Cool! I’ve recently consolidated all of my Google Chat and WhatsApp friends onto Matrix (via Element) because it’s E2EE. Gchat isn’t and I assume that Meta has a backdoor into WhatsApp conversations. So, those platforms can’t be trusted. Signal doesn’t have a web interface, so that’s a no-go for me. lol Telegram.
Matrix has been great for me and I recommend that everyone else use it!
> I assume that Meta has a backdoor into WhatsApp conversations
They don't need a back door when they control the front door: the app. End-to-end encryption doesn't protect the endpoints.
(In other words, your concern is warranted.)
Self-hosted Matrix with all the bridges is awesome and brings back that Pidgin/Adium life of one chat app for all of my friends. Too bad Apple has an uncanny ability to avoid consequences with iMessage.
Signal doesn't have a web interface, but being able to use a desktop app is OK for me.
The big downside for me is not being able to use it on two devices. All the other services, privacy concerns or not can now do this. It's one reason why I stopped donating to / advocating for signal.
You mean you access all these on Matrix/Element via the bridge? Or you actually mean you convinced all of them to ditch their chat apps and migrate to Matrix, or at least install Element as well in addition to the other ones? It’s a feat if it’s the latter without or without ditching. Is this a very privacy conscious demographic?
Wasn't there a big falling out between the Matrix team and Element or am I misremembering what happened?
There are ways to get web interfaces for Signal.
But I think the bigger issue is that any platform that controls the javascript sent to you from a web page, can also backdoor/MITM/inject malicious code at any time without you knowing.
[deleted]
For me the issue was contact names tbh. Is that solved? It used to be that the contact name was set by the contact and not by me/my address book.
You should not use it ! Xmpp is the answer with its few issues and matrix requires hell of system resources as well.
>lol Telegram
Did I miss something? what's wrong with telegram?
I set firefox to clear cookies, also using cookies to "strict"
This somehow causes a huge pain to connect to mozilla's matrix instance, and I never understood why. This is a bit ironic since firefox has that feature to clear cookies.
I had to reset password, and do other weird things, I can't remember what exactly.
I hope this MAS thing fixes it.
So unusable for people like me who only surf in private mode
Putting tracking protection to strict essentially makes Firefox violate certain web standards. Developers aren't going to test against that, and if they are they're probably not going to be able to do much about the problems strict tracking protection causes.
If MAS fixes this, it'll be by accident and it'll probably break in the future. Firefox warns against this kind of breakage if you enable strict tracking protection in the settings. You can't have strict tracking protection + websites doing cross-domain authentication working.
I mean, yeah, tracking prevention features basically completely break cross-domain authentication. There are a surprising number of valid use cases that need cross-domain auth (or make the user experience a lot easier). While there are workarounds these days, sometimes it does require deep changes in how auth works
I vaguely remember an old MSC or TWIM or something that described (the possibility of) a new authentication mechanism whereby I could set up either a dummy homeserver or something in .well_known that would allow me to use my own domain but without needing to use my own homeserver for the actual traffic. Sort of like an auth-only homeserver, if you will.
Is that part of MAS? Was that initiative ever fully-baked? Or am I just misremembering?
Afaik that's not related to this, that was already possible as a domain alias. I think that feature is called a delegation if I remember correctly.
Love matrix. Improving the onboarding is a great step. I've seen less technical people have issues in that area until now.
Mostly a desktop/web user myself, hoping all that Element X work will trickle down to us.
* Is all matrix.org's server-side for this open source, and able to be self-hosted?
* Do all the Matrix clients need to be modified to support this authentication method?
> No more typing your password in every client you’d like to log in to.
So. . . how will we log in? This post is heavy on vague promises of greatness but light on concrete details of UX.
This sounds great for large and corporate servers, but a pain for small self-hosted ones. More configuration and external dependencies. Plus additional confusion for non-techy users on those smaller servers.
Congrats to Quentin and all the other contributors to this project.
I quickly looked at the MSCs and seems “MAS” and associated MSCs enable OIDC/OAUTH authentication flows (basically integration with your favorite identity provider such as Google or Apple).
I was hoping for matrix homeserver to act as an identity provider as well to give us an alternative to big tech for “identity”.
I suppose I could just setup Ory or other open source IdP, but would have been nice to have an all in one package.
Discord's ongoing enshittification may create a market opportunity for alternatives in the near future. I'd like to think that Matrix could be a beneficiary of that, but the common-case UX needs to be polished damn well when the time comes if they want to capitalize.
So Matrix is the new XMPP?
Does actually exist matrix servers for warez?