Post · bonfire.cafe

Post

@ferret Idk, the standard could intentionally configure your communications in a way that is more easily monitored via some other pathway the attacker controls. There's also the issue of people relying on reference implementations that may have some less subtle designed flaw.

Comrade Ferret

@ferret@hub.workersofthe.world replied · 2 days ago

@ Charlotte Aten That's the value of open source. People have noticed security issues in the protocol, and they've been patched.

Charlotte Aten

@caten@mathstodon.xyz replied · 2 days ago

@ferret I guess I just can't bring myself to trust my communications to a system that was made by people who were investigated for spying on the US for Israel. I hope that I'm just being paranoid, but it can't hurt to be careful these days.

Debacle

@debacle@framapiaf.org replied · yesterday

@caten @ferret @anolandria

Just because we're paranoid, it doesn't mean they're not after us 🙂

I'm personally not paranoid about Matrix, but still prefer #Jabber. Partially because the former is more or less dominated by a single vendor. Also, because #XMPP is more lightweight. Anyway, whatever is free and federated, is fine with me.

Gonzalo Nemmi :runbsd:

@gnemmi@mastodon.sdf.org replied · 23 hours ago

@ferret are we sure that it's an open standard?

I was under the impression that Matrix was an "open protocol" for decentralised, secure communications "that provided a set of open APIs" for decentralised communication.

Unlike #XMPP which is an actual open #IETF standard with multiple implementations in the form of clients, servers, server components, and code libraries.

@debacle @caten

The Matrix.org Foundation

@matrix@mastodon.matrix.org replied · 20 hours ago

@gnemmi @ferret @debacle @caten yup, Matrix is an open standard, despite not being from IETF. Just as XSF is a SDO, so is The Matrix.org Foundation: you can read the open standards process at https://spec.matrix.org/proposals/ and see the wide range of MSCs from many different independent implementors and developers. Gentle reminder that the enemy is centralised surveillance capitalism, not other open source projects… :/

Matrix Specification

Spec Change Proposals

If you are interested in submitting a change to the Matrix Specification, please take note of the following guidelines. Most changes to the Specification require a formal proposal. Bug fixes, typos, and clarifications to existing behaviour do not need proposals - see the contributing guide for more information on what does and does not need a proposal. The proposal process involves some technical writing, having it reviewed by everyone, having the proposal being accepted, then actually having your ideas implemented as committed changes to the Specification repository.

Gonzalo Nemmi :runbsd:

@gnemmi@mastodon.sdf.org replied · 20 hours ago

@matrix let's get this clear and right out of the way: I personally never saw an enemy on you. My whole point was dead simple: IETF or not. And that was it. No ulterior motives nor hidden agenda on my part. And I absolutely agree with you in that the enemy is centralized surveillance capitalism, not other open source projects.

Feel free to carefully review all my toots and confirm that I never opposed Matrix being listed as an alternative.

@ferret @debacle @caten

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.1-beta.35 no JS en

Automatic federation enabled