Is Matrix cooked?
Technology
54
Beiträge
27
Kommentatoren
152
Aufrufe
-
deleted by creator
The response is less of a response, more of an explanation of their current feelings pertaining to matrix. Seems odd when Matthew made some clear, individual points that could've been addressed.
-
Why would you think a chat app has full write access to your disk?
Because any programs have that access??
-
deleted by creator
deleted by creator
-
Because any programs have that access??
Again, no.
-
Because any programs have that access??
Not sure what platform you're on but on Linux flatpak can limit access to files, and things like AppArmor can do that for any native app as well (though it can be pretty tedious to configure)
-
Again, no.
how are programs denied that access? how is it that they can't do that?
with the computers that I know, if I download a program, that'll be able to read, and also modify all the files that I have access to. this includes the ability to read the saved passwords from my browser, and to install browser addons without my consent or knowledge.
what makes it so that it cannot happen on mainstream desktop computers?
-
Not sure what platform you're on but on Linux flatpak can limit access to files, and things like AppArmor can do that for any native app as well (though it can be pretty tedious to configure)
on linux. flatpak. now, how mainstream is that setup exactly? are you saying that the issue I brought up does not apply to most of the people on the internet?
it does not matter what platform I'm on. what matters is what do most people use. in the world where I live, most people use the windows operating system. there is no such protection at all. except when accounting for sandboxie and other obscure programs virtually no one knows about
-
how are programs denied that access? how is it that they can't do that?
with the computers that I know, if I download a program, that'll be able to read, and also modify all the files that I have access to. this includes the ability to read the saved passwords from my browser, and to install browser addons without my consent or knowledge.
what makes it so that it cannot happen on mainstream desktop computers?
how are programs denied that access? how is it that they can't do that?
Apps are typically given their own dedicated storage volume, and access to any other part of the filesystem requires permission from the user.
this includes the ability to read the saved passwords from my browser, and to install browser addons without my consent or knowledge.
WTF kind of computers are you using?
-
how are programs denied that access? how is it that they can't do that?
Apps are typically given their own dedicated storage volume, and access to any other part of the filesystem requires permission from the user.
this includes the ability to read the saved passwords from my browser, and to install browser addons without my consent or knowledge.
WTF kind of computers are you using?
Apps are typically given their own dedicated storage volume, and access to any other part of the filesystem requires permission from the user.
uh, no? on smartphones, yes, but not on computers.
and even on smartphones. the chat app does have access to your messages, as I originally said
WTF kind of computers are you using?
desktop.. computers? you probably heard about operating systems, like windows, and linux..
-
Apps are typically given their own dedicated storage volume, and access to any other part of the filesystem requires permission from the user.
uh, no? on smartphones, yes, but not on computers.
and even on smartphones. the chat app does have access to your messages, as I originally said
WTF kind of computers are you using?
desktop.. computers? you probably heard about operating systems, like windows, and linux..
uh, no?
Uh, yes.
the chat app does have access to your messages, as I originally said
What you originally said was gibberish, but I digress. The chat app is open source, so you can evaluate what it's doing with those messages for yourself.
-
Apps are typically given their own dedicated storage volume, and access to any other part of the filesystem requires permission from the user.
uh, no? on smartphones, yes, but not on computers.
and even on smartphones. the chat app does have access to your messages, as I originally said
WTF kind of computers are you using?
desktop.. computers? you probably heard about operating systems, like windows, and linux..
uh, no? on smartphones, yes, but not on computers.
That's not true. Most operating systems at least have filesystem permissions, and on a lot of Linux distros you additionally get AppArmor or PolKit to further restrict what files a program can read/write.
-
on linux. flatpak. now, how mainstream is that setup exactly? are you saying that the issue I brought up does not apply to most of the people on the internet?
it does not matter what platform I'm on. what matters is what do most people use. in the world where I live, most people use the windows operating system. there is no such protection at all. except when accounting for sandboxie and other obscure programs virtually no one knows about
I mentioned Linux specifically because something like this is the hardest to set up on Linux. I (wrongly) assumed that since you were complaining about it not existing, you were on a platform where setting these permissions up isn't straightforward. App-specific file-acess permissions are on MacOS out of the box as a configurable setting for all applications (in the system settings menu), and I'm pretty sure Windows 10/11 has something similar in its settings menu as well.
Edit:
Also, if we're being pedantic, this is also a setting on both Android and iOS, with Android displaying the option to change access pretty much every time you pick out a file. -
Matrix has always been way too bulky for being a simple messenger. Imo their architecture was cooked from the start.
But its not a simple messenger though. If you want something simple, IRC is always available for use.
-
uh, no?
Uh, yes.
the chat app does have access to your messages, as I originally said
What you originally said was gibberish, but I digress. The chat app is open source, so you can evaluate what it's doing with those messages for yourself.
What you originally said was gibberish, but I digress.
I don't agree, and additionally when you say I'm wrong I have to pull the reason out of you with pincers.
The chat app is open source, so you can evaluate what it's doing with those messages for yourself.
yeah, evaluate what it does at the time of the audit.
-
uh, no?
Uh, yes.
the chat app does have access to your messages, as I originally said
What you originally said was gibberish, but I digress. The chat app is open source, so you can evaluate what it's doing with those messages for yourself.
What you originally said was gibberish, but I digress.
I don't agree, and additionally when you say I'm wrong I have to pull the reason out of you with pincers.
The chat app is open source, so you can evaluate what it's doing with those messages for yourself.
yeah, evaluate what it does at the time of the audit.
-
This. I know a lot of folks in the fediverse like Matrix, but the user experience feels like yet another platform that started with the platform architecture, and not the end user’s experience.
Then it gets adopted by a bunch of people who enjoy installing Hannah Montana Linux distros for fun, and no one else.
the new apps are great and they've replaced the hot part of the encryption code with one in rust, for use in all clients. the web ui is still clunky but generally fine
-
What you originally said was gibberish, but I digress.
I don't agree, and additionally when you say I'm wrong I have to pull the reason out of you with pincers.
The chat app is open source, so you can evaluate what it's doing with those messages for yourself.
yeah, evaluate what it does at the time of the audit.
but even just your chats on the phone
This is gibberish.
when you say I'm wrong I have to pull the reason out of you with pincers.
You don't. I've given it to you in plain English.
yeah, evaluate what it does at the time of the audit
...yes? They've also had several third-party professional audits.
-
uh, no? on smartphones, yes, but not on computers.
That's not true. Most operating systems at least have filesystem permissions, and on a lot of Linux distros you additionally get AppArmor or PolKit to further restrict what files a program can read/write.
Most operating systems at least have filesystem permissions,
which limits access between files of different users, but does not prevent the zoom app to read your documents, or the cracked game you torrented to read the passwords from your web browser.
and on a lot of Linux distros you additionally get AppArmor or PolKit to further restrict what files a program can read/write
on lot of linux distributions where apparmor is active, most processes are unconfined, or at best still have broad access, because the distribution does not ship apparmor profiles for each executable that a user may run.
same with polkit, except that it's use case is not about defining additional limitations, but about defining what is allowed, to build upon other security systems. so to define whe n to prompt the user permission, whether to ask for a password or just a yes-no question, or whether to just allow something that would otherwise be disallowed if polkit was not in place.
Additionally, on a lot of linux distributions, umask is set by default so that new files are world readable, and so users can read most of each others files.
this is also at least the 3rd instance I ask this week, but are we really assuming that the common internet user is using linux? what is the case with other operating systems, like windows? yeah users can't read each others profile directory by default, but nothing prevents program A from reading something written by program B when both are running with the privileges of your user account
so, sorry but to me it seems that
- on linux it is possible, but in lots of common cases access is not limited
- on windows it is not possible, without involving probably enterprise level software
-
I mentioned Linux specifically because something like this is the hardest to set up on Linux. I (wrongly) assumed that since you were complaining about it not existing, you were on a platform where setting these permissions up isn't straightforward. App-specific file-acess permissions are on MacOS out of the box as a configurable setting for all applications (in the system settings menu), and I'm pretty sure Windows 10/11 has something similar in its settings menu as well.
Edit:
Also, if we're being pedantic, this is also a setting on both Android and iOS, with Android displaying the option to change access pretty much every time you pick out a file.App-specific file-acess permissions are on MacOS out of the box as a configurable setting for all applications (in the system settings menu), and I'm pretty sure Windows 10/11 has something similar in its settings menu as well.
I don't know about macos, but I doubt that it applies to software that was obtained outside of their app store.
on windows however, those settings only apply to UWP apps. not .exe and .bat and .msi and .ps programs, but .appx packages that you can install from the Microsoft Store. and installing something from the Microsoft Store does not mean that it'll be sandboxed, lots of regular .exe programs are also distributed there.
Also, if we're being pedantic, this is also a setting on both Android and iOS, with Android displaying the option to change access pretty much every time you pick out a file.
those are mobile operating systems, they have been designed with this in mind from the beginning. General purpose desktop computers are very different though, for better or worse. and, as I know, desktop computer users are still not a small minority
-
but even just your chats on the phone
This is gibberish.
when you say I'm wrong I have to pull the reason out of you with pincers.
You don't. I've given it to you in plain English.
yeah, evaluate what it does at the time of the audit
...yes? They've also had several third-party professional audits.
This is gibberish.
I don't know what this means. you could have just said "fuck you", plainly, and it wouldn't have made less sense.
