The article alleges that Matrix:
- has links to Israeli intelligence.
- sends a lot of sensitive data to matrix.org servers, even when Synapse is self-hosted.
Is this information accurate?
To be clear, I’m not saying Matrix is bad. I’m still using it. I just want to know more about it and who’s running the show, and hear other people’s opinions and arguments. Thanks for all the insightful comments.
You must log in or register to comment.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 124 users / day
- 1.05K users / week
- 1.3K users / month
- 4.58K users / 6 months
- 1 subscriber
- 4.17K Posts
- 105K Comments
- Modlog
Wrong. It’s libre software. We users control it.
I’m absolutely for free software, but this statement is very simplistic. Do “we” control software running on matrix.org, where most users have accounts? Or do “we” control what binaries of Element are being deployed to App Store or Play Store? Just because something has a free software licence, doesn’t mean it’s not important who the maintainers and major developers are. One of the important features of free software is transparency, which allow us as community to learn and discuss who and how develops the software. I’m not saying Matrix is bad. I’m still using it. I just want to know more about it and who’s running the show, and hear other peoples opinions and arguments.
Libre software doesn’t mean we control what other people do with their devices. Run it on your devices. The App Store and Google Play Store is not libre. Get it yourself. Apps should have reproducible builds. Everything there misses the point of my original comment.
Yeah, we will have much success converting people from WhatsApp and shit by telling them to run their own servers /s. If a non technical friend asks me what to use instead and I’ll advise them to use Matrix, you can be sure they’ll go to app store, install Element and register at matrix.org. So I do want to know if it’s operated by Mossad before I send my friends there.
If your friend’s hiding from Mossad, I think they’ll know to get it from F-Droid and turn on end-to-end encryption.
Curious that this claim is without source in the original.
I also have porblems with their claims about bridges. Bridges are Band-Aids to allow you to communicate with people not on Matrix, not a dark masterplan to build a central spionage hub.
By default, a homeserver trusts matrix.org in questions of federation and identity of other servers. You have to get that trust from somewhere. You are free to choose another source for that.
(For example, my homeserver isn’t federated at all, and has that trusted server removed; it doesn’t communicate with anyone. Also it’s not synapse, but that’s besides the point.)
I can’t argue about the historic relevance; The article you linked is from 2020, the issues from early 2019. The original matrix developing company seems to have deep ties as described, yes.
But:
If you follow the very first link I. The article you can read the history of the matrix protocol itself. It shows where and when the matrix protocol was separated from this company and what the status quo seems to be:
https://en.m.wikipedia.org/wiki/Matrix_(protocol)#History
From this it seems clear to me that the information from this article are by now obviously outdated with KDE and Mozilla two big mentioned community projects that are involved.
Wikipedia as primary source is not well suited, but the fact that the article linked to it themselves seem to show that they relied on the back then status quo.
In short: in 2017 they would be absolutely right, in 2020 there were still huge issues - but by now those are mostly addressed or are unknown.
In my opinion, it doesn’t matter. Matrix has a huge decentralization problem. Pretty much any conversation you have there will end up on matrix.org servers. And since Matrix servers collect ALL the metadata, the entire platform is susceptible to blanket warrants for all users.
That wouldn’t apply to conversations you have within a group that hosts their own server, would it? Like within a family or a club.
If anyone in your group has an account is hosted on Matrix.org, yes. If no one is, no.
But that puts a huge limitation on the platform so, why bother?
Isn’t this the same limitation of any federated platform? If you communicate with someone from a different instance your data will be replicated on their instance
No, not all platforms store metadata, much less absolutely all of it unencrypted. Further, other platforms are less centralized.
What’s a better alternative? Which other platforms are you referring to? How do they compare in terms of features and adoption? From all the decentralised, e2e encrypted platforms I tried, matrix is the only one more or less accessible for normies.