Privacy

33192 readers

668 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

Matrix(Element) (lemmy.ml)

submitted 3 years ago by [email protected] to c/[email protected]

10 comments fedilink hide all child comments

I have questions about matrix/element.Does it leak metadata if so what does it leak?I have heard that it only shows who you are talking to but not what you are saying.

top 10 comments

sorted by: hot top controversial new old

[–] [email protected] 6 points 3 years ago* (last edited 3 years ago) (1 children)

If you enable end to end encryption (not supported by all Matrix clients) then one can only see who you are talking to but not the content of the message, yes.

But Matrix leaks a lot of metadata, as chat rooms are decentralized, so they get automatically replicated on every server that has a user connected. Furthermore due to the specific git like design it is not possible to delete this metadata (so called room state) so any server connecting gets the full history of the chat room's metadata since its creation.

Personally I would suggest to look into XMPP (aka Jabber). It also supports end to end encryption but the servers share and store much less metadata. Have a look at the XMPP FAQ here: https://joinjabber.org/faqs/

[–] [email protected] 3 points 3 years ago (1 children)

Yea I am using XMPP but was just asking

[–] [email protected] 4 points 3 years ago* (last edited 3 years ago) (1 children)

Ah, compared to XMPP with OMEMO enabled there is really hardly any advantage of Matrix in my view. But give it a try and see yourself. Selfhosting Synapse is a PITA though.

Edit: also once Movim supports OMEMO soon(tm), then Matrix also does not have the advantage of a nicer webclient anymore ;)

[–] [email protected] 4 points 3 years ago (2 children)

The biggest reason why I asked this is because a privacy advocate The Hated One made a video about how Signal was kinda going downhill and how he was talking about matrix for a little bit but I was thinking "Doesnt matrix leak metadata?".

[–] [email protected] 4 points 3 years ago

It really depends on your specific setup and thread model. I think Matrix has its place, but personally prefer XMPP. With Signal you basically hand over all your metadata to the NSA anyways, so you might as well go with Matrix then :p

[–] [email protected] 1 points 3 years ago

Matrix saves metadata on your server, inside your database and you can disable federation, so only your server will have your data. In such case you are limited to users and groups on your server

[–] [email protected] 6 points 3 years ago (1 children)

All in all, Matrix is superior to Signal for my use cases.
Matrix could be the future, but in terms of privacy they still need to work on some aspects to prevent systematic leaks, you can read about it here : https://gist.github.com/maxidorius/5736fd09c9194b7a6dc03b6b8d7220d0
XMPP isn't worst than Matrix, but lacks cross platform compatibility, and not all servers around support all XMPP extension's as to allow E2EE by default or voice and video calls.
Matrix is where the momentum is right now, development is steady and they are working on spaces and low-bandwidth communications which is very thoughtful from them.

[–] [email protected] 2 points 3 years ago* (last edited 3 years ago) (1 children)

Matrix is where the momentum is right now

That is also what I though, but except for client software development this doesn't seem to be actually the case.

From a user perspective most Matrix channels I join seem largly deserted compared to their IRC and to a lesser extend XMPP equivalents.

And looking at the number of servers running, XMPP easily beats Matrix by an order of magnitude. Number of active users also seems quite a bit higher on XMPP.

So I have basically come to the conclusion that the main advantage Matrix has is their awesome public relations in open source developer circles.

[–] [email protected] 1 points 3 years ago

And looking at the number of servers running, XMPP easily beats Matrix by an order of magnitude. Number of active users also seems quite a bit higher on XMPP.

From my own experience and what I gathered from others about XMPP, most XMPP servers active today don't federate, they are insular instances operated by private entities (many social and dating services are xmpp servers at the core) like how facebook messenger at the time. and a lot of them run proprietary code and not fully compatible with all XMPP specifications.
According to the Matrix foundration they were around 35 million Matrix users world wide .
Yes matrix is one exemple of how open source software development should be done, they involve the community in every step of the development, support third party application, are transparent about what is changing and what is to come. they are not perfect but way better than shady Signal crypto shills .

[–] [email protected] 3 points 3 years ago

This document talks about the issue. As of now, it does leak metadata, as already mentioned by other users, but they're working on fixing that. The pinecone overlay network is a step towards that. A further extension to protecting user metadata they're planning on taking is routing the messages over TOR.