Why would you need to do that? Why not just give every message a timestamp, make sure they get sent, and sort the messages on the receiver side? If you're really concerned about message order, you could give every message a unique id, and send out the id of the previous message with every message, and improve your sort function accordingly.
Disclaimer: I prefer XMPP.
Could you provide a source for this?
But I also need an admin panel to lookup user ip addys from the past 36 hours,
ability to assign moderator user roles who can see other user's ips, ban ip addys, subnets, hostnames and cidrs easily.
Love to have some other needed admin options and run this! A stun / turn server to hide other user's ip addys and such as well, interception of images posted so they are scanned, exif stripped and hosted temporarily rather than giving the hoster everyone's ip info.
Stuff like that.
I guess blocking users from joining the huge main matrix channels through our server would cut down on the ram / processing needed..
I wonder if something like https://access.watch could hook into this, or if it needs something all in it's own language or what. Looking forward to this system growing.
would love some kind of integration with openid connect though, since that would enable us to easier integrate with our AD. of course we could make that ourselves but we dont have the manpower right now.
I can't think of any way they could make it lightweight either. Maybe if they treated the JS as pseudocode and re-implemented as native clients.
Agreed that Riot itself uses way too much RAM though - but we have some massive improvements on the horizon there; by lazyloading user data on demand rather than preloading it up front, we can improve RAM usage by ~5x. This work is happening over the next month or two (modulo GDPR).
Meanwhile, you can always use a desktop client; Nheko, Fractal and Quaternion are all looking increasingly good :)
We're participating on the periphery of the MLS discussions, mainly to try to encourage the MLS team to consider and support decentralised use cases.
At the moment there's a temptation to go for a simpler approach which assumes there's a centralised sequencing server which solves all the races you otherwise get (and which have plagued us in Matrix whilst implementing Megolm). However, assuming a centralised focal point for each group conversation kills the whole point of decentralisation, so we're trying to ensure it's not designed out.
See https://mailarchive.ietf.org/arch/msg/mls/MnLJkbJ_Mwe8Oz0Ll6... for the gory details.
Makes sense as the title says "due to surveillance risk".
The worst is that it will cost tax payers millions
These folks tend to think big. Everything else stems from that. What they really need is a little app with simple messaging, end to end encryption, and a server that doesn't log anything they don't want it to log. What they are likely to get if they pay some big shot contractor big money to do it is a Swiss army knife the size of a kitchen sink. With bugs.
(It's also relevant because because we pay corporations with subsidies, tax cuts, tax evasion, research grants, public procurement, specialty laws favoring them, etc -- sometimes even more than we pay governments).
That actually was the estimated cost; it grew at least at 81,5M€. (there's also a story in the article about one of the components of that seemingly simple app being 37 months late)
Also: from what we've seen of Macron's team, they've proven that they have good-enough internal technical advisors; so it remains to be seen if they'd use a solution that can be eavesdropped.
4 paragraph summary: http://www.catb.org/jargon/html/B/back-door.html
I think we are in agreement that Apple or Google could patch the app before it gets deployed. But AFAIK it has never been done yet, and if it ever happens, it would undermine all credibility of the platform. Of course a state actor wouldn't want to be the first to find out.
Not sure if I'm 100% right here, but knowing all my contacts and when I communicate with whom is an awful much.
Signal actually doesn't know all your contacts - you can check the source code to confirm that it doesn't know about any contacts that you don't message using Signal, for example.
Signal also doesn't store most of the metadata that it could, so it really knows incredibly little about its users. It knows (for example) the last date that it was able to talk to a particular device, but they don't store historical data for that, so if you received a message on Signal today, they don't (anymore) know that they sent you a message yesterday, or last month.
Of course, that second part all runs server-side, so you do have to trust Signal when they describe their internal architecture. But to be frank, who do you trust more with that metadata: Moxie Marlinspike, or the government that is essentially the "sixth eye" in the Five Eyes alliance?
I get a message in the app when a contact starts using Signal, so it has to know them server-side.
The other part of the comment was reffering to what the server could know (in the gov. case - will know), and that IS quite a lot (assuming Signal style service).
And I do trust Moxie nominally, but I also believe that he will obey US courts.
Macron is hawkish about surveillance, despite public appearances. Long term, they want everything.
I think the main idea now is: let’s make it appear trusted, and see who signs up.
End to end encrypted is no good if there are side channel attacks to get your keystrokes, like from say, closed source radio firmware zero days.
If I was a tech savvy French politician I would try to use something that is neither in control of French authorities nor foreign. But French politicians are almost exclusively political science graduates, lawyers, doctors and teachers, not typically tech savvy.
I think this applies to politicians worldwide, at least in western countries.
Considering our political panorama, I don't think this has helped much, though.
What's the domestic app in France that comes closest to fulfilling that?
News like this is just great. :-)
I'm actually greatly pleased that my taxes are spent on an app that is actually accessible from the public, and will benefit open source project. This should be the standard way for most government development projects.
To @Arathorn and any other members of matrix and riot teams, kudos on this news, and great job! Next step - of course, beyond the tech work already being done on the platforms - is to promote the heck out of this news!! ;-)
EDIT: Ok, there's at least some other promotion elsewhere which mentions matrix and riot; cool: https://www.tomshardware.com/news/france-alternative-whatsap...
Sigh. I wish they had added that Telegram is not "encrypted from start to finish"
> If so, this might be either pretty expensive or could go wrong.
Keep in mind that they also wasted millions on building a "Google Competitor": https://en.wikipedia.org/wiki/Quaero
For the people receiving the money it didn't go wrong though.
There's technically an APK on the Signal website without Gapps, but it's not officially supported by the development team. On their issue tracker they "leave it to the open source folks", i.e. ignore serious bugs like massive battery life degradation and Signal silently not updating for hours.
Maybe something will come along to supplant this, but for now push messaging is how we deal with terrible state table problems at the cell network operator level without wrecking battery life.
As in, if you can't explain it this clearly, what's the problem?
Having worked on some crypto projects, the admonition to, "just read the code," is disingenuous, because without a formal spec, you have nothing to compare the code to or evaluate the code against.
Edit: and I've learned a few other things (SAIP, Quaero)
But hey, it's not "sexy" enough. So they'll drop some public money to a big company that knows "what they are doing" and deliver a crappy platform that no one will use :) It already happened too many times.
> We need to find a way to have an encrypted messaging service that is not encrypted by the United States or Russia
> The French government’s encrypted app has been developed on the basis of free-to-use code found on the Internet.
I'm hoping this means they are using a mature, open implementation for most of it.
Essentially yes (and not just PGP), strong cryptography fell under arms regulations and required, essentially, the equivalent of a firearms license (but was, by contrast, almost impossible to obtain). Import and export of cryptography technology are still regulated, though .
> Do they expect people to trust them?
I’m not sure what you mean by that: This isn’t a trust issue, the French government is/was completely upfront about these restrictions.
Same goes for Libsodium by the way, I doubt Franck Denis bothered to ask permission as well.
Though I agree it's not as bad as if they had been caught lying on the topic. Still, are they specifically saying the tool will protect people from the government itself?
It's a wonderful initiative, but I doubt the average user will switch.