Hacker News new | past | comments | ask | show | jobs | submit login

The "good luck talking to your own federation" comment is being taken out of context. I can't find it in my history (so I assume it's been paraphrased), plus from memory I think it was the final line in an argument over how some bit of the protocol should be implemented. After failing to convince the guy that our approach was better than his proposal, I gave up with "okay, you can always do it your way, but you'll only be speaking to yourself" or something similar. I'm not sure this is evidence of being hostile to alternative servers, but if anything an encouragement for people to experiment with variations on the spec if they think they can do better :|

See https://news.ycombinator.com/item?id=19418111 for a detailed response to these accusations.

It'd be great if there were usable non-Riot clients that fully supported end to end cryptography. At this point Signal has better alternative clients in Pyre.chat and Signal-Weechat than Matrix has, as the existing alternative clients are almost all MVPs missing major features like e2e.

The lack of a simple, common library is a real sticking point. Each client & bot shouldn't have to implement the baseline network protocol and then build e2e atop it, rather the clients should be focused on what to do with the messages after receiving them, how to display them, etc.

I say this as a daily non-Matrix.org user of Riot, the functionality of the Riot ecosystem on its own is good, but I'd be hard pressed to port my own Signal bots to Matrix, let alone build a featureful client in a performant toolkit (eg: Not Electron) for Matrix today.

There isn't a viable ecosystem outside Riot/Synapse currently, which makes it feel like Matrix is just a self-hosted Slack/Hipchat solution with just Riot as usable clients. IMO there needs to be diversity in the Matrix ecosystem just like the Fediverse has with Mastodon, Pleroma, PeerTube, PixelFed, NextCloud, Rustodon, etc all inter-operating in a sane, functional manner.

So, other clients with fully working E2E encryption include: Seaglass, Weechat, Pattle and nheko (although it needs to implement attachments, but they is easy). The weechat and nheko implementations are independent implementations (ie not the same as the Riot ones).

We are starting work this week on closing the E2E gap for all the rest.

I don't think Pattle has e2ee support, from what I can see on my phone. While it is built on the Matrix Android SDK which has e2ee support, the app itself doesn't seem to use that support yet.

Oh neat. Is the plan to write a proxy sitting between client and server and decrypting/encrypting all events so any client can be used in e2ee rooms?

precisely. should have news about it later this week :)

There's weechat-matrix[1] which supports E2EE and the accompanying python library, nio[2].

[1]: https://github.com/poljar/weechat-matrix/

[2]: https://github.com/poljar/matrix-nio/

Good idea. A library written in Rust and compiled to WASM for Riot would be a good fit.

You're right, we need to do better, and we have started doing so under a fork of the protocol that will respect its user's privacy: The Grid - Come talk to us at #thegrid:libremonde.org

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact