Hello fellow c/privacy members.
I’m not new to privacy related things but I had a hard time persuading my family members and friends to switch to Matrix/Element. It is a reponse to UK’s Online Security Bill and Investigative Powers Act that may soon in effect.
While it is just a preperation and planning in case those actually became law, I already face resistance from them. When I ask them would they switch, their first reaction is “Why one more app?” then follows with “That’s cumbersome.” or “I don’t want to learn a new app.” and suggest something more popular like Line, Telegram or Discord. Sometimes they would “Install WhatsApp because X is on there and he/she won’t install one more app just for you.”
What can I do to persuade them to use a new platform? Thanks in advance.
EDIT: I think I should elebroate more of what Online Security Bill and Investigative Powers Act does[1]. As far as I understand, OSB will break E2EE by require scanning data on client device, like CSAM but much more generic. IPA requires companies to submit security funcition to the government for approval before releasing, and disable such feature upon request. Apple[2], Single[3] and WhatsApp made the announancment of exiting the UK market totally or partically if two were signed into law.
[1] https://web.archive.org/web/thenextweb.com/news/uk-investigatory-powers-act-default-surveillance-devices-privacy
[2] https://web.archive.org/web/www.forbes.com/sites/emmawoollacott/2023/07/21/apple-threatens-to-pull-facetime-and-imessage-from-the-uk
[3] https://web.archive.org/web/20230809125823/https://www.bbc.co.uk/news/technology-65301510#2023-08-09T12:57:48+00:00
Yeah, what’s with that?
It is always a pain in the ass trying to explain that, but it never seems to get fixed
The biggest issue with matrix is that while the protocol is open and servers and clients can be built around it, the element client and synapse server are developed so quickly that nobody else can dream of keeping up. That is its own kind of vendor lock-in.
Yes, but think about how slow development would be if they weren’t so fast. And even this way they are still very slow.
Even if less and less, there are still dealbreaker years-old encryption issues, like that if someone joins an encrypted room, they won’t get the keys for the old messages even if history visibility is on the most permissive setting.
Actually this is for security reasons, and as I understand encryption would be worthless the other way, as a server admin could add an account to the room which would get all the keys otherwise. A workaround to this (it was standardised recently) is that if you invite them from an element client (their client also needs support for this I think, as they have to use it at least for the initial join), your client will send them all the keys it knows, but I’m not sure if it will make only your past messages visible or all of those that you can see (at the point of invitation, so maybe it’s best to scroll back to the beginning of what you see for it to work best). They are also working on a real solution (they refer to it as the end of the linked proposal), I have seen work on that even this year, but they are working on so much things at the same time that it feels to me they’re getting nowhere.
I often feel that even though alt impls can’t keep up, the organization is still starved for human resources. They need to do a whole lot of things at the same time, and of course that’s not possible, because everyone can work on only so few things at a time.
They were often even bashed for serious mistakes and overlookings resulting from this (like the hackea writup), but it seems entirely plausible to me that in the past because of this lack of resources they just weren’t able to do things properly, and they have problems with admitting that with words even to themselves.
Wow. Thanks for such a fantastic explanation.