this post was submitted on 09 Aug 2023
90 points (95.0% liked)

Privacy

32130 readers
559 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Hello fellow c/privacy members.

I'm not new to privacy related things but I had a hard time persuading my family members and friends to switch to Matrix/Element. It is a reponse to UK's Online Security Bill and Investigative Powers Act that may soon in effect.

While it is just a preperation and planning in case those actually became law, I already face resistance from them. When I ask them would they switch, their first reaction is "Why one more app?" then follows with "That's cumbersome." or "I don't want to learn a new app." and suggest something more popular like Line, Telegram or Discord. Sometimes they would "Install WhatsApp because X is on there and he/she won't install one more app just for you."

What can I do to persuade them to use a new platform? Thanks in advance.

EDIT: I think I should elebroate more of what Online Security Bill and Investigative Powers Act does[1]. As far as I understand, OSB will break E2EE by require scanning data on client device, like CSAM but much more generic. IPA requires companies to submit security funcition to the government for approval before releasing, and disable such feature upon request. Apple[2], Single[3] and WhatsApp made the announancment of exiting the UK market totally or partically if two were signed into law.

[1] https://web.archive.org/web/thenextweb.com/news/uk-investigatory-powers-act-default-surveillance-devices-privacy
[2] https://web.archive.org/web/www.forbes.com/sites/emmawoollacott/2023/07/21/apple-threatens-to-pull-facetime-and-imessage-from-the-uk
[3] https://web.archive.org/web/20230809125823/https://www.bbc.co.uk/news/technology-65301510#2023-08-09T12:57:48+00:00

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 1 year ago (1 children)

Not a lot really. Also, until element gets easier key management for encryption i wouldnt suggest it. I understand public/private keys and session verification and still can never restore matrix from backups without it saying "waiting for message" and it never decrypting even though all the keys imported fine. Its a PITA

[–] [email protected] 1 points 1 year ago (1 children)

Yeah, what's with that?

It is always a pain in the ass trying to explain that, but it never seems to get fixed

[–] [email protected] 4 points 1 year ago (1 children)

The biggest issue with matrix is that while the protocol is open and servers and clients can be built around it, the element client and synapse server are developed so quickly that nobody else can dream of keeping up. That is its own kind of vendor lock-in.

[–] [email protected] 1 points 1 year ago (1 children)

Yes, but think about how slow development would be if they weren't so fast. And even this way they are still very slow.

Even if less and less, there are still dealbreaker years-old encryption issues, like that if someone joins an encrypted room, they won't get the keys for the old messages even if history visibility is on the most permissive setting.
Actually this is for security reasons, and as I understand encryption would be worthless the other way, as a server admin could add an account to the room which would get all the keys otherwise. A workaround to this (it was standardised recently) is that if you invite them from an element client (their client also needs support for this I think, as they have to use it at least for the initial join), your client will send them all the keys it knows, but I'm not sure if it will make only your past messages visible or all of those that you can see (at the point of invitation, so maybe it's best to scroll back to the beginning of what you see for it to work best). They are also working on a real solution (they refer to it as the end of the linked proposal), I have seen work on that even this year, but they are working on so much things at the same time that it feels to me they're getting nowhere.

I often feel that even though alt impls can't keep up, the organization is still starved for human resources. They need to do a whole lot of things at the same time, and of course that's not possible, because everyone can work on only so few things at a time.
They were often even bashed for serious mistakes and overlookings resulting from this (like the hackea writup), but it seems entirely plausible to me that in the past because of this lack of resources they just weren't able to do things properly, and they have problems with admitting that with words even to themselves.

[–] [email protected] 1 points 1 year ago

Wow. Thanks for such a fantastic explanation.