Weird how they are good at digging up the past relationship between the matrix team prior donators with the mosad. but failed to mention not even once that matrix’s biggest advantage is its federated nature.
So imagine you have a selfhosted matrix server and you want to invite a friend over for a chat but this friend already has an account at his other friend’s server. in Matrix he doesn’t have to make an account on every server their interlocutor is in, he just sends his messages, like its done over email, or here on lemmy (fediverse). this is an advantage other software like fluxer of stoat don’t have. and I doubt they will able to add it anytime soon, as the work needed is probably huge and would need years of work to make a proper secure e2e federate messaging solution.
Guy literally told people the criteria he was using, one of which was searching for things like that because that’s the reason for the video in the first place, the Discord exodus due to deep state ties. He admits his knowledge is limited. Weird how hard it is for some people to see things from someone else’s point of view.
It seems like an option, but gonna say, having seen some of their biggest contributors try to push people into switching communities over to those moderated by community hoarders also heavily into anarcho-marxism politics - not really getting rid of the problem, are we.
Yep, and yet almost anyone who has spent any time on Lemmy knows what I’m referring to (whether they recognize it and do so as a problem is another matter)
I have no idea what you are referring too, but I only look at my subscribed communities, so I have no idea what’s going on in the “Lemmy meta.” Being able to only see the communities I subscribe too is one of my three primary reasons for coming here.
I know what you’re referring to, and I agree it’s likely off-putting to many, but not agreeing with the developer’s politics is on an entirely different level compared to suspecting a platform may be developed and compromised by state actors.
Again though, that’s a social problem, one that can even be eliminated through defederation. It’s not an ‘abandon all ships’ type of problem.
To be clear I am fully acknowledging that that situation isn’t good. I am very specifically pointing out that a state actor controlling and developing the platform is a much bigger problem, they are not comparable.
I understand the concern, and I find it fishy that the matrix team didn’t try to address that (maybe they did but I just didn’t come across that)
but on the other hand many governments and ministries like the French MOD have deployed matrix locally for their private use. not sure they want to use a software that the mossad can directly tap into
EDIT: changed to more accurately represent how Matrix operates.
The issue is that due to the way Matrix is structured, it essentially spreads copies of unencrypted metadata to every instance participating in those rooms, So it’s federated, but difficult to actually keep metadata from being spread around even if you don’t federate with the main Matrix server, if any server you do federate with dies, it’ll get spread there. You’d have to be extremely cautious who you federate with to avoid that, or not federate at all, which defeats the purpose.
As an alternative, Movim, which uses XMPP and is also federated, does not spread meta data around like that.
What Metadata is shared if I may ask?
Content should be encrypted and therefore private.
This might not be perfect but should already be a step up from discord right?
The issue is that due to the way Matrix is structured, it essentially copies ALL of your serber’s metadata to every instance, including the main Matrix server.
This is false. Data is only copied to instances participating in the relevant rooms.
You’d have to be extremely cautious who you federate with to avoid that, or not federate at all,
Or just don’t invite users into your private rooms if they come from servers that you want to exclude.
Agh, you’re quite right. Thanks for correction. I crossed my wires and misremembered how it worked after reading this article about it a while back. Edited my previous comment to reflect that.
I suppose in theory that shouldn’t be an insurmountable problem, though in Matrix’s case it’s a big roadblock, as the main Matrix server hosted by Matrix themselves has unfortunately become the defacto main server that most people use, which means not federating with it massively reduces the ability for someone to just be able to seamlessly hop onto your server unless they too are on one of the smaller, less popular servers.
In the example given in the video, it would likely be a bit of a deal breaker if you met someone in an online game somewhere, and then invited them to your self-hosted Matrix server, only to discover they are on the main potentially israeli intelligence-tied Matrix instance, meaning you’d have to explain they need to create an account elsewhere to be able to join your instance. It would be pretty awful UX.
in Matrix’s case it’s a big roadblock, as the main Matrix server hosted by Matrix themselves has unfortunately become the defacto main server that most people use, which means not federating with it massively reduces the ability for someone to just be able to seamlessly hop onto your server unless they too are on one of the smaller, less popular servers.
Maybe. But on the other hand, Matrix is only just beginning to become known among gamers, and there are a lot of us. Seems like a good time for people to stand up a new servers and invite the gaming masses.
it would likely be a bit of a deal breaker if you met someone in an online game somewhere, and then invited them to your self-hosted Matrix server, only to discover they are on the main potentially israeli intelligence-tied Matrix instance,
I’ve seen occasional claims of that for a few years now, yet not once have I seen any credible evidence of it. Not in their own weekly reports. Not from journalists. Not in spec drafts or issue trackers or organizational structure. Nowhere. This particular legend smells more like fearmongering to me. At the most, it looks more like the distant connection that the internet has to the US military: Sure, part of its origin story might have been there, but it’s not relevant any more.
(Also, if your goal is to avoid Israeli intelligence-tied people seeing your room meta-data, you probably shouldn’t be inviting strangers to join. After all, there’s no way to know who they really are, regardless of what homeserver they use or what chat platform you’re on.)
For what it’s worth, account portability (giving people a way to switch homeservers) is on the Matrix roadmap.
Seems like a good time for people to stand up a new servers and invite the gaming masses.
Personally I don’t think it’s ready as a Discord replacement, based on the troubles displayed in the video, such as not being able to get things like video calls or screenshare working easily when self-hosting.
I’ve seen occasional claims of that for a few years now, yet not once have I seen any credible evidence of it.
I’m assuming you haven’t seen the GN video in the OP yet, but they go into that connection, which they personally feel is bad enough to not use it. The issue is that Matrix was created and funded by Amdocs, an Israeli company with possible connections to Israeli intelligence.
The matrix foundation themselves admit to being funded by Amdocs, such as here on their blog:
As unpopular as VC funding is in some circles, the Matrix community owes a huge debt of thanks to Element’s investors (Status, Notion, firstminute, Dawn, Automattic, Protocol Labs and Metaplanet) and Amdocs for funding over $50M of work on both Matrix and Element since 2017.
How is Matrix[.]org funded? For the first three years of Matrix’s development (2014-2017), most of the core contributors worked for Amdocs, who paid for them to work fulltime on Matrix. In July 2017, Amdocs considered the project to be sufficiently successful that it could now self-support and so stopped funding.
They also specifically attempt to offer their chat services to law enforcement, such as the time they bought a booth at a law enforcement convention, which caused this controversy.
I don’t have a problem with the org offering services to law enforcement, governments, businesses, etc. Funding like this is how they are able to pay the bills without turning to venture capital or user exploitation.
I did see the GN video. They explicitly stated that they didn’t find a hard link. And, as you pointed out, Amdocs stopped funding almost a decade ago.
You seem to have made up your mind, though. I won’t try to change it.
Amdocs stopped funding it, but Martix and the company developing Element are both still made up of ex-Amdocs people. If they are connected to Isreali intelligence, it’s not as though they would suddenly aren’t potential agents just because they stopped being officially funded by Amdocs.
XMPP is a shitshow of its own, very fragmented architecture. different incomplete implementations. each server can chose which features (extensions) to turn on and which not) so you can’t be sure that the person you are trying to talk to on the other server can have access to the same features, like threads or voip.
I have previously read that omemo 2 implementation is insecure. my previous experience with it 4 years ago made me give up after encrypted messages were getting lost when messaging between different clients
there is no one flagship app for XMPP that works cross platefrom and has all features implemented. heck I can’t even find a windows that support voip. and their will be none. cause xmpp has lost all traction.
As for Movim, I hate using web apps. bad user experience in general. add to that I don’t remember it ever having been audited
I have previously read that omemo 2 implementation is insecure.
It’s not insecure. The origin of that myth is this blog, however the creator deleted a response left by one of the OMEMO developers, which explained that the newer versions of OMEMO were essentially open betas, and that when a final stable release is made, only then should the client developers implement a newer version.
The Blog author’s response to deleting that comment was:
“I’ll make an edit later about the protocol version thing, but I’m not interested in having questions answered. My entire horse in this race is for evangelists to f** off and leave me alone. That’s it. That’s all I want.”
there is no one flagship app for XMPP that works cross platefrom and has all features implemented.
The Movim client is installable on all platforms as a PWA, which prevents confusion. But if you use other clients, it is true that they have differing feature support.
heck I can’t even find a windows that support voip. and their will be none.
Movim is that client. It supports Group voice/video calls and screensharing w/ audio share (a recent addition, which currently requires a chromium based browser to share the audio). Sure, it’s not a native app, but neither is Discord (it’s just another Electron app).
We need a federated solution now, otherwise we’ll all just hop to another centralized platform with all the pitfalls that brings.
As for Movim, I hate using web apps. bad user experience in general.
As the video mentions, it’s worth some inconvenience for the privacy, and currently there is no other federated Discord alternative besides XMPP and Matrix (and matrix has way too many issues to even consider, IMHO).
The community adopting Movim or supporting it with donations and bug reports will help it develop and become more polished, and there are efforts to standardize a common XMPP package platform to make deployment simpler and easier. The entire landscape for Discord alternatives all have their downsides, XMPP is the only current option that could become a long-term, permanent solution.
I’ve had matrix and element set up on my personal domain for a while, but I’ve only used them for evaluation so far. The system and network resources used are HUGE…
I’ve been setting up movim and a seperate xmpp server for a little while, and I have some initial opinions:
xmpp (prosody) appears to be much better optimised than matrix (synapse)
matrix and element are much easier to set up
movim is a huge PITA to deploy yourself (especially in a container… you’re basically on your own at the moment)
xmpp requires tcp ports and ssl certs that should be easy to set up… unless you’re on a cgnat network. Matrix can be set up through a cloudflare tunnel with https no problem, but xmpp requires some networking elbow grease.
the mandatory certificates probably make the xmpp network safer?
Even with the mautrix discord bridge copying the exact layout of discord channels into element, movim seems more familiar to me. I haven’t really had enough time to evaluate movim, but it seems like it’s trying to appeal to discord users, and element is clearly not. Element feels like a well funded enterprise tool that is doing its own thing.
commet (with 2 m’s) chat is a very faithful discord clone for matrix, but it’s very barebones.
Either way, I am gonna deploy both and let my friends/discord channel users decide what works best.
I’m rooting for xmpp at the moment, but I will be happy with anything that is self hosted, encrypted and federated.
Hopefully I don’t end up having to maintain both protocols with a bridge!
movim is a huge PITA to deploy yourself (especially in a container… you’re basically on your own at the moment)
Yeah, hopefully the dev or the community work on making it easier to deploy in a container at some point.
but it seems like it’s trying to appeal to discord users,
It is! But that focus is somewhat recent. The dev recently started a funding campaign to accelerate development, and just landed channels with rooms last week, so it’s still rough around the edges, but the pace that they’re implementing this stuff is impressive. They’re later going to work on having drop-in voice rooms as well.
Weird how they are good at digging up the past relationship between the matrix team prior donators with the mosad. but failed to mention not even once that matrix’s biggest advantage is its federated nature.
So imagine you have a selfhosted matrix server and you want to invite a friend over for a chat but this friend already has an account at his other friend’s server. in Matrix he doesn’t have to make an account on every server their interlocutor is in, he just sends his messages, like its done over email, or here on lemmy (fediverse). this is an advantage other software like fluxer of stoat don’t have. and I doubt they will able to add it anytime soon, as the work needed is probably huge and would need years of work to make a proper secure e2e federate messaging solution.
Guy literally told people the criteria he was using, one of which was searching for things like that because that’s the reason for the video in the first place, the Discord exodus due to deep state ties. He admits his knowledge is limited. Weird how hard it is for some people to see things from someone else’s point of view.
Uh what the fuck how about any connection to mossad should be a death sentence for a software project
So should some of Lemmy’s, and yet here we are.
Tbf, there were no alternatives at the time when most people moved here. Now there is one with Piefed, I really should move my server.
It seems like an option, but gonna say, having seen some of their biggest contributors try to push people into switching communities over to those moderated by community hoarders also heavily into anarcho-marxism politics - not really getting rid of the problem, are we.
There is no known state or corporate connection to Lemmy or Piefed, unlike Matrix.
Yep, and yet almost anyone who has spent any time on Lemmy knows what I’m referring to (whether they recognize it and do so as a problem is another matter)
I have no idea what you are referring too, but I only look at my subscribed communities, so I have no idea what’s going on in the “Lemmy meta.” Being able to only see the communities I subscribe too is one of my three primary reasons for coming here.
I know what you’re referring to, and I agree it’s likely off-putting to many, but not agreeing with the developer’s politics is on an entirely different level compared to suspecting a platform may be developed and compromised by state actors.
It goes beyond politics into flagrantly lying about moderation actions to push narratives.
Again though, that’s a social problem, one that can even be eliminated through defederation. It’s not an ‘abandon all ships’ type of problem.
To be clear I am fully acknowledging that that situation isn’t good. I am very specifically pointing out that a state actor controlling and developing the platform is a much bigger problem, they are not comparable.
I understand the concern, and I find it fishy that the matrix team didn’t try to address that (maybe they did but I just didn’t come across that)
but on the other hand many governments and ministries like the French MOD have deployed matrix locally for their private use. not sure they want to use a software that the mossad can directly tap into
I wouldn’t put any stock into that as a metric of if it’s safe or not, since France was happy to buy a contract for Pegasus, another Israeli surveillance software adopted widely by EU governments such as France, Germany, and Spain.
EU governments were also happy to adopt Microsoft products despite the security implications, and even way back in the 80’s used Promis, which had a known US/Israeli backdoor in it (there’s a really great documentary about Promis on netflix, surprisingly, though I’d recommend sailing to watch it, yarr).
EDIT: changed to more accurately represent how Matrix operates.
The issue is that due to the way Matrix is structured, it essentially spreads copies of unencrypted metadata to every instance participating in those rooms, So it’s federated, but difficult to actually keep metadata from being spread around
even if you don’t federate with the main Matrix server, if any server you do federate with dies, it’ll get spread there. You’d have to be extremely cautious who you federate with to avoid that, or not federate at all, which defeats the purpose.As an alternative, Movim, which uses XMPP and is also federated, does not spread meta data around like that.
What Metadata is shared if I may ask? Content should be encrypted and therefore private. This might not be perfect but should already be a step up from discord right?
This is false. Data is only copied to instances participating in the relevant rooms.
Or just don’t invite users into your private rooms if they come from servers that you want to exclude.
Agh, you’re quite right. Thanks for correction. I crossed my wires and misremembered how it worked after reading this article about it a while back. Edited my previous comment to reflect that.
I suppose in theory that shouldn’t be an insurmountable problem, though in Matrix’s case it’s a big roadblock, as the main Matrix server hosted by Matrix themselves has unfortunately become the defacto main server that most people use, which means not federating with it massively reduces the ability for someone to just be able to seamlessly hop onto your server unless they too are on one of the smaller, less popular servers.
In the example given in the video, it would likely be a bit of a deal breaker if you met someone in an online game somewhere, and then invited them to your self-hosted Matrix server, only to discover they are on the main potentially israeli intelligence-tied Matrix instance, meaning you’d have to explain they need to create an account elsewhere to be able to join your instance. It would be pretty awful UX.
Maybe. But on the other hand, Matrix is only just beginning to become known among gamers, and there are a lot of us. Seems like a good time for people to stand up a new servers and invite the gaming masses.
I’ve seen occasional claims of that for a few years now, yet not once have I seen any credible evidence of it. Not in their own weekly reports. Not from journalists. Not in spec drafts or issue trackers or organizational structure. Nowhere. This particular legend smells more like fearmongering to me. At the most, it looks more like the distant connection that the internet has to the US military: Sure, part of its origin story might have been there, but it’s not relevant any more.
(Also, if your goal is to avoid Israeli intelligence-tied people seeing your room meta-data, you probably shouldn’t be inviting strangers to join. After all, there’s no way to know who they really are, regardless of what homeserver they use or what chat platform you’re on.)
For what it’s worth, account portability (giving people a way to switch homeservers) is on the Matrix roadmap.
Personally I don’t think it’s ready as a Discord replacement, based on the troubles displayed in the video, such as not being able to get things like video calls or screenshare working easily when self-hosting.
I’m assuming you haven’t seen the GN video in the OP yet, but they go into that connection, which they personally feel is bad enough to not use it. The issue is that Matrix was created and funded by Amdocs, an Israeli company with possible connections to Israeli intelligence.
The matrix foundation themselves admit to being funded by Amdocs, such as here on their blog:
and here in their FAQ:
They also specifically attempt to offer their chat services to law enforcement, such as the time they bought a booth at a law enforcement convention, which caused this controversy.
I don’t have a problem with the org offering services to law enforcement, governments, businesses, etc. Funding like this is how they are able to pay the bills without turning to venture capital or user exploitation.
I did see the GN video. They explicitly stated that they didn’t find a hard link. And, as you pointed out, Amdocs stopped funding almost a decade ago.
You seem to have made up your mind, though. I won’t try to change it.
Amdocs stopped funding it, but Martix and the company developing Element are both still made up of ex-Amdocs people. If they are connected to Isreali intelligence, it’s not as though they would suddenly aren’t potential agents just because they stopped being officially funded by Amdocs.
XMPP is a shitshow of its own, very fragmented architecture. different incomplete implementations. each server can chose which features (extensions) to turn on and which not) so you can’t be sure that the person you are trying to talk to on the other server can have access to the same features, like threads or voip.
I have previously read that omemo 2 implementation is insecure. my previous experience with it 4 years ago made me give up after encrypted messages were getting lost when messaging between different clients
there is no one flagship app for XMPP that works cross platefrom and has all features implemented. heck I can’t even find a windows that support voip. and their will be none. cause xmpp has lost all traction.
As for Movim, I hate using web apps. bad user experience in general. add to that I don’t remember it ever having been audited
It’s not insecure. The origin of that myth is this blog, however the creator deleted a response left by one of the OMEMO developers, which explained that the newer versions of OMEMO were essentially open betas, and that when a final stable release is made, only then should the client developers implement a newer version.
The Blog author’s response to deleting that comment was:
Which I think shows it was done in bad faith.
You can read a longer response I left in regards to that here, if you’re interested.
The Movim client is installable on all platforms as a PWA, which prevents confusion. But if you use other clients, it is true that they have differing feature support.
Movim is that client. It supports Group voice/video calls and screensharing w/ audio share (a recent addition, which currently requires a chromium based browser to share the audio). Sure, it’s not a native app, but neither is Discord (it’s just another Electron app).
We need a federated solution now, otherwise we’ll all just hop to another centralized platform with all the pitfalls that brings.
As the video mentions, it’s worth some inconvenience for the privacy, and currently there is no other federated Discord alternative besides XMPP and Matrix (and matrix has way too many issues to even consider, IMHO).
The community adopting Movim or supporting it with donations and bug reports will help it develop and become more polished, and there are efforts to standardize a common XMPP package platform to make deployment simpler and easier. The entire landscape for Discord alternatives all have their downsides, XMPP is the only current option that could become a long-term, permanent solution.
I’ve had matrix and element set up on my personal domain for a while, but I’ve only used them for evaluation so far. The system and network resources used are HUGE…
I’ve been setting up movim and a seperate xmpp server for a little while, and I have some initial opinions:
Either way, I am gonna deploy both and let my friends/discord channel users decide what works best.
I’m rooting for xmpp at the moment, but I will be happy with anything that is self hosted, encrypted and federated.
Hopefully I don’t end up having to maintain both protocols with a bridge!
I know that part of the issue is the actual protocol, but you might try alternative matrix servers such as tuwunel for potentially better performance.
Thanks for the link, I’m happy to give it a try.
I just recently migrated all of my stuff to dockerized services, so swapping out pieces should be pretty easy
Yeah, hopefully the dev or the community work on making it easier to deploy in a container at some point.
It is! But that focus is somewhat recent. The dev recently started a funding campaign to accelerate development, and just landed channels with rooms last week, so it’s still rough around the edges, but the pace that they’re implementing this stuff is impressive. They’re later going to work on having drop-in voice rooms as well.
Despite the challenge getting it set up, I have high hopes for movim! I like the direction they’re going now.
I did end up successfully deploying it in a compose stack (despite this issue), and I’ll probably submit a fix if they don’t get to it before I do.
If anyone is interested, I can share the details about how I got it going.