Matrix is an unserious project and the client ecosystem is a train wreck. The server ecosystem is not much better. The Element people, who are kind of the default Matrix people because as far as I can tell are the only people getting paid, will tell you that this is because a bunch of IT integrator companies unjustly profit off of the open source work by selling services to European companies but contributing none back to either Element or other open source Matrix projects.
The first issue I'd like to address is that one: as a small business, I tried to purchase software from Element and was told that I was not large enough to justify their time. Fair enough, I only wanted a 200 seat license and I was willing to pay per seat, but I guess they really want the high value contracts if they have a limited sales team. However, it is a bit much to go from that experience to their justification about the structure of their project. Maybe they should think about taking some sales opportunities that present themselves?
Then there are branding and release decisions around the clients that Element makes. There are two projects in the client space from Element: a client called Element, and a client called Element X. Element X is the newer one. Element (do you see how this is getting confusing yet) is simultaneously at different times an Electron desktop app, a mobile app, and a web app. Element X is becoming all of those things but the feature parity is not even between them. Element supports "legacy" Jitsi for voice and video calling while Element X supports newer Element call - which is different from legacy Element, Element call is a webRTC implementation native to the Matrix ecosystem while the "legacy" Jitsi is a way to send clients a URL for Jitsi calls and have them shell out to another app to actually implement the call. Fair enough. However, the desktop Element X client does not yet support new Element call but the "old" Element client does support both "legacy" Jitsi and new Element call. And the Element X mobile app cannot call the old Element mobile app - but I think the other way around can. Even getting your head around this as an IT person is confusing.
To add insult to injury the new Element X app on mobile is in some ways a downgrade because they integrated the cloud vendor push notification services into the app, so even though you have "sovereign" and "self-hosted" infrastructure you're still, on a good day, leaking meta-data about your chats back through to the people you were trying to decouple yourself from anyway. You can run your own push notification services for this mostly if you want and all your mobile clients are Android but like, why.
Then, there's desktop client usability. During account setup, Element/Matrix makes a big ceremony out of establishing your cryptographic identity. Perfect. And as part of that you write down a 10-ish something word passphrase that is a recovery sequence for said identity. Perfect. Then some network hiccup happens that disturbs the Element client like some kind of prey animal and it spontaneously logs you out. You log back in, but there are no fields or options visible to use that recovery passphrase to restore your cryptographic identity. Your only option is to reset your identity, which makes all prior chats you have had unreadable. That part at least makes sense but why have this recovery story if it is not tested or usable in the app? This is probably an Element thing but in my research I have not found a client that people say is more robust, though at this point I'm open to trying.
It's also possible that the way most people use this is as a web app, which is to be fair more robust. It does seem worse from a security point of view to have one central web server dealing in most of your users plain text, though. At that point, why not use Mattermost? I guess they're even more hostile to their users/customers, for some reason.
Finally, there's the server ecosystem. The thing that is frustrating to me here is the interplay between Synapse, Matrix Authentication Service (MAS), and OIDC. This, as far as I can tell, is all intentionally hostile to drive you into Element's commercial product offering. Which I find especially galling because they won't sell your their commercial offering anyway, so you're going to have to figure it out for yourself. Synapse has some legacy support for OIDC which you are going to need to enable for backwards compatibility. However, for forwards compatibility with Element X, you are going to need MAS. Synapse is a large, mature Python project. MAS is a single Rust binary which is simultaneously a server and CLI to do user management. You'll need both configured against your OIDC provider. Why didn't the new OIDC features just get integrated into Synapse?
I think that a lot of this is an outcome of the fact that Element is very literally in a "the old world is dying and the new world struggles to be born" situation at this time. I do have a lot of sympathy for being in the position of having huge companies - especially companies as annoying as IT outsourcing and integration - make a line of business out of configuring and installing your open source software. However, I have to say, having spent some of my professional life now also configuring and installing this open source software, I understand why those IT outsourcing companies have a moat. If the open source software was easier to install and use, perhaps those companies would have less of a moat. It seems to me that at least some of the story from Element is that if they make the ecosystem harder to use and understand, then people will take their money and the business will survive. However, in my experience, they won't take your money anyway.
I think their main issue is that they seem to have no one who is seriously looking at the Matrix ecosystem from a product perspective. You have all of these pieces of technology in various states of maturity that more or less fit together if you know what you are doing. But there is also a lot of friction and a lot of things breaking on a regular basis etc.
What the project needs is someone who looks at it from a customer perspective and who can direct resources to make sure the entire thing is packaged as one consistent thing that does what the customer needs.
If you install WA or Signal, or if you sign up to Slack, you don't have to wonder which home server you should install and which of a dozen or so available clients you should use and what features are not yet production ready. Instead, it just works.
The lack of attention that you identify is a real issue with the project but the root issue is ultimately a lack of sufficient funding that would enable all these parts to receive the attention that they require.
Funding fixes all these problems and it has to come from big governmental and institutional players in Europe who are motivated by ending their reliance on American companies like Microsoft.
I think a product focus does exist: Element seems to be a genuine attempt to fully assemble Matrix as one full project. The problem is that it feels like the Element devs are stuck wanting to have their cake and eat it too.
There's some design choices in Matrix that don't really "fit" with what modern messaging infrastructure looks like. (Which to summarize it pretty quickly is a Slack/Discord-esque model, where non-sysadmin users get to fully administer their own spaces, with an expectation for multiple different channels, control over user permissions and user access and so on and so forth.)
Some of these come from the fact that Matrix is pretty blatantly just designed as "what if IRC, but slightly more modern". It's main unit for non-sysadmin moderation is a single channel, with the expectation that one instance of Matrix will never have two channels named #general (as an example). Similarly, it's entirely possible to kick users from a channel... but then have that exact same channel continue independently on a different instance, but under a different label. This makes sense if you look at it as "supercharged IRC", but becomes a complete and utter mess when you factor in things like the encryption between two servers suddenly disagreeing with each other (leading to a bunch of old messages becoming unreadable), content moderation (barely an issue on IRC because message retention is expected to be almost entirely clientside) and so on and so forth.
Element/synapse's people do try to provide for these cases, but you're effectively stuck trying to prod at admin API endpoints, bots to synchronize moderation decisions and they have like 3 different "channel grouping" that's supposed to be their version of the Slack workspace/Discord guild model.
Honestly though, I'm pretty sure that once XMPP gets a proper multi-user multi-channel XEP going (there's one in draft right now which specifically tries to provide workspace-esque support; it's possible to do this already but it's a sysadmin XEP, the proposal aims to give this capability to regular users), it'll just end up blowing Matrix out of the water entirely for most usecases. Unlike Matrix, it's a far more mature protocol that's a lot easier to work with and actually has many different implementations that you can choose from.
Room addresses/aliases (like #matrix:matrix.org) must point to a single room (in fact, they point to a room version, so when rooms are upgraded, addresses must be pointed towards the new room). But for communities, a better way to organize the rooms would be spaces. Spaces can be joined. Spaces can contain rooms and other spaces. Like discord "servers" (guilds), but more flexible.
> To add insult to injury the new Element X app on mobile is in some ways a downgrade because they integrated the cloud vendor push notification services into the app, so even though you have "sovereign" and "self-hosted" infrastructure you're still, on a good day, leaking meta-data about your chats back through to the people you were trying to decouple yourself from anyway. You can run your own push notification services for this mostly if you want and all your mobile clients are Android but like, why.
Probably because this is literally the only way to make notifications work reliably on mass market Android and iOS devices? It is no different from Signal or any other secure messenger on the market. Decoupling from these platforms is a story for another day.
The thing about hosting was the same conclusion I drew when I looked into this. I’ve stood up a lot of daemons in my time, and Matrix’s difficulty level is so far outside the norm that… it’s got to be on purpose, right? If it’s not on purpose, man, that’s also worrisome.
> I suspect this is a staged Zoom call for marketing purposes. How do I know this? Everyone is smiling.
Oh come on, everyone is smiling because there's an infant in the leftmost 2nd from top video. Or a picture of an infant. Someone did "hey look at my cute kid" and everyone loses it because that's what people do.
It’s not as common but the incentive structures in academia are uniquely enabling to abusers. In industry it’s much easier to leave tyrant bosses. I agree with your points.
Many of the positive incentives don’t exist in industry though, an “up and out” culture is rarer in industry. When it works in academia your supervisor is positively invested in your growth, in general in industry your supervisor doesn’t care about your growth. If they need someone with new skills and you learn them fine but they can also fire you and hire someone with those skills (even though this is probably a net negative for them due to retraining on job specific stuff, it’s still seen as a net positive by management)
There is less abuse though. Full stop. Sorry you’re in this situation.
> In industry it’s much easier to leave tyrant bosses.
… and when that’s less true, you see the same dynamic. Most of the bad stories I’ve heard involve H1-B holders who couldn’t leave, locations where there wasn’t much other tech employment, or specialized skills which were only in demand by a handful of local employers (e.g. being a veteran COBOL employer in SV will not give you an edge for most of the open jobs). Academia is just unique in having enshrined that dynamic for almost everyone: the job market is brutal and an abusive or careless advisor’s support for finishing and finding jobs has a huge impact.
I’m not an academic but have spent a fair amount of time being the only person in the room who isn’t a grad student or have a PhD and there’s been a lot of commentary that science would be healthier for having more staff scientist positions in larger groups, both to reduce the degree that many careers depend on one person’s decisions and simply to recognize that there’s a huge mismatch between the number of people needed on many projects and tenure track positions available. Everyone I know who left for industry is happier but that’s skewed by most of them having had the skills to go into data science & ML and thus significant income multipliers.
Oh not to worry, academia innovated on this concept too and for non-US citizens advisors can simultaneously hold both a students F-1 visa and their career future over them.
Your points are valid though.
> science would be healthier for having more staff scientist positions in larger groups
I think this is a good idea but not for these reasons. Big labs frequently do have research scientist type roles but those roles are harder to fund so it is sort of a "rich get richer" deal. As I understand it, just cast your eyes around in a university and ask "who pays for that." Professors are paid for by the students they teach and the grant money they bring in. A research scientist might not have either so why would the university commit to paying for them perpetually and how would they afford that?
They could commit to funding some number of research scientists at the expense of some well paid administrators (gasp) but I think this only adds a constant factor of slack to the system, and those research scientist jobs would quickly become as competitive and cut throat to get as TT prof jobs, perhaps more so because many TT profs really don't want to teach or do service work so if you gave them a role that was just research but with the job permanence and freedom of a TT position they would kill for it.
PhD students in the sciences rarely pay for the professors; instead, students are often funded by the professors' grants. Research scientists could be funded the same way with a few (easy) changes.
1. Research grants are too small. The modular budget for an R01, the workhorse grant of biomedicine, just about covers a PI + staff scientist salary, with very little money left over for the actual research. Make it a bit bigger--it hasn't been inflation-adjusted since 2004(?). This might cost a bit, but we spend something like a penny per tax dollar on all research, even though it has a HUGE multiplier effect.
2. Expand the funding mechanisms. Students and postdocs are attractive not just because they're cheap, but because you might not need to pay them at all: there are myriad funding opportunities in addition to a project grant, ranging from individual fellowships to department/program-wide training grants. In contrast, there's ONE mechanism for funding staff scientists, the R50, only one of the NIH's institutes participates, and it fund ~28 people/year. Divert some money from training grants to this, which could be cost-neutral (grad students are surprisingly expensive when the grant pays their tuition).
I think this would have several beneficial effects: better science, but also a saner job market, which in turn would have knock-on benefits on trainees' success and morale (there is pretty clear data on this) as well as DEI.
> In industry it’s much easier to leave tyrant bosses.
Well, there is a lot of industry we collectively turn a blind eye to.
Meat packing facility jobs is a hot topic right now due to stories about COVID conditions. The workers in the facilities are treated like the human equivalent of the livestock they process. But the employer is often the "only game in town" for those workers. Even if it's not impossible for them to leave they may be practically stuck and this is reflected in their treatment.
I appreciate this but in the context of this discussion when a PhD asks “is it better in industry” they do not mean going to work at a meat packing plant.
Your larger point is true though and it would be great for there to be equity and dignity for all people of all professions!
I tend to agree that's a somewhat safe bet and it gave me pause making this comment.
However "industry" has not been thoroughly qualified and it has been used throughout the comments in a very general way.. Plus, I'm sure Tyson Foods employs some PhDs among its 141,000 workers :)
Teaching classes effectively is very hard and very few people can do it. It also doesn’t pay that well and is draining and often times not that rewarding. Universities try to get people that are good at it as professors by bribing them with the respect and autonomy that the title “professor” confers. Outside of the classroom, the professor does whatever they want to advance their own agenda.
I would think online only programs would have a hard time competing with universities for people that can design and execute effective courses. There are so few that most universities don’t even employ many of them. Why would someone like that work for an online school when they could work for one that would give them tenure, funding, lab space, grad students, etc?
>Universities try to get people that are good at it as professors by bribing them with the respect and autonomy that the title “professor” confers.
Generally speaking, universities don't care much about teaching ability. Hiring decisions are based almost entirely on research profiles (except where the institution itself has a clear focus on teaching over research, as at e.g. some liberal arts colleges). There are two main reasons for this. First, research brings more money and prestige. Second, student satisfaction has little to do with teaching quality. You can make students happy just by giving them a light workload and good grades.
So in fact, there are lots of people who are good at teaching who universities have no interest in hiring.
> Why would someone like that work for an online school when they could work for one that would give them tenure, funding, lab space, grad students, etc?
Well, someone like that would love to not have to waste time lecturing. By not being on campus they could go to more conferences and spend more time in the field. They could recruit ideal grad students from anywhere on earth without worrying about immigration restrictions or family ties.
I lived in Dallas and it is the only place I've lived where people would scream homophobic slurs at me in the street. I wouldn't say I'd never move back, but the situation would have to be dire for me to consider it. Definitely cut your hair if you visit.
I dunno, 40 years of living in other places, stuff like this only happens in Texas and the South. There are definitely assholes in NY and Boston but they won't get up in my grill for "looking gay" on the street so that's pretty neat.
It happened to me in Chicago, twice in one weekend. All I did was wear a pink shirt and walk down the street. That was enough to garner homophobic slurs.
I'm not gay and when I mentioned it to one of my Chicago friends, and he just shrugged his shoulders and said, "Yeah."
How do you decide which scientists to pay? Pay them all? Then everyone becomes a “scientist” but does no work and draws a free paycheck.
Pay the ones that produce good work? What is good work? Right now, that is decided by number of papers. That metric is gamed to death, that is what publish or perish culture did. Choose any other metric, it will be gamed too.
What if the PhD meant something such that having it was enough? That was all you needed, then you would just get paid to do science. Such a gatekeepeing would require graduating a lot fewer PhDs. How to do that is open: admit fewer? Or psd fewer? If the latter, maybe master out a lot more? Anyone that makes it through gets a guaranteed paycheck, but almost no one makes it through.
Where you are mistaken is that there are a large number of graduates because there is a large demand for research. There isn’t. A given professor needs N papers to get tenure. Say that N = c*k for c researchers and k papers. N is so large that c must be >2, so for the professor to get tenure, they need assistants. Where do they come from? Graduate students. What do those students do when they graduate? The professor doesn’t care because they have tenure now.
Research funding has been decreasing over time, which means N increases, which, counter-intuitively, means c increases, which starts a negative feedback loop because the amount of researchers competing for funding increases while the amount of funding available decreases, still further increasing the number of graduate students needed. That explains what you see.
> In sum, your own oral and written statements to the OIE investigator, the Dean’s Office, and
others clearly establish the following:
> On May 8th, 2019, carrying bolt cutters and leading a group of non-affiliates to campus, you
forcibly entered Garland Hall in the middle of the night. By your own admissions, your
actions were premeditated and you expected that your actions could result in a violent
confrontation with students and others in or around Garland Hall. In fact, you believed the
group of non-affiliates you brought with you could become violent. As a faculty member at
Johns Hopkins University, you created a dangerous situation that could have ended in
serious harm to our students, yourself, and others in the community.
> Prior to May 8th, 2019, JHU administrators had clearly and repeatedly instructed you that
Garland Hall was closed and that you were not permitted to enter, despite your requests
for permission to access the computer servers in the building. You acted in deliberate
defiance of the administration’s directives. You have flagrantly and unapologetically
violated JHU directives and your actions have endangered the University community.
Further, you stated you feel no remorse or regret for your actions.
I don't understand how these events are acceptable. Neither Daniel Povey nor JHU seem to dispute any of the critical facts. How is recruiting some muscle to go bust some heads, in any universe, an acceptable course of action? For any employer?
Smart people get everyone else to bog themselves down with "second-order thinking" perpetually tying themselves in mental knots wondering endlessly "what happens next" and "should I or shouldn't I." That is because smart people that get shit done will not think twice, do the thing, and then quickly re-evaluate the results and proceed apace. Smart people that get shit done, outperform by actually executing. You can't predict the future. Asking "but what about in ten years" is the height of hubris. The only answer can be "who knows."
I agree that smart, effective people do generally have a bias toward action. But not in the bull in the shop "thinking twice is a waste of my time" sort of way you're describing.
Depending on your aim, smarter people probably don't spend time bogging others down, and instead probably fall closer to the teach a man to fish side of things.
There is some truth to this. The future is impossible to predict. There is foolishness in failing to understand where predictions make sense and where they don't. We like to talk about "intelligence", but wisdom and the virtue of prudence are essential. Without the disciplining effect of the virtues, intelligence is thwarted. The degree and the kind of effort one puts into something is extremely important and requires a comprehension of the confluence of factors that are important to making the correct decision. This requires experience.
And as the saying goes, if you want to make God laugh, tell him your plans. But that isn't to say we shouldn't plans. This should not be taken as license for impulsive behavior and an irresponsible absense of forethought. But it should be understood that plans are often dependent on certain conditions holding, on the completeness of our knowledge, etc, thus requiring humility in the face of uncertainty and recognizing that plans must be adjusted or abandoned sometimes. There is no recipe for any of this and first principle are not enough.
The first issue I'd like to address is that one: as a small business, I tried to purchase software from Element and was told that I was not large enough to justify their time. Fair enough, I only wanted a 200 seat license and I was willing to pay per seat, but I guess they really want the high value contracts if they have a limited sales team. However, it is a bit much to go from that experience to their justification about the structure of their project. Maybe they should think about taking some sales opportunities that present themselves?
Then there are branding and release decisions around the clients that Element makes. There are two projects in the client space from Element: a client called Element, and a client called Element X. Element X is the newer one. Element (do you see how this is getting confusing yet) is simultaneously at different times an Electron desktop app, a mobile app, and a web app. Element X is becoming all of those things but the feature parity is not even between them. Element supports "legacy" Jitsi for voice and video calling while Element X supports newer Element call - which is different from legacy Element, Element call is a webRTC implementation native to the Matrix ecosystem while the "legacy" Jitsi is a way to send clients a URL for Jitsi calls and have them shell out to another app to actually implement the call. Fair enough. However, the desktop Element X client does not yet support new Element call but the "old" Element client does support both "legacy" Jitsi and new Element call. And the Element X mobile app cannot call the old Element mobile app - but I think the other way around can. Even getting your head around this as an IT person is confusing.
To add insult to injury the new Element X app on mobile is in some ways a downgrade because they integrated the cloud vendor push notification services into the app, so even though you have "sovereign" and "self-hosted" infrastructure you're still, on a good day, leaking meta-data about your chats back through to the people you were trying to decouple yourself from anyway. You can run your own push notification services for this mostly if you want and all your mobile clients are Android but like, why.
Then, there's desktop client usability. During account setup, Element/Matrix makes a big ceremony out of establishing your cryptographic identity. Perfect. And as part of that you write down a 10-ish something word passphrase that is a recovery sequence for said identity. Perfect. Then some network hiccup happens that disturbs the Element client like some kind of prey animal and it spontaneously logs you out. You log back in, but there are no fields or options visible to use that recovery passphrase to restore your cryptographic identity. Your only option is to reset your identity, which makes all prior chats you have had unreadable. That part at least makes sense but why have this recovery story if it is not tested or usable in the app? This is probably an Element thing but in my research I have not found a client that people say is more robust, though at this point I'm open to trying.
It's also possible that the way most people use this is as a web app, which is to be fair more robust. It does seem worse from a security point of view to have one central web server dealing in most of your users plain text, though. At that point, why not use Mattermost? I guess they're even more hostile to their users/customers, for some reason.
Finally, there's the server ecosystem. The thing that is frustrating to me here is the interplay between Synapse, Matrix Authentication Service (MAS), and OIDC. This, as far as I can tell, is all intentionally hostile to drive you into Element's commercial product offering. Which I find especially galling because they won't sell your their commercial offering anyway, so you're going to have to figure it out for yourself. Synapse has some legacy support for OIDC which you are going to need to enable for backwards compatibility. However, for forwards compatibility with Element X, you are going to need MAS. Synapse is a large, mature Python project. MAS is a single Rust binary which is simultaneously a server and CLI to do user management. You'll need both configured against your OIDC provider. Why didn't the new OIDC features just get integrated into Synapse?
I think that a lot of this is an outcome of the fact that Element is very literally in a "the old world is dying and the new world struggles to be born" situation at this time. I do have a lot of sympathy for being in the position of having huge companies - especially companies as annoying as IT outsourcing and integration - make a line of business out of configuring and installing your open source software. However, I have to say, having spent some of my professional life now also configuring and installing this open source software, I understand why those IT outsourcing companies have a moat. If the open source software was easier to install and use, perhaps those companies would have less of a moat. It seems to me that at least some of the story from Element is that if they make the ecosystem harder to use and understand, then people will take their money and the business will survive. However, in my experience, they won't take your money anyway.
reply