20. "ask someone else’s homeserver to replicate media" -> also fixed by authenticated media
21. "media uploads are unverified by default" - for E2EE this is very much a feature; running file transfers through an antivirus scanner would break E2EE. (Some enterprisey clients like Element Pro do offer scanning at download, but you typically wouldn't want to do it at upload given by the time people download the AV defs might be stale). For non-encrypted media, content can and is scanned on upload - e.g. by https://github.com/matrix-org/synapse-spamcheck-badlist
22. "all it takes is for one of your users to request media from an undesirable room for your homeserver to also serve up copies of it" - yes, this is true. similarly, if you host an IMAP server for your friends, and one of them gets spammed with illegal content, it unfortunately becomes your problem.
In terms of "invisible events in rooms can somehow download abusive content onto servers and clients" - I'm not aware of how that would work. Clients obviously download media when users try to view it; if the event is invisible then the client won't try to render it and won't try to download the media.
Nowadays many clients hide media in public rooms, so you have to manually click on the blurhash to download the file to your server anyway.
> isn't Matrix based out of the UK and primary hosted instances on AWS in the UK?
It doesn't matter what country you run your server in or where your company is based; if you're providing public signup to a chat server then the countries (UK, AU, NZ etc) which require age verification will object if you don't age verify the users from those countries. (This is why Discord is doing it, despite being US HQ'd). In other words, the fact that The Matrix.org Foundation happens to be UK HQ'd doesn't affect the situation particularly.
(Edit: also, as others have pointed out, Matrix is a protocol, not a service or a product. The Matrix Foundation is effectively a standards body which happens to run the matrix.org server instance, but the jurisdiction that the standards body is incorporated in makes little difference - just like IETF being US-based doesn't mean the Internet is actually controlled by the US govt).
> Their solution is for everyone to pay for Matrix with a credit card to verify age.
Verifying users in affected countries based on owning a credit card is one solution we're proposing; suspect there will be other ways to do so too. However: this would only apply on the matrix.org server instance. Meanwhile, there are 23,306 other servers currently federating with matrix.org (out of a total of 156,055) - and those other servers, if they provide public signup, can figure out how to solve the problem in their own way.
Also, the current plan on the matrix.org server is to only verify users who are in affected countries (as opposed to try to verify the whole userbase as Discord is).
> It doesn't matter what country you run your server in or where your company is based; if you're providing public signup to a chat server then the countries (UK, AU, NZ etc) which require age verification will object if you don't age verify the users from those countries. (This is why Discord is doing it, despite being US HQ'd).
Whether it matters depends very much on what sort of organization you are.
Discord is a multinational for-profit corporation planning an IPO. It takes payments from users in those countries, likely partners with companies in those countries, and likely wants to sell stock to investors in those countries. Every one of those countries has the ability to punish Discord if it does not obey their laws, even if it does not have a physical presence there.
The situation is likely quite different for most of the 23,306 Matrix servers that federate widely. The worst thing Australia, for example could do to one of their operators is make it legally hazardous for them to visit Australia.
It does not actually need to be configured in a federated state and frankly scales better when it's not. The login can be tied to anything or use it's own. From a modern SAML SSO to an old school forum.
You can run one for a few friends and it scales just as well as a private discord for a few friends. Just need persistent storage for media uploads if people are sharing video a lot.
The internet was built on noncompliance with laws. The hens are coming home to roost that is all. Sovereign countries can only let social media and tech companies poison their societies so much before it becomes a real threat to the nation.
It was all fun and games while it was a few geeks and early adopters having (mostly) fun. Now it is corporations making billions while destroying the mental health and productivity of their "users".
Did you mean ~15,000 servers and ~2000 federating? Because those are the numbers on etke.cc's matrixrooms.info (still really good in my opinion and keeps going up over the weeks), but I can't find your numbers anywhere! Would be great to have a source to point to if that's actually the case!
The stats of the matrixrooms.info instance is what matrixrooms.info instance sees - it is not whole Matrix Federation. Here is the documentation in the MRS repo about that endpoint: https://github.com/etkecc/mrs/blob/main/docs/stats.md
Also, at the moment of writing, there are ~15k *federated* online servers visible by matrixrooms.info, and from them, ~4k servers publish their rooms directories over federation ("indexable").
> (This is why Discord is doing it, despite being US HQ'd)
Right, but also the US isn't far behind on the same legislation wave. It's a lot less likely to be US federally regulated in the same way that the EU is debating EU-wide legislation, but a handful of US States have a version of this legislation already on the books and about to be enforced, or considered about to be on the books (some of which like South Carolina's partially passed bill written to be enforceable Day 1 with no grace period).
(Tangential to your comment but apropos of the Discord news...)
Have any of the Matrix/Element teams seriously considered taking advantage of current events by offering a gamer-focused class of premium account, for Discord refugees who want to redirect their Nitro budgets to fund Matrix gaming features? (Perhaps on a separate homeserver, to avoid the lag during times when matrix.org is overloaded.)
If it were positioned as Patreon-style crowdfunding rather than selling a finished product, and expectations were set appropriately, I wonder if it could end up a nontrivial source of income with which to develop features that Matrix deserves but corporate/government customers won't pay for.
The idea of crowdfunding Discordish features for Matrix from disaffected Discorders (e.g. using the premium acct system we've built for matrix.org) has come up a bunch.
The problem is more that Element team is seriously stretched (particularly after the various misadventures outlined here: https://youtu.be/lkCKhP1jxdk?t=740) - so even if there was a pot of money to (say) merge custom emoji PRs... the team is more than overloaded already with commitments to folks like NATO and the UN. Meanwhile, onboarding new folks and figuring out how to do the Discordy features and launch a separately Discordy app under a Discordy server would also be a major distraction from ensuring Element gets sustainable by selling govtech messaging solutions.
So, we're caught in a catch-22 for now. One solution would be for other projects to build Discordy solutions on top of Matrix (like Cinny or Commet), or fork Element to be more Discordy (and run their own crowdfunders, perhaps in conjunction with The Matrix Foundation). Otherwise, we have to wait for Element to get sustainable via govtech work so it can eventually think about diversifying back into consumer apps.
I appreciate that answer, it makes sense that it is based on the country. What I'm hoping to avoid is having to give my actual identity to all services on the internet. It will just allow terrible monitoring and oversight that isn't helpful for democracy. I don't trust the current us administration to know everything I say, everything I do, I don't really trust any government to have that power (and I want to stop crime and abuse..). I like some privacy. We are heading to that already with the Texas and Florida age requirements on the internet today.
This matrix discussion here is missing the point - many people don't want ubiquitous tracking of everything we do on the internet. You and matrix are seemingly not honestly addressing that point, because matrix doesn't seem different discord (in the requirements).
The difference with Discord is that Matrix is a protocol, not a service. It's made up of thousands of servers run by different people in different countries. Public instances may choose to verify users in affected countries to abide by the law; others may choose to run a private instance instead.
...and while we have no choice but implement it on the matrix.org instance, other folks running their own servers are responsible for their own choices.
The devil is in the details on this. The core concern was that libolm (the obsolete C impl of e2ee in Matrix) used crypto primitives which don’t protect from timing attacks.
However, in practice, this was not exploitable: the only way to exercise these primitives was over the network, where network latency and request rate limiting mitigates such attacks.
Meanwhile, we had already rewritten and replaced libolm with vodozemac, a pure rust implementation using robust primitives, shipped in the major Matrix SDKs and implementations like Element and Element X.
I’m not sure this counts as alarmingly cavalier. I do regret libolm ever going into production with substandard primitives from a hygiene perspective, but we fixed it as soon as we could via vodozemac, and meanwhile included the safety warning.
The part that was "alarmingly cavalier" was when you admitted to knowing about these problems for years and not fixing them or telling the ecosystem of competing clients about them so they could mitigate their risk. https://news.ycombinator.com/item?id=41249371
You visibly deprecated Olm after my disclosures went public. When I last checked, only Element and its forks actually use vodozemac, so the rest of the ecosystem which still binds libolm was still vulnerable, and probably still is today.
Matrix should categorically not have any sync issues; this is not normal. Something bad must be happening on the server; what server are you using and how are you running it?
Lol, messages showing up randomly days later is par for the course for our tiny group chat, most of whom are on matrix.org. Sometimes element won't download messages for some rooms (or even all rooms) for days/hours. Matrix has gotten far less reliable over the years (and I used to run a few homeservers).
I was like "oh common, that can't be a real comment, it's obvious to everyone how unstable this still is", then I saw that the comment was from Arathorn.
You know, for half of the time you spend commenting over here to save face (or something), you could work with your users and see their firsthand experience for yourself.
Unencrypted room search should Just Work for unencrypted rooms (it uses postgres FTS under the hood).
Encrypted room search should also Just Work... but only on Element Desktop (which uses tantivy to do clientside search). We are in the process of porting this to Element X (and Element Web), but after an initial spike over the summer we're waiting for either funding or manpower to finish it.
For encrypted rooms it just starts pulling messages down and looking for substrings... but it's actually works pretty well if you don't want to search back to the beginning of time.
We explicitly built Element X to be competitive with Telegram's UX - I'm guessing that the feedback here is on the crusty old Element Classic app, which hasn't been touched for 3 years now, and definitely did feel like a laggy MSN by comparison.
Meanwhile Element X feels really really good - especially on iOS, but also Android has improved loads in the last few months (after tweaking the rustc ARM compilation flags properly, doh)
Thank you for your work. For my money there is literally nothing that free computing needs more right now than a consumer-ready open standard for encrypted IM. Matrix has been the obvious candidate for a decade. Let's get there.
reply