Is Matrix cooked?
Technology
52
Beiträge
26
Kommentatoren
0
Aufrufe
-
uh, no? on smartphones, yes, but not on computers.
That's not true. Most operating systems at least have filesystem permissions, and on a lot of Linux distros you additionally get AppArmor or PolKit to further restrict what files a program can read/write.
Most operating systems at least have filesystem permissions,
which limits access between files of different users, but does not prevent the zoom app to read your documents, or the cracked game you torrented to read the passwords from your web browser.
and on a lot of Linux distros you additionally get AppArmor or PolKit to further restrict what files a program can read/write
on lot of linux distributions where apparmor is active, most processes are unconfined, or at best still have broad access, because the distribution does not ship apparmor profiles for each executable that a user may run.
same with polkit, except that it's use case is not about defining additional limitations, but about defining what is allowed, to build upon other security systems. so to define whe n to prompt the user permission, whether to ask for a password or just a yes-no question, or whether to just allow something that would otherwise be disallowed if polkit was not in place.
Additionally, on a lot of linux distributions, umask is set by default so that new files are world readable, and so users can read most of each others files.
this is also at least the 3rd instance I ask this week, but are we really assuming that the common internet user is using linux? what is the case with other operating systems, like windows? yeah users can't read each others profile directory by default, but nothing prevents program A from reading something written by program B when both are running with the privileges of your user account
so, sorry but to me it seems that
- on linux it is possible, but in lots of common cases access is not limited
- on windows it is not possible, without involving probably enterprise level software
-
I mentioned Linux specifically because something like this is the hardest to set up on Linux. I (wrongly) assumed that since you were complaining about it not existing, you were on a platform where setting these permissions up isn't straightforward. App-specific file-acess permissions are on MacOS out of the box as a configurable setting for all applications (in the system settings menu), and I'm pretty sure Windows 10/11 has something similar in its settings menu as well.
Edit:
Also, if we're being pedantic, this is also a setting on both Android and iOS, with Android displaying the option to change access pretty much every time you pick out a file.App-specific file-acess permissions are on MacOS out of the box as a configurable setting for all applications (in the system settings menu), and I'm pretty sure Windows 10/11 has something similar in its settings menu as well.
I don't know about macos, but I doubt that it applies to software that was obtained outside of their app store.
on windows however, those settings only apply to UWP apps. not .exe and .bat and .msi and .ps programs, but .appx packages that you can install from the Microsoft Store. and installing something from the Microsoft Store does not mean that it'll be sandboxed, lots of regular .exe programs are also distributed there.
Also, if we're being pedantic, this is also a setting on both Android and iOS, with Android displaying the option to change access pretty much every time you pick out a file.
those are mobile operating systems, they have been designed with this in mind from the beginning. General purpose desktop computers are very different though, for better or worse. and, as I know, desktop computer users are still not a small minority
-
but even just your chats on the phone
This is gibberish.
when you say I'm wrong I have to pull the reason out of you with pincers.
You don't. I've given it to you in plain English.
yeah, evaluate what it does at the time of the audit
...yes? They've also had several third-party professional audits.
This is gibberish.
I don't know what this means. you could have just said "fuck you", plainly, and it wouldn't have made less sense.
-
This is gibberish.
I don't know what this means. you could have just said "fuck you", plainly, and it wouldn't have made less sense.
you could have just said "fuck you", plainly
I certainly could have and would have if that's what I wanted to say.
-
I mentioned Linux specifically because something like this is the hardest to set up on Linux. I (wrongly) assumed that since you were complaining about it not existing, you were on a platform where setting these permissions up isn't straightforward. App-specific file-acess permissions are on MacOS out of the box as a configurable setting for all applications (in the system settings menu), and I'm pretty sure Windows 10/11 has something similar in its settings menu as well.
Edit:
Also, if we're being pedantic, this is also a setting on both Android and iOS, with Android displaying the option to change access pretty much every time you pick out a file.this is also a setting on both Android and iOS, with Android displaying the option to change access pretty much every time you pick out a file.
For photos at the very least, it's the same on iOS. Haven't tested with files. But anytime I needed to send people photos over FB Messenger, I'd add access to that one specific photo and nothing more. Until I got tired of it and added all photos. Oh well.
-
Also there are not many competitors to Matrix. Just XMPP for the most part.
SimpleX and Signal are not good at supporting chat rooms with large amounts of people. Telegram does it okay but isn’t decentralized.Telegram also don't have E2E encryption on groups
-
App-specific file-acess permissions are on MacOS out of the box as a configurable setting for all applications (in the system settings menu), and I'm pretty sure Windows 10/11 has something similar in its settings menu as well.
I don't know about macos, but I doubt that it applies to software that was obtained outside of their app store.
on windows however, those settings only apply to UWP apps. not .exe and .bat and .msi and .ps programs, but .appx packages that you can install from the Microsoft Store. and installing something from the Microsoft Store does not mean that it'll be sandboxed, lots of regular .exe programs are also distributed there.
Also, if we're being pedantic, this is also a setting on both Android and iOS, with Android displaying the option to change access pretty much every time you pick out a file.
those are mobile operating systems, they have been designed with this in mind from the beginning. General purpose desktop computers are very different though, for better or worse. and, as I know, desktop computer users are still not a small minority
Didn't know it only applied to UWP apps on Windows. That does seem like a pretty big problem then.
I don't still have a Mac readily available to test with but afaik it is any application that uses Apple's packaging format. It could also be that it needs to be in the "Applications" folder, but I'm almost certain it isn't an App Store exclusive feature.
-
Sidenote, the modern web is so fucked because how am I supposed to teach a kid that I would trust the random website "paper.wtf" I have never seen before with literally "meow" randomly above their article MORE than businessinsider.com which is like at the top of every search result
The most skibidiest of websites is also the most trustworthy.
-
In today's episode of Kill The Messenger, Matrix co-founder Matthew Hodgson reveals how full of bullshit is the writer of the original article.
The messages were published in the Office of the Matrix.org Foundation room: https://matrix.to/#%2F!sWpnrYUMmaBrlqfRdn%3Amatrix.org%2F%24XpQe-vmtB7j0Uy1TPCvMVCSCW63Xxw_jwy3fflw7EMQ%3Fvia=matrix.org&via=element.io
https://paper.wf/alexia/matrix-is-cooked is fascinatingly incorrect
Until the 6th of November 2023 when they—in their words—moved to a different repository and to the AGPL license. In reality, the Foundation did not know this was coming, and a huge support net was pulled away under their feet.
fwiw, the Foundation had a front-row seat in the fact that Element (as incorporated by the folks who created Matrix) had donated $$M to the Foundation over the years, but wasn't going to survive if it kept giving all its work away as apache-licensed code - which in turn would have been catastrophic for the Foundation.
Yes, the high expenses for the Matrix.org homeserver are largely because they are still managed by Element, just not as donated work but instead like with any other customer.
nope, Element passes the hardware costs (and a fraction of the people costs) of running the matrix.org server to the Foundation without any overheads or markup at all.
Either way it shows that Element is seemingly cashing in on selling ,Matrix to governments and B2B as a SaaS solution without it going back to the foundation
Element has literally put tens of millions into the foundation, and is continuing to do so - while some of the costs get passed to the Foundation, Element donates a bunch too (e.g. by funding a large chunk of the Matrix conference as the anchor sponsor, and by donating time all over the place to help support trust & safety etc)
At the same time I can't help but think that this could have been prevented. Even Matthew himself recognizes that putting the future on Matrix on the line with VC funding and alike was not the best idea for the health of Matrix.
No, even Matthew knows that Matrix would never have been funded without routing the VC funding from Element into... building Matrix. We tried to fund it originally purely as a non-profit, but failed (just as it's a nightmare to raise non-profit for the Foundation today even now that Matrix exists and is successful!). If you need to raise serious $ for an ambitious project, you either need to get lucky with a billionaire (as Signal did with Brian Acton) or you have to raise on the for-profit side. Perhaps it would have have been best for Matrix to grow organically, but I suspect that if it did, it would have failed miserably - instead, it succeeded because we already had a team of ~12 people who could crack on and jump-start it if they could work on it as their dayjob; the team who subsequently founded Element.
Ultimately, for-profit companies will do what makes them profit, not what's the best option. Unless the best option happens to coincide with making the most profit.
No, Element is not profitable. Nor is it trying to maximise profit. Right now it's trying to survive and get sustainable and profit-neutral (i.e. break-even) - while doing everything it can to help keep Matrix healthy and successful too (given if Matrix fails, Element fails too).
Unfortunately, supporting the foundation through anything more than “in spirit” and a platinum membership is out of their budget, apparently. I think that morally they owe a lot more than that.
wow.
the FUD level is absolutely astonishing, and I really wonder what the genesis of this is
so, absolutely, spectacularly, depressing
this, my friends, is why we can't have nice things.
In response to an other person suggesting that the publisher is also known as a reasonable person on the platform:
Interesting, the matrix handle that seems behind this blog seems always to have been quite a reasonable person
somewhat why i’m wondering what the backstory is, and whether this is an unfortunate example of spicy lies outpacing the boring truth
You know the system is fucked when people who seek to maximize profit for themselves while making everyone else's life worse is rewarded, whereas projects like Matrix, which is clearly a public good that benefits the society, struggles to get funding.
-
it's ... not ... a simple messenger, if that helps?
What is it then? A complicated messenger?
