Now if only they can figure out how to make Riot usable with Encryption enabled without pulling your hair out every time you enter a room or chat with non-matching keys.
While Riot has a lot of features, it is also not easy for new users.
I've tried to convert at least 10 persons and none of them use it any more, citing not being able to figure out how to use it or simply not having the time to waste figuring it out.
It needs to be intuitive out of the box, how to contact people, how to find a room, how to chat.
edit: To be clear, we no longer nag whenever there's an unverified login present - and unverified logins should increasingly be a thing of the past anyway given we now have cross-signing and so let users verify their own sessions at login.
Only my closest family would listen me explaining that there's encryption but there's also authentication, yet only because I force that info upon them while standing over their shoulder, making sure they write down all the recovery keys.
Select few graduated to password managers and know to back the bases up.
It's a struggle, mainly because I'm the only one who cares in this particular social circle, and thus people don't see my concerns as normal.
However, the feedback is overwhelmingly that we need to iterate on the recovery passphrase - either making it a generated key (like macOS does), or going the whole hog and replacing the login password entirely with the cryptographic recovery one.
Turns out the UX on this stuff is tough.
There is an open issue on this topic.
edit: also, congratulations, really hope matrix can get the market share it deserves
BTW: I absolutely love the cross-signing move and riot/matrix in general! :) Thanks for your great work on this!
It's possible we'll reintroduce this once cross-signing has been fully adopted though; it's tricky because we need to distinguish between encrypted rooms where you simply don't care if random users have unverified slides... versus ones where it's a disaster if an unverified session slides in. Finding the right UX for that is tough, but we think the current balance is an improvement.
That is really a tough UX problem... Maybe a room could have a "sensitive content" flag that is enabled by default for one-on-one chats and can be manually enabled for group chats.
Nice to see this finally happen :-)
Edit: for people interested there are company docs at https://beta.companieshouse.gov.uk/company/10873661/filing-h... eg. "25 Mar 2020 Total exemption full accounts" document (2.2) shows a yearly loss of almost 2M pounds.
Edit 2: it seems Matrix people no longer control 50% of their company shares, or I'm reading it wrong: https://beta.companieshouse.gov.uk/company/10873661/persons-...
Even if New Vector did go evil (e.g: bought by EvilCorp; coerced into adding backdoors; tried to monetise user data/metadata; tried to relicense opensource stuff as proprietary; tried to add core functionality as paid-only) then both the Foundation and the wider ecosystem would fight back; rejecting the obnoxious changes to the spec, or simply going and supporting an alternative provider.
Meanwhile, if New Vector did implode, the team could still go elsewhere and keep working on Matrix if they wanted to - and there are an increasing number of folks who might hire them to do so. <plug>e.g. Automattic's new Matrix job opening! https://automattic.com/work-with-us/matrix-integrations-engi...
edit: the monetisation strategy for New Vector is selling Matrix hosting (https://modular.im) and helping out big folks like Governments who want to jump on board Matrix. While the company is certainly not profitable yet, it certainly has a path to being sustainable (otherwise folks like Automattic wouldn't invest!)
Thanks for this info! Exactly what I was looking for.
Even if they just "went Keybase" not having people outside of the org working on it would slowly bring them the XMPP fate (irrelevance).
Here's hoping Automattic has enough influence to move the WordPress.org open source and community discussions (which are currently hosted on Slack, but used to take place on IRC) to Matrix too.
Surprisingly the only thing that I am really missing is the ability to use custom sticker packs which got added to Signal a few months ago.
RiotX Android doesn't support calls at all according to the Play store page, while the old Riot Android client doesn't support cross-signing, search doesn't work, and it overall feels unpolished. It's still very much beta software.
I want to imagine it, but I really struggle to. Matrix is just too slow, bloated, and heavy. I cannot even fathom what a snappy experience with Matrix would be like. I look forward to something like this if it happens though!
This is IMO mainly because they've stuck with the main implementation of the homeserver (Synapse) being written in Python. Had they've gone through with developing Dendrite as the main implementation, or perhaps even gone with one written in Rust, all of this would feel much snappier.
In a way, Dendrite is now being primed to be compiled to WASM and used in a p2p setup of Matrix, but hopefully we'll also see it running on servers instead of Synapse one day.
Although, to be fair, you can't really blame them too much though, they're a casualty to the Coronavirus effects like a lot of similar services are currently.
Meanwhile Conduit (http://conduit.rs/) is a new implementation in Rust which is making spectacular progress (it's overtaken Dendrite in some places already).
Both of them are unrecognisably snappy, relative to Synapse - even when Synapse isn't completely overloaded.
So, if that's available, why not use Conduit as a candidate for the p2p-matrix? Wouldn't it be a better choice than Dendrite? AFAIK Mozilla is already heavily pushing Rust into the WASM territory so perhaps that would make a lot of sense.
On that note, is hosting a git GUI a trend? If I want to contribute I have to sign up. I’d have dozens of logins if projects started doing this.
I wonder if matrix could work as a decentralized git.
I don't use it myself, but I hear it's quite snappy too.
Obviously distributed and encrypted not an easy problem, but if this is what it is, it’s just not fit for purpose for me.
Once you're in, though, performance has improved 2-3x over the last year, and there's easily 10-100x more improvements to be made one way or another. We're also about to add active/active clustering in Synapse at last, which should make bigger servers zippy.
In terms of receiving traffic after you've torn down the server; this is equivalent to getting people trying to talk SMTP to you on port 25 years after you've taken down your MTA. You can mitigate it by explicitly leaving all the rooms on your server before you tear it down, though; i've just filed a bug at https://github.com/matrix-org/synapse/issues/7551 to track maintaining a script to do so.
Sorry you've had a crap time so far though :(
I love the idea of using public keys as identifiers, but to be honest the current proposal does NOT give me a warm fuzzy feeling inside.
First, you’re having the server generate keys for the users. This is at best a “code smell” —- even if it works for your particular security goals, it sure feels weird. Zoom recently got absolutely blasted (and rightly so) for doing something similar. Why not have the user generate their own keypair, and then the server can sign the public half, essentially giving you a cert.
Second, there’s a lot of places where you have a layer of indirection between old @user:domain id’s and the new public keys. As an attacker, I would see every one of those places as extra attack surface where I might be able to exploit some confusion.
I hope this doesn’t come off as excessively negative. Matrix is awesome and you’re all doing a great job tackling some huge problems.
The user identity keys are not used for encryption, let alone end-to-end encryption. These are of course only ever created on clients, and never leave the clients.
Instead, this is just a proposal for how to determine what servers are allowed to host a given identity. The proposal also predates E2E - nowadays we might also sign the keys with your E2EE keys to lock the chain of trust to the client.
I get why the whole indirection from @foo:bar.com through to new public keys might also feel weird, but in practice we have that indirection today - as you resolve (say) an email address to a matrix ID. It's basically making the old matrix IDs equivalent to today's 3rd party IDs (email or phone number or whatever).
So yup, understood that it smells funny, but I think the concerns aren't entirely well-founded here. That said, the proposal is ~2 years old, and we'll be dusting it off and sorting it out in the coming months in order to support P2P and speed up room joins, and that might be the point where we tie it into E2EE keys (or not).
1: A new technology is being worked on by enthusiasts. Nobody knows if it will get mainstream traction or not.
2: A company puts in a siginificant amount of money to accelerate development and marketing.
3: The new technology gains mainstream traction.
Two examples I can think of for point 1 are Linux and PHP. I think both grew without money coming in, right?
That said, nobody's done any Jepsen tests yet as far as we know, but we'd really welcome them!
Sounds like Jepsen could certainly be part of that; we'll ping Aphyr when the time is right.
https://github.com/matrix-org/purple-matrix is a very basic proof-of-concept PRPL plugin that lets a libpurple client like Pidgin or Adium or Purism's Chatty connect to Matrix. We wrote it as a demo to inspire others hoping that someone from the Pidgin community might pick it up and polish it, but sadly there hasn't been much progress. We don't have bandwidth to finish it off ourselves.
Then there was matrix-appservice-purple (https://github.com/matrix-org/node-purple/tree/f5ad4ef798904...), which was a proof of concept bridge using node-purple which let Matrix connect to anything that libpurple can speak. We used it to demo bridging from Matrix into Skype via the skypeweb PRPL - but it was a very fragile quick hack demo.
Then this was replaced by Bifrost, a proper production-grade bridge engine: https://github.com/matrix-org/matrix-bifrost. It supports different plugins for the bridging, one of which is libpurple via node-purple (although most people use it as an XMPP bridge, via the xmpp.js plugin). This lets you connect from Matrix into any protocol supported by libpurple - effectively an equivalent of Bitlbee, but for Matrix rather than IRC.
Good place to get started reading: https://matrix.org/docs/guides/introduction
This sounds like XMPP so nothing new.
What sets the Matrix apart is that they have the money and spend time and effort to get their clients into good shape. The E2E verification is a prime example: looks simple and works well.
Matrix is a decentralised encrypted conversation store; where all conversation history gets replicated across all the participating servers/nodes. It's a bit like Git, or NNTP (Usenet) or possibly IMAP, depending on how you squint.
XMPP is a message-passing protocol; where stanzas get passed between servers/nodes. It's a bit like SMTP or SIP.
There are a bunch of other differences philosophically (Matrix is one big monolithic versioned spec; XMPP is a cloud of XEPs, etc) too.
The only similarity in the end is that you can use both to build chat systems (and you can use both to build a bunch of other things too - e.g. IOT use cases).
Another way of thinking of it is SVG versus Canvas. Or OpenGL versus a Scene Graph library (Open Inventor, or whatever that's become now). Sure you can use both to draw pretty pictures, but architecturally they couldn't be more different.
Synapse plus a few bridge just eats all my server's resources. Go wonder why they chose to do it in python...
Enabling access to all
IRC used to be used open I hope Matrix and IRCv3 takes over.
Also, universal standards are not necessarily a good thing. Decentralization with multiple competing tools and standards is good as it provides redundancy and opportunities for specialization.
They seem to be doing fine:
~10.0M global visible accounts
~2.5M messages per day
~4.5M unbridged accounts
~500K unbridged messages per day
~2.1M rooms that Matrix.org participates in
~20,000 federated servers
~3000 msgs/s out, ~30 msgs/s in on Matrix.org
~400 projects building on Matrix
~70 companies building on Matrix
They're up to 20k visible servers from about 5.5k servers in September 2018, and if you look here: https://youtu.be/1TPICntbC5w?t=1692 you can see the growth curve looks pretty good.
> Also, universal standards are not necessarily a good thing. Decentralization with multiple competing tools and standards is good
Matrix explicitly doesn't try to be "the one true standard". That's the whole idea of their bridging model: https://youtu.be/1TPICntbC5w?t=296
The ratio is about what we'd expect - there's a mix of DMs, private rooms, and massive public rooms; the DMs will dominate, hence this ratio. Every conversation in Matrix happens in a "room" (even DMs), under the hood, which might be the point of confusion here.
Only things missing (to me) is a full Java API. I built one for bots and quick fleet-history-monitoring, but it's clunky...
Strange argument. This is one of those competing, decentralised standards you are asking for. It’s not clear that fragmentation is better for chat services, even if like you say commercial interests lead to that. Would the web be better if information was spread across 10 competing incompatible versions of http/dns/html/web browser?
uBlock has blocked 31 (actually, 38 and counting - dynamic while open - oops, up to 41 now) intrusive ads/trackers on your new link to a commercial website, and zero on the original link to the source of information. I do not want this as a reader and feel given the subject matter (privacy, e2e chats, etc.) that this move is not in the best interests of the people reading this link or article.
I hear you about the ads etc. and agree in principle, but it's a separate issue. That's how media work right now. We may not like it but it doesn't mean we should bite our nose off to spite them.
Btw, it's possible that I made the wrong call in this case. I didn't look closely either at the PR release or at the TC article—I just skimmed them. But the above is the heuristic we use, and I'm pretty sure it's the right one for HN.
Ironically, the /actual/ PR for this was at the bottom of https://blog.vector.im/automattic-backs-matrix-investing-4-6... - which indeed is bland PR language, intended to convey the bare facts to journos rather than actually be read by normal folk :)
The official post is concise and contains all of the important information, while the Techcrunch "article" is mostly just a string of rambling quotes with filler sentences.
Techcrunch has horrible quality in general, and is only accessible in Europe through a basically malicious tracking opt out.
Since when are low effort aggregators preferred over the original source/announcement? The TC article would be just fine as a comment...
New projects are a kind of success itself so we expect the principals to be ebullient. But the prose is over the top. It gushes. Quantum computing wasn't invented here.
It's the IT corporate form of Hollywood but in words: Another theoretically innvoative industry except it isn't: It largely can't make an original film.
The older I get, the more I am in agreement with English Profs: use a better adjective, could you? Don't repeat. Avoid generic over used phrasing. In short: is it too much to ask that your language had a pulse? Game? Personality?