Zero trust means there’s no trust assumed on the protocol - I.e. it distrusts all actors and the protocol takes steps to work in that trustless environment. I don’t know how that applies specifically to matrix.
Like I said, I don’t know the inner workings of Matrix. But according to the second guy that isn’t you, Matrix has a new tech stack that is zero trust. Now, there are many ways in which that can be true and I don’t know if what Matrix has right now can indeed be considered dissident-level privacy.
It’s good enough for my threat level (I basically just use it for software support). If I were planning to overthrow a regime, I’d likely go with SimpleX or some other privacy-first messengers.
I was told that unless you self host, matrix is less secure because it leaks more metadata. Something to consider
Leaks more metadata? What does that mean?
sender, recipient, chatroom, what kind of event you sent (message, emoji, reaction, vote), if you responded to a message, room privilege changes, etc
but it’s a question how big of a problem is that. they want to tackle it in the future, but that’s far away for now I think
Damm, didn’t know that, good to know
it’s not even true information, the new tech stack is zero trust
What does this mean?
the new cryptographic protocol protects metadata, like signal. the servers know nothing about any encrypted chats
So the guy above the guy avobe me was wrong?
sorta, the old clients still have bad cryptography and the new client isn’t fully featured yet
Zero trust means there’s no trust assumed on the protocol - I.e. it distrusts all actors and the protocol takes steps to work in that trustless environment. I don’t know how that applies specifically to matrix.
So the guy above the guy avobe me was supposedly wrong?
Like I said, I don’t know the inner workings of Matrix. But according to the second guy that isn’t you, Matrix has a new tech stack that is zero trust. Now, there are many ways in which that can be true and I don’t know if what Matrix has right now can indeed be considered dissident-level privacy.
It’s good enough for my threat level (I basically just use it for software support). If I were planning to overthrow a regime, I’d likely go with SimpleX or some other privacy-first messengers.