Just be mindful decentralization doesn’t inherently mean there is privacy.
openpgp4fpr:588f6e4eabe8c7b552d00fa641911f722b0f9ae3
Just be mindful decentralization doesn’t inherently mean there is privacy.
Seems like a step up from “Covenant Eyes” with weirdo politicians sharing their porn habits with their children.
At this point I have to wonder whether the “Signal is CIA funded” narrative is not just butthurt Russian trolls mad at the fact it’s also used by spies and informants for secure communication.
It’s probably also media’s fault for this. They only publish when a bad person does a bad thing on the internet with it, not all the millions of users who don’t do bad things. That would be boring.
Yes the article is FUD and sloppy. This is what Matthew Hodgson (Arathorn) had to say about it:
Talking of sloppiness, that hackea.org article is a huge steaming pile of FUD about Matrix.
For what it’s worth, the team who came up with Matrix was originally based in two separate startups: one in the UK doing VoIP, one in France doing mobile dev. Both got acquired by Amdocs in 2010, but we ended up forming an independent “incubated startup” first to build telco apps, and then we came up with the idea of Matrix in ~2013. We then built out Matrix until 2017 when Amdocs killed our funding, having run out of patience for what amounted to generous FOSS philanthropy.
We then set up New Vector (now Element) as an entirely independent UK/FR startup, and have received zero funding from Amdocs since. To be crystal clear: Amdocs has zero privileged influence or control over Matrix (or Element, for that matter), and has zero access to the Matrix servers we operate as Element. And besides - the whole point of Matrix is that you can and should run your own servers so you can pick who to trust, even if you don’t trust the project itself.
you have to attach your matrix ID to your phone number
Yes, this is FUD, it’s not necessary, and entirely opt-in. Also you don’t even need to connect to the identity server.
That is the nature of any federated protocol.
E2EE works well enough within rooms and that is likely where private data is to be anyway. As long as you Matrix and assume that everyone can see your Matrix ID and room IDs you’ll be okay.
XMPP isn’t any better in that regard.
Probably another point is that the encryption for Matrix/Element has undergone multiple audits, one in 2016 and another one of their newer rust library. Whereas telegram just has not. There was this also a not too long ago. MTProto is also used nowhere else, whereas a lot of encryption has been influenced by the Double Ratchet which is well understood.
The other thing worth noting is that Matrix is the foundation for other products which many governments use for secure communications.
Keep in mind LocalCDN will make your fingerprint more unique. HTTPS Everywhere is unmaintained and no longer needed… and you certainly don’t need Decentraleyes, thats a duplicate of LocalCDN and is also unmaintained.
Just a reminder, we specifically recommend against Garuda due to their unsafe usage of Chaotic-AUR.
VPNs are still worth it for that purpose, particularly torrenting… Not sure who is saying this but they are wrong.
It is, which is why I’m removing it. You can expect this from CNET, Techradar and bullshit outlets like that.
This is VPN marketing material mouth pieces 101.