75
A giant leap forwards for encryption with MLS
(matrix.org)
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
XMPP can be done mostly well, but achieving that is relatively complicated, and free, reliable, public servers that are likely to stay around for long are few and far between. It has proven too much of a pain for mass adoption without a large sponsor, and those are all gone now. It's not bad for small communities, though, if they have someone well-versed in all the important XEPs maintaining the server and helping people with the clients.
IMHO, Matrix is far better suited to general purpose and large scale messaging. The unprotected metadata is pretty minor, easily avoided if you have a need, and as I recall, on their to-do list. (Also, this article is about a new standard protocol, so criticizing the old one seems a bit off-topic.)
What bothers me is that similar "words of caution" can be had about Matrix: it established itself in the same niche as XMPP, but with a much more convoluted and resource intensive protocol (that many already gave up on hosting at scale due to creeping costs and complexity), with no user benefits for this extra complexity, and with only a single entity (consistently experiencing financing challenges having measurable impacts on the quality of the product) being in charge of developing both the client and the server. That's some big red flags.
I don't believe Matrix to have any edge over XMPP nor any characteristics to make it more successful where XMPP isn't. It is definitely not learning from XMPP's history and consistently repeating the same mistakes. And this is written as someone who was an early XMPP adopter around the turn of the millennium, moved on, and while learning about it, wanted to love Matrix thinking it could be "XMPP, modern, reborn, without the boomer etiquette". Turns out current XMPP is just that and Matrix isn't, and I am happy to self-host XMPP accounts for a few hundred people, family and friends and to no longer have to do it with Matrix.
This is not true. One of the benefits I've enjoyed greatly is being able to point a group of non-techies at a URL and have them up and running, with fully encrypted channels, in less than 5 minutes. Another benefit is chat history across multiple devices. There are more.
Also not true. It's an open protocol with a well-defined process for contributions. The original authors certainly have influence, but I haven't seen any gatekeeping there.
There is no single client or server. There are multiple clients and servers (with varying levels of resource usage) from multiple developers, and the available options continue to expand.
I'll grant that XMPP is a simpler protocol, especially in its minimal form without the various XEPs that are needed to even approach a comparison, but it also doesn't accomplish as much. That's not a "red flag" for Matrix. Also, this article is specifically about a new protocol.
Yes, your case is an example of a small community with an informed and involved admin, which I pointed out in my original comment. XMPP can make sense there (I've done it too) but it's a niche within a niche. It doesn't address the problems that Matrix solves.
I was talking about the protocol's complexity, Matrix is indeed notorious for that (you can lookup "Matrix state resolution" if you want to know more). That's not removing anything from the good work they've accomplished on the client-side, which you've highlighted, but just to be fair to XMPP, that's not unique to Matrix and you can find something comparable e.g. here: https://jabberfr.org/
It's true and easily verifiable in practice, just check-out who's doing the work, who's operating the network (still very centralized), who's operating the gateways/bridges, and where the finances are going. Being an open protocol is a good start, but more important is how diverse is the ecosystem of client and server implementations and actors, and although the client-side has seen some diversification in the recent years, it's still very much an issue. New Vector Ltd is failing in one area, and now tens of thousands of users are disconnected from thousands of rooms. Now, compare that with the XMPP ecosystem, and the dozens of companies, individuals and NGOs contributing/sponsoring and authoring the protocol and its implementations.
There is only one client that's fully featured, and it's element, there's only one server that's mature and that's synapse, none are fully spec-compliant, both are maintained by New Vector Ltd. You don't encounter such a rift between "the reference client" vs "the rest" in the XMPP world, and you don't see situations where the spec is updated "best-effort" from the implementation.
What do you think are the problems that Matrix solve, essentially?
It won't ever become a "messenger for the masses", it's just not that good compared to WhatsApp and Messenger.
It won't ever become the reference "open-source, open-protocol" messenger, Signal is there to stay.
Remains the niche of "the messenger that I self-host because I can" which is shared with XMPP.
In this regard, Matrix is much harder and costlier to run. It addresses the same problem space with more overhead and complexity, which costs them in terms of diversity of implementation and resilience. When I wrote earlier about large users dropping them, I had in mind the French government which cut their losses and stopped subsidizing New Vector Ltd, while much larger XMPP instances comfortably run millions of users privately and quietly (in things like online games).
I also have in mind the upcoming "Matrix 2.0" shake-up, which is the 3rd or 4th reboot of the Matrix protocol. It has a good chance of being the last one, though, because the new design basically starts from the realization that "the protocol is too complex, the client can't efficiently deal with that on the user's device, so clients will now run remotely, and a dumb frontend will connect to the proxy". So, expect even greater self-hosting costs and marginalization.