMPP and is also federated, does not spread meta data around like that.
What Metadata is shared if I may ask? Content should be encrypted and therefore private. This might not be perfect but should already be a step up from discord right?
AFAIK; the time sent, size, sender and recipients of messages, and reactions/emojis are shared across all participating servers unencrypted, even on encrypted messages.
This is false. Data is only copied to instances participating in the relevant rooms.
Or just don’t invite users into your private rooms if they come from servers that you want to exclude.
Agh, you’re quite right. Thanks for correction. I crossed my wires and misremembered how it worked after reading this article about it a while back. Edited my previous comment to reflect that.
I suppose in theory that shouldn’t be an insurmountable problem, though in Matrix’s case it’s a big roadblock, as the main Matrix server hosted by Matrix themselves has unfortunately become the defacto main server that most people use, which means not federating with it massively reduces the ability for someone to just be able to seamlessly hop onto your server unless they too are on one of the smaller, less popular servers.
In the example given in the video, it would likely be a bit of a deal breaker if you met someone in an online game somewhere, and then invited them to your self-hosted Matrix server, only to discover they are on the main potentially israeli intelligence-tied Matrix instance, meaning you’d have to explain they need to create an account elsewhere to be able to join your instance. It would be pretty awful UX.
Maybe. But on the other hand, Matrix is only just beginning to become known among gamers, and there are a lot of us. Seems like a good time for people to stand up a new servers and invite the gaming masses.
I’ve seen occasional claims of that for a few years now, yet not once have I seen any credible evidence of it. Not in their own weekly reports. Not from journalists. Not in spec drafts or issue trackers or organizational structure. Nowhere. This particular legend smells more like fearmongering to me. At the most, it looks more like the distant connection that the internet has to the US military: Sure, part of its origin story might have been there, but it’s not relevant any more.
(Also, if your goal is to avoid Israeli intelligence-tied people seeing your room meta-data, you probably shouldn’t be inviting strangers to join. After all, there’s no way to know who they really are, regardless of what homeserver they use or what chat platform you’re on.)
For what it’s worth, account portability (giving people a way to switch homeservers) is on the Matrix roadmap.
Personally I don’t think it’s ready as a Discord replacement, based on the troubles displayed in the video, such as not being able to get things like video calls or screenshare working easily when self-hosting.
I’m assuming you haven’t seen the GN video in the OP yet, but they go into that connection, which they personally feel is bad enough to not use it. The issue is that Matrix was created and funded by Amdocs, an Israeli company with possible connections to Israeli intelligence.
The matrix foundation themselves admit to being funded by Amdocs, such as here on their blog:
and here in their FAQ:
They also specifically attempt to offer their chat services to law enforcement, such as the time they bought a booth at a law enforcement convention, which caused this controversy.
I don’t have a problem with the org offering services to law enforcement, governments, businesses, etc. Funding like this is how they are able to pay the bills without turning to venture capital or user exploitation.
I did see the GN video. They explicitly stated that they didn’t find a hard link. And, as you pointed out, Amdocs stopped funding almost a decade ago.
You seem to have made up your mind, though. I won’t try to change it.
Amdocs stopped funding it, but Martix and the company developing Element are both still made up of ex-Amdocs people. If they are connected to Israeli intelligence, it’s not as though they suddenly aren’t potential agents just because they stopped being officially funded by Amdocs.
I find it irritating that element’s website promotes their origins as the creators of matrix but doesnt anywhere actually give names that could be researched. Yes i could get the directors details from Companies House but frankly its just easier for me to move on and not use their software.
XMPP is a shitshow of its own, very fragmented architecture. different incomplete implementations. each server can chose which features (extensions) to turn on and which not) so you can’t be sure that the person you are trying to talk to on the other server can have access to the same features, like threads or voip.
I have previously read that omemo 2 implementation is insecure. my previous experience with it 4 years ago made me give up after encrypted messages were getting lost when messaging between different clients
there is no one flagship app for XMPP that works cross platefrom and has all features implemented. heck I can’t even find a windows that support voip. and their will be none. cause xmpp has lost all traction.
As for Movim, I hate using web apps. bad user experience in general. add to that I don’t remember it ever having been audited
It’s not insecure. The origin of that myth is this blog, however the creator deleted a response left by one of the OMEMO developers, which explained that the newer versions of OMEMO were essentially open betas, and that when a final stable release is made, only then should the client developers implement a newer version.
The Blog author’s response to deleting that comment was:
Which I think shows it was done in bad faith.
You can read a longer response I left in regards to that here, if you’re interested.
The Movim client is installable on all platforms as a PWA, which prevents confusion. But if you use other clients, it is true that they have differing feature support.
Movim is that client. It supports Group voice/video calls and screensharing w/ audio share (a recent addition, which currently requires a chromium based browser to share the audio). Sure, it’s not a native app, but neither is Discord (it’s just another Electron app).
We need a federated solution now, otherwise we’ll all just hop to another centralized platform with all the pitfalls that brings.
As the video mentions, it’s worth some inconvenience for the privacy, and currently there is no other federated Discord alternative besides XMPP and Matrix (and matrix has way too many issues to even consider, IMHO).
The community adopting Movim or supporting it with donations and bug reports will help it develop and become more polished, and there are efforts to standardize a common XMPP package platform to make deployment simpler and easier. The entire landscape for Discord alternatives all have their downsides, XMPP is the only current option that could become a long-term, permanent solution.
I’ve had matrix and element set up on my personal domain for a while, but I’ve only used them for evaluation so far. The system and network resources used are HUGE…
I’ve been setting up movim and a seperate xmpp server for a little while, and I have some initial opinions:
Either way, I am gonna deploy both and let my friends/discord channel users decide what works best.
I’m rooting for xmpp at the moment, but I will be happy with anything that is self hosted, encrypted and federated.
Hopefully I don’t end up having to maintain both protocols with a bridge!
I know that part of the issue is the actual protocol, but you might try alternative matrix servers such as tuwunel for potentially better performance.
Thanks for the link, I’m happy to give it a try.
I just recently migrated all of my stuff to dockerized services, so swapping out pieces should be pretty easy
Yeah, hopefully the dev or the community work on making it easier to deploy in a container at some point.
It is! But that focus is somewhat recent. The dev recently started a funding campaign to accelerate development, and just landed channels with rooms last week, so it’s still rough around the edges, but the pace that they’re implementing this stuff is impressive. They’re later going to work on having drop-in voice rooms as well.
Despite the challenge getting it set up, I have high hopes for movim! I like the direction they’re going now.
I did end up successfully deploying it in a compose stack (despite this issue), and I’ll probably submit a fix if they don’t get to it before I do.
If anyone is interested, I can share the details about how I got it going.