Privacy

2779 readers

75 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

Be civil and no prejudice
Don't promote big-tech software
No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
No reposting of news that was already posted
No crypto, blockchain, NFTs
No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 7 months ago

MODERATORS

[email protected]

262

Incredible tweet from signal cofounder. (nitter.net)

submitted 2 months ago* (last edited 2 months ago) by [email protected] to c/[email protected]

27 comments fedilink hide all child comments

There are so many great reasons to be on Signal. Now including the opportunity for the vice president of the United States of America to randomly add you to a group chat for coordination of sensitive military operations. Don’t sleep on this opportunity…

Editing to add the link to the messages: https://archive.is/2025.03.26-131842/https://www.theatlantic.com/politics/archive/2025/03/signal-group-chat-attack-plans-hegseth-goldberg/682176

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 31 points 2 months ago (3 children)

Matrix shares metadata in plaintext with every participating server: who talks to who, when and how often.

[+] [email protected] 14 points 2 months ago* (last edited 1 month ago) (1 children)

[deleted]

[–] [email protected] 14 points 2 months ago* (last edited 2 months ago) (1 children)

https://spec.matrix.org/latest/#room-structure

The content of the messages can be encrypted. Who is in a room and who sent each message is not. See the “shared data” section of the chart.

Encrypting that data would require something like Sealed Sender (like Signal), and that is entirely absent from the spec and any implementation.

Edit: to the people downvoting, this is the literal Matrix spec upon which all the implementations rely. You are asking me to prove the absence of something in it. If you could, point me to the section that comments on the encryption of metadata in the spec. You may not like the answer (I’d love for it to encrypt metadata too!) but that doesn’t change the fact that it doesn’t encrypt metadata at this time.

[–] [email protected] 4 points 2 months ago

yeah, no shit, it's decentralized.

If you don't want that metadata visible then host your own server and require your organization to use only that server, there are settings specifically to enforce this use-case.

the french government uses matrix for communications, it's fine.

[–] [email protected] 4 points 2 months ago

However, unlike Signal, you can exclude external participating servers entirely.

(I heavily prefer XMPP to Matrix tho, even though I host both)