Signal: + protects metadata + protects the content (e2e encryption) - is not anonymous - is not resilient against regulations
Matrix: - does not protect metadata + protects the content (e2e encryption) + is anonymous + is maybe, potentially resilient against regulations (federated, not centralized architecture)
That said, there are some other pretty big differences between Matrix & Signal; the biggest one is probably that Matrix is an open standard and open network, encouraging 3rd party clients, servers, bridges, bots etc - optimising both for freedom/liberty as well as encryption. Signal optimises for privacy at all costs and doesn't allow 3rd party clients or services. See https://matrix.org/blog/2020/01/02/on-privacy-versus-freedom for more.
Matrix doesn't have any special way of avoiding that tradeoff. It just takes the other end of the trade: Matrix servers are exposed to valuable metadata, so that people can use whatever identifier they want.
And, of course, the flip side of Matrix's "freedom and liberty" federalized design is that it is May 7, 2020, and the project is just now announcing E2E by default for private conversations. This is exactly why, years ago, Moxie Marlinspike wrote his post arguing about the downsides of federalization. It sure looks like his predictions were borne out!
I think both of these projects are valid and important, and that they have different goals and audiences, and we do people a disservice when we pretend like they're in any kind of serious competition. Matrix is what you'd replace an IRC server with. Signal is what you'd tell an immigration lawyer to use for messaging.
I'm skeptical that much of this particular delay has to do with federation, as opposed to things like differing priorities and general project velocity.
Why? Because Matrix is not yet as successful or as diverse as XMPP, the example Moxie gave in his blog post. My impression is that Matrix has one main server implementation (Synapse) that everyone uses, and one main client implementation (Riot) that E2E encryption was added to. And the company developing Synapse and Riot is also developing the spec, so it's completely coordinated. Alternate clients and servers exist, but they're very much "alternate"; I don't think anyone was waiting for them to implement anything before making this announcement.
I could be wrong. I'm not involved in Matrix development, or even a Matrix user. But that's my impression from some quick Googling.
If I'm right, the only real cost of decentralization at this point was having to (a) design the protocol itself to support federation and (b) document the protocol as part of the Matrix spec. That's not nothing, but it's small potatoes compared to the kind of massive ecosystem fragmentation Moxie was talking about.
Yes, Matrix’s development would go way faster (6-10x is my estimate) if it wasn’t decentralised. Huge amounts of effort goes into designing a system where you have multiple servers (or peers in p2p) which can’t be trusted, and where the behaviour needs to be formally specified in a neutral public spec that can be independently implemented. You have to layer the spec into abstractions which ensure the lower layers are stable and relatively frozen such that folks can build on them confidently, but the higher layers can evolve and experiment as rapidly as possible.
However, we think this is an acceptable cost in exchange for building an open network / protocol / ecosystem like Matrix. Freedom is important.
As comex points out, we’ve tried to mitigate slowness by developing the core of Matrix (protocol and reference server and reference clients) by the same logical team rather than by vying factions - which has certainly helped, but only as an incremental factor.
The fact it took us 3 years to exit beta for E2EE and turn it on by default reflects more that we chose a large scope (interactive verif, cross-signing, encrypted key backups, etc all break new ground, afaik), had to make it decentralised, and also reflects prioritisation (encryption is not our only focus).
So yes, it takes longer to build Matrix than a centralised e2ee messenger. Or longer to build bitcoin than paypal. Or the Web than AOL. But we think it’s worth it.
But there have been other times where "soon!" have been given over the past three years:
I like Matrix and think Signal makes some serious mistakes for no apparent reason, but yeah, the repeated "Matrix is just as good and more free we swear!" is...maybe not the right thing to say, yet.
Is there any technical reason why Matrix servers would have to store contact lists?
Both Signal and Matrix would have store message metadata to deliver it.
I searched for what the significant difference is, but could not come up with a good document to read.
Could you link to a reputable resource for this? I've always imagined that phone number background checks were mostly scams with a bit of public information sprinkled on top.
I'd be very surprised to learn that I could purchase a burner phone, give you the phone number, and have you be able to tell me my address and criminal history.
OK, so even if you pay cash, there's video surveillance in the store, and surveillance (license tag, video, etc) on the route. And that's linked to the number. Then there's the number that you call from to activate the burner phone account, which may have some identity information. Plus geolocation data for that, and for the burner phone.
I guess that I'm a few years out of touch.
There's no ID requirement in the US, I think.
In each case I got dozens of the same flavour of site, which I've seen many times before, it has a paginated list of every possible phone number that could exist, and an advertisement. These sites are pretty cheap to build and presumably over their lifetime they bring in enough advertising revenue to justify renewal costs, hosting and so on.
But they don't offer (and couldn't deliver) personal information about any of us, since that isn't publicly available.
In practice,it's worse than having to use your SSN. You don't need SSN to sign up with all the major apps and sites (including free email),but you do need a phone#.
This sounds like an interesting trade off, but I'm not totally following how using phone numbers and contacts avoids the metadata on server issue.
Unsure how this relates to contact lists though (other than that secret sender is apparently only available for messages from people in your contact list?)
Matrix on the other hand isn't a message-passing system like Signal (or IRC or XMPP or SMTP) - instead it's a way of securely storing your conversations (more like NNTP or IMAP). This means that when you log into a new Matrix client you can get at your conversation history, and it means that even if you lose all your clients you don't lose your history.
The compromise is that Matrix ends up storing the metadata of who spoke to when in the conversation history which is stored on the server.
However, we're working on mitigating this with P2P Matrix (where you run the server clientside, unless you explicitly want to pin that conversation to a serverside server), as per https://fosdem.org/2020/schedule/event/dip_p2p_matrix/ - and it even works :)
Then there's all the "private" data about you that is commercially available. That's what credit agencies and similar companies do--buy your data from any company willing to sell it. Such databases are so deep and comprehensive that these companies have become extensions of intelligence organizations for all the business they do with government. In fact, just a year or two ago there was the "scandal" where it turned out cellphone companies were selling location data, which some savvy police departments started using to avoid dealing with warrants.
Well, that's precisely why I don't use Signal. In that I don't use smartphones. I could probably run Signal in an Android VM. But I have no way to get a phone number that's both adequately anonymous and adequately secure. Or at least, I don't yet know how to do that. Burner phones are too readily located, and hosted SIMs are too insecure.
Android x86 VMs now have functional virtual WiFi interfaces. But I'm not aware of a virtual cellular network implementation, which could theoretically (I imagine) allow virtual SIMs. That would be very cool. Or maybe it's doable with VoIP?
* The Signal client regularly re-sends your complete local contact phone numbers to the Intel SGX contact-intersection code on Signal servers. So, potential flaws in that process would mean Signal servers continually receive, & could possibly log, far more metadata than competing systems that upload all your contacts' phone numbers.
* Signal leaks that your phone number has enrolled with the Signal service to anyone who chooses to query it.
It's great that Signal has devised a system that, ostensibly, obviates the need for them to keep persistent lists of everyone's correspondents. But as that same system requires the constant, repeated uploading of phone-number-identifiers, and complete trust in Intel SGX™, it misses the primary thing most want from an end-to-end, open-source solution: no reliance on remote personnel or systems.
Signal's created a fancy 'Maginot Line' that ultimately reduces to the same core flaw as much-simpler architectures: if a small number of hard-to-monitor key people or servers are compromised, even temporarily, the metadata is also compromised.
You tout that "Signal's servers store no contact lists at all". But can you prove that? Signal's servers are still sent all the same data that would be required to do that.
Meanwhile, other secure messengers manage to:
* avoid ever knowing a users' phone number, or revealing a users' phone number to their correspondents
* avoid broadcasting the fact of a user's participation to anyone who cares to query
It's important to remember these caveats & tradeoffs when alleging Signal stores no contact lists at all.
I want readers to know that your headline claim, "Signal's servers store no contact lists at all", should be coupled with the important caveat that believing that claim still requires trust in Signal and Intel personnel/servers.
And even if someone, like yourself, assumes such trust in Signal & Intel, the metadata protection Signal does offer still requires other metadata tradeoffs. That's not 'equivalent' to other options, it's different in notable ways. For some users, like say an anonymous whistleblower without a 'burner' phone number, Signal's metadata handling is arguably worse than other extant options.
You find Signal a preferable, perhaps even dominant choice; I think they're a mixed-bag once aware of all the tradeoffs.
The interface is just complicated for average people and the translations were half done and this will scare people off if I recommend for cross company chat.
The server side may be great but it needs some work to have simple and elegant client on desktop and mobile clients.
Currently I use Mattermost and it seems to be doing ok but this has no built-in support for audio and video.
All I can say is that we’ve hired three permanent kick-ass full time UI/UX designers for the team, put them charge of the product direction for Riot, and told all the devs that their job is to do nothing but implement their design iterations as efficiently and accurately as possible. Let’s see how it goes.
Can Matrix servers be run as Tor onion services?
regardless, the e2e encryption debate seems largely settled by the key players at this point. I think any legislation that makes its way through is likely to see brinkmanship again. Theres no reason these services cant use darknets. At the risk of sounding like a cryptobro, theres also no reason they have to use a server at all with blockchain.
Matrix is federated and individual servers can be run by volunteers/individuals for whom EARN IT would not apply.
It would apply to them if they were or served US citizens, which would mean that nobody in the US could get encryption, which is exactly what might happen with Signal.
Sure, but only if they could be identified. So obviously any such volunteers would make sure that they remained anonymous. Otherwise, they would suffer the consequences.
Can we stop saying blockchain for everything? You don't always need to, nor want to, audit your entire history.
So if every country passes something like EARN IT, Signal shuts down, how is that resilient?
That's not a forgone conclusion. Maybe it is for Signal, but not for chat overall. There's this thing called Tor. If you're careful, you can remain anonymous. And there's the new onion routing network Loki, which backs the Session chat app.
If things got bad enough, there are more robust options. I can imagine a botnet that spread much like WannaCry, and which offered deniable messaging via covert channels. Data transmissions would be hard to detect, and running the network components would be deniable.
Signal: - cannot run own server - writing clients discouraged; centralised control preferred
Matrix: + can run own server + writing clients encouraged
Ideally, what persons A and B might want is a protocol that allows for peer-to-peer connections without passing traffic through the third party. The server might be merely a point of rendezvous to enable one person to discover the network address of the other. For example, person A contacts person B's rendezvous server for person B's address, port, etc. Then person A makes direct connection to person B. Once that peer-to-peer connection is established there is no more need for the server. No traffic passes through it. It could even be shut down.
Also: they are fairly old by now, and most complaints that have merit have been addressed.
This blog post goes into more detail https://matrix.org/blog/2019/06/30/tightening-up-privacy-in-...
What metadata are you talking about?
"Who you send a message to" is actually a relationship between two pieces of information, a sender and a recipient but Signal doesn't collect this in most cases.
Who the message they received is _to_ in the sense of which Signal account it's for, they need to know in order to store it and pass it on. But who you were they don't need in most cases because of their Sealed Sender feature.
When you converse with Alice your phone fetches profile data that it is able to unlock because Alice's phone agrees you're a friend and provided the key to do so. Alice's profile includes tokens that her friends can use to send her messages. Subsequently your phone presents a token authorising you to send messages to her, and so Signal does not ask it to identify itself when sending this message.
As a result Signal intentionally does not learn who sent these routine messages between friends and acquaintances even though the message recipient can determine who sent them.
And, by extension, the exact real world identity and location of this person.
Signal promises not to store metadata, but definitively have access to it.
Not at all? Most likely what's happened here is that you don't understand what "by extension" does in a sentence.
Hopefully the difference about having access to data and storing data is still clear?
Apart from that, group membership is also E2EE, which is a signifiant piece of metadata.
How is this achieved? How can this be attacked? Are users at risk of deanonymization?
We're mitigating this with P2P Matrix (https://fosdem.org/2020/schedule/event/dip_p2p_matrix/ etc), where there are no longer servers where metadata pools.
Signal: ?Brian Acton?
Slack has many issues (little bugs, latency, notification issues, the shitshow markdown editor) but overall delivers a smooth product experience IME. When you self-host Matrix, do you typically get great perf without much effort? Is the product experience of the Riot client smooth and complete?
Over the last year or so we've been progressively working through fixing it, and as of Monday we now have three(!) professional designers working full time on the problem. Having turned on E2EE by default, our next big project and single biggest priority is First Time User Experience - making sure that the app is at least as smooth as Slack and Discord, particularly on first impressions. https://blog.riot.im/e2e-encryption-by-default-cross-signing... has more details - and the sections before it show some of the UI/UX work which has been landing in the last few months.
Further, it is definitely worth taking inspiration from Discord. Newbies seem able to pick it up very quickly. Some Discord rooms feel about as alive as happening IRC channels from back in the day, and the interface+culture seems to do a great job of supporting that.
Fairly subtle, but important things like where the names are placed relative to the messages, and the size of the avatar/image, etc keeps the interface from becoming crowded (in comparison with the Riot desktop interface, for example). The Riot iOS interface gets several of these things right, btw :-)
It also seems to be fairly easy to customize “Discord servers“ with different levels of organization — scaling from few users to 1000+ users. Not just the backend, but the interface also scales very well. From a pure usability standpoint (apart from privacy issues, centralized, etc the user experience in Discord is fantastic.
The protocol actually has support for label-based threading (i.e. "hide all messages tagged #gif" or "only show messages/conversations in this room tagged #work") already, as per https://github.com/matrix-org/matrix-doc/blob/matthew/msc232.... But we haven't had a chance to hook this up into Riot yet, thanks to all the work spent on E2EE by default.
Proper threads will come in time however.
Optimal within the constraints of real time chat IMHO is slow-mode (5 to 15 seconds, or possibly greater) in a single channel.
Hot take: make threading an option. If you don't want them, don't use them. If you want them, then they are available. This is clearly a personal difference with no right or wrong answer. So the solution is options.
> Proper threads will come in time however.
Awesome, this was really the only thing that makes me hesitant to switch. I can stand an ugly UI if I can get good conversational flow.
I hope that Riot will implement something similar, potentially as an individual or per-channel setting.
Specific pain points were:
- setting up SSL - getting Let’s Encrypt certs onto a server without a web server was a pain, and keeping them up to date was even worse. I would love to see ACMEv2 support integrated into Synapse for painless SSL setup.
- TURN server - if you want to use voice chat, you need to set up a separate TURN server, which has its own set of challenges. Again, I would love to see a solution integrated into Synapse.
- Video chat - Even with a TURN server in place, video chat requires a separate plugin to work. Jitsi is recommended, I believe. Yet again, I want this integrated into Synapse and Riot.
- Federation - Federation is part of what makes the Matrix protocol so great, but it was a huge pain to configure in Synapse. I spent hours to get it working, and it still had quirks about matrix.mydomain.tld vs mydomain.tld. I would like to see this simplified.
Probably the thing I was happiest about is that a ton of administrative settings are easy to work with in the Riot web client.
Keep it up, guys! I hope Matrix takes over the world, and I hope to come back some day.
1) Running Synapse really isn't that hard if you follow best practices... but I think we've done a bad job of communicating those best practices; instead Synapse's INSTALL.md lays out tonnes of different options and expects folks to pick their poison. I tried to fix this a few weeks ago by sitting down and recorded a dorky video to try to steer folks through best practices for setting up Synapse + certbot + Jitsi: https://matrix.org/blog/2020/04/06/running-your-own-secure-c.... (I need to extend it to coturn, but again, coturn should be straightforward. I don't think we should be baking TURN into Synapse though!). You could also shove everything in Docker and forget about it.
2) Peer-to-peer Matrix will let you get up and running without even needing a server. This is progressing alarmingly rapidly at the moment - https://p2p.riot.im is a version of Riot/Web which installs a homeserver (Dendrite) in your browser as a WASM service worker. It's alpha, but it mostly works pretty well, and is hopefully the shape of things to come - to let people have autonomy over their comms without ever needing to understand SSL, TURN, etc.
I also understand that making things too turn-key (no pun intended) can be extremely difficult to do well and can also impede advanced configuration. But there is somewhat of an incongruity between the Matrix philosophy of keeping private servers vs. the expertise required to actually get that done.
P2P sounds really cool! I’ll try it out.
While there's definitely lots of improvement, it's still painfully slow and eats lots (like, 40% of 1 core) of CPU time. Took me a two attempts and a couple minutes (!) to join a relatively crowded room at #synapse:matrix.org on a freshly installed Synapse. I get it that there are over 12k people in there, but I haven't seen any other platforms having similar issues.
And this just doesn't feel right, design-wise. It could take a long while loading user pictures, presence states, ancient chat history and extra fluff. But seeing the most recent messages* and having an impression of joining the room should be nearly instantaneous.
Still a huge improvement over what it used to be. I remember waiting for no less than 10 minutes in a similar scenario, and it used to consume nearly 100% of CPU available.
*) For some reason, previews never worked for me. Despite being able to join, when just trying to peek I always get either the never-ending "loading" spinner or "this room can't be previewed" message.
Solving this is an interesting challenge - one option could be to opportunistically trust events. Another could be to opportunistically fetch server signing keys. A better one would be to implement MSC1228, which switches all our IDs for public keys, which should make verification much easier and less burdensome.
In terms of peeking rooms over federation - sadly this still isn't implemented yet. https://github.com/matrix-org/matrix-doc/blob/matthew/msc244... is the proposal to fix that however.
This makes sense. Thank you for explaining!
Basically it sounds like you can download the messages relatively quickly from any old server, but the first-time process of verifying takes awhile. Maybe there's a way to show that visually, so you can get the messages up on screen earlier, even if the content isn't trusted yet?
It also seems like there might be gains from prioritizing connections with servers whose members chatted more recently.
Compared to synapse's resource use, it seems completely anemic (I've read that the lead developer makes it run on a 800 MHz pentium, though that could have been a joke).
Personally though I can't stand the conversation view in Riot, the spacing between the nickname, the avatar and the text feels just wrong and I can't see in a glance who is talking and says what (yes, even with the compact view). It's minor, but it's the one I have under my eyes at all times so it's there. For now I'm using another snappier client (https://neo.pixie.town/) because of this issue.
Apart from this client-specific issue that doesn't say anything about the protocol itself, everything is fine.
The one thing I'm waiting for is rooms where participants are hidden, so that you actually get closer to a pubsub system. I have some ideas I want to try and play with, but this is needed if you want to keep some privacy
Does https://github.com/matrix-org/matrix-react-sdk/pull/4531 look any better? O:-)
> The one thing I'm waiting for is rooms where participants are hidden, so that you actually get closer to a pubsub system.
This is surprisingly hard (if you don't know what users are in a room, how do you know what servers to send messages to?) but we can provide at least a cosmetic solution (have the server filter out members below a given power level when relaying to the client). https://github.com/vector-im/riot-web/issues/6417 is the bug to upvote :)
Hey that's actually kinda sexy ! I'm not looking specifically for IRC-style <timestamp/nick/message>, I do like it when it takes a bit more space for the user, but I find this rendering nice to the eyes.
In the quote though, why is the user cast away on the right ? Would be more consistent to put it right next to the timestamp of the quoted text
Also, the nick is chopped at the end without any indicator that it is (like a [...] at the end or something)
All nitpicking, I know, I'll try this as soon as it lands because I already like it :)
> https://github.com/vector-im/riot-web/issues/6417 is the bug to upvote :)
I'm following it closely ! I can't wait to experiment around that, Matrix.org can be and needs to be much more than just a messaging protocol, there's everything needed to get rid of centralized silos of (micro-)blogging, status- or photo-based social networks, ...
BTW thank you for doing this and thank you for leading it all the way to it is today and to where it's gonna be tomorrow, there's a reason protocols fail or succeed and it's often not in the technical intricacies but definitely in the leadership that spearheads its spread. Matrix seems to be the one that has the biggest momentum for now :)
> Also, the nick is chopped at the end without any indicator that it is (like a [...] at the end or something)
These were just bugs in the first cut. I'll spin up a dev client and grab a screenshot of the final version (i think dev finished on it today!)
> BTW thank you for doing this
np. I just hope we realise the full potential of the project :) For what it's worth, I hope that Matrix can be to Slack/Discord what Linux was to Solaris/AIX. So, we just need to not screw up...
Substantially better than the default Riot layout. I hope this gets merged and I get to switch to this soon.
That said, I'd still like a more compact version of the same that further reduces the spacing/padding to make more information fit on a single screen.
> This is surprisingly hard (if you don't know what users are in a room, how do you know what servers to send messages to?)
Can you expand on what your threat model is in this case? Because I assumed rakoo was just talking about a cosmetic change (possibly coupled with allowing pseudonymous users with low (read-only) permission levels, but you'd have to go out of your way to break that).
If it were one or two little things, I'd file some bugs or even try to fix the issues myself in the Android app, but my experience has been that I have at least one experience-breaking bug or UX issue at least every other time I interact with the client. Especially if you have encryption enabled.
True to form, I experienced yet another bug with the encryption moments ago: on web, search appears to be completely broken in e2ee rooms. It just says "No results", even for words that were said in literally the last message (and messages not far back in history from the previous day, so unlikely to be a caching issue).
The verification within the client is confusing. The e2e cross signing has been an absolute headache. Meaning losing some encrypted messages because using your recovery key it throws an error (when it’s valid).
The potential is there but It does need work. My first impressions are that it feels like it’s all stringed together.
For example why have a button in the IOS app for resetting bootstrap only to display a message of “this button doesn’t work but will work in future”.
The default home server can be terribly slow. I get it, running your own server but still, I don’t want to do that right now.
It’s works when it wants to work. And when it does, it’s pleasurable and smooth.
https://github.com/vector-im/riot-web/issues/13519 expresses my frustration.
If the whole premise of matrix is encrypted chat, and I can't verify myself, I'm hesitant in using the app. Luckily I am only using it to talk to a single friend so it's not a too big deal at the moment.
I find the lack of ability to group chat rooms, into discord "server" type things or Slack "workspaces" or whatever they're called, to be particularly deathknelling for Matrix's usefulness.
The matrix answer, "communities", are in the works, but who knows how good it will be.
I've been told the apps (Android/iOS) aren't as good as the Desktop version by coworkers.
Riot iOS has been a bit under resourced over the last few years, but other than some jank it's a decent native app, albeit trailing behind Desktop a bit. RiotX meanwhile is of very similar quality to Desktop, albeit beta (but exiting next month, hopefully). Finally, Riot Android is abandoned now and we'll replace it with RiotX when RiotX is ready. Many folks' bad impression of Riot on mobile is due to Riot Android having been abandoned in favour of RiotX or the last year - such is the cost of a rewrite :/
I tried getting a team of tech savvy people to use it for backup encrypted comms, the UX was horrid, the key verification just didn't work at the time. Hopefully this is fixed.
I am hoping a commercial product comes out of this,so they have proper QA and UAT. The FOSS approach of filing an issue/bug when basic things fail does not translate well to a generic audience. The protocol and Riot are actually decent,but I think the UX has yet to catch up with the rich feature set.
Both Signal and Slack just worked. Slack has great UX, Signal is mediocre but from a security perspective, many things are non-obvious which to me feels like a dark pattern of insecurity,Riot maybe more painful but fails in more obvious ways.
This is what we've tried to fix in this release :) Meanwhile, as you note, first time user experience is our single biggest project now e2ee-by-default is shipped.
One thing I don't like is that your message shows in grey for a few secs in Matrix. What does it mean? I don't know. But what does it feel like? Like it's lagging.
Matrix doesn't use phone numbers, and is federated (that's what makes Matrix interesting), so it's naturally the "antidote" suggestion on threads when people bring up these aspects of Signal.
The fact is that they're not really comparable projects; they have different audiences and different goals. People have an innate narrative bias that constant hunts for horse races to spectate, and so you'll see a lot of "Signal vs. Matrix" arguments, but it's an artifact, not anything substantive.
I always see Signal as being "really good" crypto. Bulletproof? No, surely not. That doesn't exist. If I were a dissident or something I would be using gpg religiously and all that jazz.
But is signal significantly better than basically every mainstream sms-like thing? Absolutely! imessage, sms, mms, whatapp, facebook messenger, whatever google's current chat app is, etc. All of them don't even try to be a secure/privacy-respecting chat tool and reall y make no secret that they're usually totally the opposite (facebook messenger....).
So when it comes to getting my parents onto something that sends videos of the kids real good and also will make dragnet state surveillance efforts a bit harder, I pick Signal.
Agree on the second part, but two messaging solutions can and should be compared. 1-to-1 (text/voice/video) messaging is entirely possible with both Signal and Matrix, and evaluating that narrow use case is a reasonable way to compare the two.
And of course more broadly, Matrix as a whole isn't even limited to only messaging apps, although that's where most of the focus has been thus far. There have been some fun demos/projects in the past though:
- Synchronized presentation slides: https://github.com/Half-Shot/matrix-presents
- MIDI over Matrix: https://github.com/McOmghall/midi-over-matrix
- VR videoconferencing: https://matrix.org/docs/projects/other/matrix-vr-demo
And of course, there is the Matrix spec itself, but I learned most of what I know idling in matrix channels (#matrix:matrix.org and #synapse:matrix.org) and hosting my own synapse instance.
FluffyChat is similar, and seems to be a bit further along (it has basic e2e crypto support for example) -https://christianpauly.gitlab.io/fluffychat-website/en/
But Signal just works and is fast (though not as fast as WhatsApp)
Matrix in the default login also works, but when you choose the default open Matrix Server ... it is slow.
So I also will continue to use .. not only 2 but 6 different text sending applications. But in the future I would love to just use the Matrix protocol and one software.
* Still alive.
* Still open source libraries and most clients.
* Still mandatory e2e encrypted. (unlike matrix)
* Still always-on full forward secrecy. (unlike matrix)
* Still full p2p. (unlike matrix)
* Still works fine.
Why isn't Tox more popular? The difference has to be the amount of money/effort spent in marketing.
Not sure if they got better since then.
edit: yeah this issue
and the discussion here (2017)
And it's remarkable that the only issue cryptoanalysts found is this one which requires your private key to be stolen in order to fake messages from your friends to you.
Not to deride them just for coming from 4chan, but I really seriously doubt there's been thorough 3rd party auditing of the protocol and code.
IIRC signal has been audited?
Message is saved on the sender's client until the receiver is online.
And it works with TCP, if it can't be made to work with UDP.
And it supports ipv6.
You're pretty much covered.
There's still a ton of work left to do, but I'm thankful for all the hard work that went into making this possible.
Can see this info in the blog.
Once Jitsi lands their E2EE support (hopefully using Matrix's E2EE for key management, c.f. https://news.ycombinator.com/item?id=22855407) then we'll get E2EE video conferencing too.
Until then, Matrix (but not Riot) also supports E2EE video conferencing via full mesh webrtc, but as you say, it scales to relatively few users.
WebRTC doesn’t give you hooks to re-encrypt the SRTP payloads.
I do not believe that video codecs are able to decode over "encrypted" data and produce some video stream.