Is matrix good to use, seen a lot of drama around it. For example hackliberty.org left it because of lacking of security and moderation, do you still recommended it?
Is matrix good to use, seen a lot of drama around it. For example hackliberty.org left it because of lacking of security and moderation, do you still recommended it?
tbf there is not really a good solution to the ‘ephemeral aspect’ problem
the only way to truly not sync metadata to or btwn servers at all is to use a p2p model, in which you cant send anything if one of the parties is offline
simplex might be a bit better in this regard, but still relies on servers for syncing. at least it doesnt extensively replicate metadata like matrix does though
so it depends on your threat model whether this is a compromise or not
Sure there is: Don’t store everything in a database.
what alternative do you propose for saving messages when the recipient is offline?
This is not either or. You can store things only until the recipient comes online and then delete it (but Matrix specifically doesn’t do this and conceptually can’t due to its design).
sure that is how pop3 does it
but metadata is still replicated to the server, so this does not solve the metadata replication issue
even if you dont explicitly store metadata or encrypt it in some way, the server still necessarily knows stuff like timestamps of when the messages are sent for example.
sure, you can delete it later, but you also have to trust the server to actually do that, and there is no way to guarantee this in any protocol