In today’s episode of Kill The Messenger, Matrix co-founder Matthew Hodgson reveals how full of bullshit is the writer of the original article.
The messages were published in the Office of the Matrix.org Foundation room: https://matrix.to/#%2F!sWpnrYUMmaBrlqfRdn%3Amatrix.org%2F%24XpQe-vmtB7j0Uy1TPCvMVCSCW63Xxw_jwy3fflw7EMQ%3Fvia=matrix.org&via=element.io
https://paper.wf/alexia/matrix-is-cooked is fascinatingly incorrect
Until the 6th of November 2023 when they—in their words—moved to a different repository and to the AGPL license. In reality, the Foundation did not know this was coming, and a huge support net was pulled away under their feet.
fwiw, the Foundation had a front-row seat in the fact that Element (as incorporated by the folks who created Matrix) had donated $$M to the Foundation over the years, but wasn’t going to survive if it kept giving all its work away as apache-licensed code - which in turn would have been catastrophic for the Foundation.
Yes, the high expenses for the Matrix.org homeserver are largely because they are still managed by Element, just not as donated work but instead like with any other customer.
nope, Element passes the hardware costs (and a fraction of the people costs) of running the matrix.org server to the Foundation without any overheads or markup at all.
Either way it shows that Element is seemingly cashing in on selling ,Matrix to governments and B2B as a SaaS solution without it going back to the foundation
Element has literally put tens of millions into the foundation, and is continuing to do so - while some of the costs get passed to the Foundation, Element donates a bunch too (e.g. by funding a large chunk of the Matrix conference as the anchor sponsor, and by donating time all over the place to help support trust & safety etc)
At the same time I can’t help but think that this could have been prevented. Even Matthew himself recognizes that putting the future on Matrix on the line with VC funding and alike was not the best idea for the health of Matrix.
No, even Matthew knows that Matrix would never have been funded without routing the VC funding from Element into… building Matrix. We tried to fund it originally purely as a non-profit, but failed (just as it’s a nightmare to raise non-profit for the Foundation today even now that Matrix exists and is successful!). If you need to raise serious $ for an ambitious project, you either need to get lucky with a billionaire (as Signal did with Brian Acton) or you have to raise on the for-profit side. Perhaps it would have have been best for Matrix to grow organically, but I suspect that if it did, it would have failed miserably - instead, it succeeded because we already had a team of ~12 people who could crack on and jump-start it if they could work on it as their dayjob; the team who subsequently founded Element.
Ultimately, for-profit companies will do what makes them profit, not what’s the best option. Unless the best option happens to coincide with making the most profit.
No, Element is not profitable. Nor is it trying to maximise profit. Right now it’s trying to survive and get sustainable and profit-neutral (i.e. break-even) - while doing everything it can to help keep Matrix healthy and successful too (given if Matrix fails, Element fails too).
Unfortunately, supporting the foundation through anything more than “in spirit” and a platinum membership is out of their budget, apparently. I think that morally they owe a lot more than that.
wow.
the FUD level is absolutely astonishing, and I really wonder what the genesis of this is
so, absolutely, spectacularly, depressing
this, my friends, is why we can’t have nice things.
In response to an other person suggesting that the publisher is also known as a reasonable person on the platform:
Interesting, the matrix handle that seems behind this blog seems always to have been quite a reasonable person
somewhat why i’m wondering what the backstory is, and whether this is an unfortunate example of spicy lies outpacing the boring truth
Why would you think a chat app has full write access to your disk?
Because any programs have that access??
Again, no.
how are programs denied that access? how is it that they can’t do that?
with the computers that I know, if I download a program, that’ll be able to read, and also modify all the files that I have access to. this includes the ability to read the saved passwords from my browser, and to install browser addons without my consent or knowledge.
what makes it so that it cannot happen on mainstream desktop computers?
Apps are typically given their own dedicated storage volume, and access to any other part of the filesystem requires permission from the user.
WTF kind of computers are you using?
uh, no? on smartphones, yes, but not on computers.
and even on smartphones. the chat app does have access to your messages, as I originally said
desktop… computers? you probably heard about operating systems, like windows, and linux…
That’s not true. Most operating systems at least have filesystem permissions, and on a lot of Linux distros you additionally get AppArmor or PolKit to further restrict what files a program can read/write.
which limits access between files of different users, but does not prevent the zoom app to read your documents, or the cracked game you torrented to read the passwords from your web browser.
on lot of linux distributions where apparmor is active, most processes are unconfined, or at best still have broad access, because the distribution does not ship apparmor profiles for each executable that a user may run.
same with polkit, except that it’s use case is not about defining additional limitations, but about defining what is allowed, to build upon other security systems. so to define whe n to prompt the user permission, whether to ask for a password or just a yes-no question, or whether to just allow something that would otherwise be disallowed if polkit was not in place.
Additionally, on a lot of linux distributions, umask is set by default so that new files are world readable, and so users can read most of each others files.
this is also at least the 3rd instance I ask this week, but are we really assuming that the common internet user is using linux? what is the case with other operating systems, like windows? yeah users can’t read each others profile directory by default, but nothing prevents program A from reading something written by program B when both are running with the privileges of your user account
so, sorry but to me it seems that
Uh, yes.
What you originally said was gibberish, but I digress. The chat app is open source, so you can evaluate what it’s doing with those messages for yourself.
I don’t agree, and additionally when you say I’m wrong I have to pull the reason out of you with pincers.
yeah, evaluate what it does at the time of the audit.
This is gibberish.
You don’t. I’ve given it to you in plain English.
…yes? They’ve also had several third-party professional audits.
I don’t agree, and additionally when you say I’m wrong I have to pull the reason out of you with pincers.
yeah, evaluate what it does at the time of the audit.
Not sure what platform you’re on but on Linux flatpak can limit access to files, and things like AppArmor can do that for any native app as well (though it can be pretty tedious to configure)
on linux. flatpak. now, how mainstream is that setup exactly? are you saying that the issue I brought up does not apply to most of the people on the internet?
it does not matter what platform I’m on. what matters is what do most people use. in the world where I live, most people use the windows operating system. there is no such protection at all. except when accounting for sandboxie and other obscure programs virtually no one knows about
I mentioned Linux specifically because something like this is the hardest to set up on Linux. I (wrongly) assumed that since you were complaining about it not existing, you were on a platform where setting these permissions up isn’t straightforward. App-specific file-acess permissions are on MacOS out of the box as a configurable setting for all applications (in the system settings menu), and I’m pretty sure Windows 10/11 has something similar in its settings menu as well.
Edit: Also, if we’re being pedantic, this is also a setting on both Android and iOS, with Android displaying the option to change access pretty much every time you pick out a file.
For photos at the very least, it’s the same on iOS. Haven’t tested with files. But anytime I needed to send people photos over FB Messenger, I’d add access to that one specific photo and nothing more. Until I got tired of it and added all photos. Oh well.
I don’t know about macos, but I doubt that it applies to software that was obtained outside of their app store.
on windows however, those settings only apply to UWP apps. not .exe and .bat and .msi and .ps programs, but .appx packages that you can install from the Microsoft Store. and installing something from the Microsoft Store does not mean that it’ll be sandboxed, lots of regular .exe programs are also distributed there.
those are mobile operating systems, they have been designed with this in mind from the beginning. General purpose desktop computers are very different though, for better or worse. and, as I know, desktop computer users are still not a small minority
Didn’t know it only applied to UWP apps on Windows. That does seem like a pretty big problem then.
I don’t still have a Mac readily available to test with but afaik it is any application that uses Apple’s packaging format. It could also be that it needs to be in the “Applications” folder, but I’m almost certain it isn’t an App Store exclusive feature.