• nooneescapesthelaw@mander.xyz
    link
    fedilink
    arrow-up
    50
    ·
    5 months ago

    I mean i get that matrix is used by bad people, but that doesn’t mean that matrix is bad.

    Any decentralized platform will have this issue with csam, but that doesn’t make ot bad. Matrix is basically what TOR is to browsing the internet, people use TOR for CSAM but that doesn’t make tor bad.

    However he does raise up a big concern and thats that homeserver admins are unable to change what they are hosting which means that they are forced to host CSAM which is a really big issue

    Overall tho, matrix is still a good platform. There’s nothing wrong with government contracts, its all open source. TOR was developed by the us military but that doesn’t make it bad or even less effective

    • refalo@programming.devOP
      link
      fedilink
      arrow-up
      10
      arrow-down
      1
      ·
      edit-2
      5 months ago

      that doesn’t make it bad

      not inherently no. just like computers, the internet, gps, tor etc., all came from government/military funding

      the first digital computer was even created specifically to calculate how to kill people better in the war.

  • mox@lemmy.sdf.org
    link
    fedilink
    arrow-up
    37
    arrow-down
    3
    ·
    5 months ago

    I couldn’t bring myself to watch more than half of this.

    tl;dr: This video is a misleading, sensationalist, bad-fath, hit piece. It’s constructed upon faulty logic, fear of things used or supported by governments, and a single anonymous person’s poorly-reasoned conclusions.

    • refalo@programming.devOP
      link
      fedilink
      arrow-up
      9
      arrow-down
      6
      ·
      5 months ago

      Besides the seeming “government automatically = bad” stance, I found it quite informative and I think sheds a big light on some serious problems with it (and all) federated services (not to mention the privacy/GDPR minefield that federation is) that a lot more people need to know about.

  • TCB13@lemmy.world
    link
    fedilink
    English
    arrow-up
    23
    arrow-down
    5
    ·
    5 months ago

    Matrix is developed by a for profit entity, a group of venture capitalists and having a spec doesn’t mean everything. The way Matrix is designed is to force into jumping through hoops and kind of draw all attention to Matrix itself instead of the end result.

    XMPP is the true and the OG federated and truly open solution that is very extensible. XMPP is tested, reliable, secure and above all a truly open standard and decentralized it just lacks some investment in better mobile clients.

    What people fail to see is that XMPP is the only solution that treats messaging and video like email: just provide an address and the servers and clients will cooperate with each other in order to maintain a conversation. Everything else is just an attempt at yet another vendor lock-in.

    People need to get this through their heads, XMPP is the only solution for their problems.

    Instead of wasting money into making yet another protocol, closed system etc. what about just work on a cross platform XMPP client that actually supports everything and has a decent UI. For eg. iOS clients are all shit. Without decent clients and push notifications people won’t be using XMPP ever.

    • refalo@programming.devOP
      link
      fedilink
      arrow-up
      10
      arrow-down
      5
      ·
      edit-2
      5 months ago

      People need to get this through their heads, XMPP is the only solution for their problems.

      Strongly disagree and this sounds like dangerous FUD to me. For one, there’s comparatively zero users across XMPP anyways, and it has a big problem with compatibility across different software packages. It also does nothing to help the problems stated in the video of massive droves of abusive content and server operators unknowingly hosting copies of it across the world. Then there’s the privacy and GDPR minefields that come with any decentralized/federated service.

      • TCB13@lemmy.world
        link
        fedilink
        English
        arrow-up
        13
        arrow-down
        1
        ·
        5 months ago

        . For one, there’s comparatively zero users across XMPP anyways, and it has a big problem with compatibility across different software packages.

        This isn’t a problem, the problem is that we lack decent clients. XMPP is the most standardized thing ever, both the core thing and extensions are covered by RFCs but currently there isn’t much investment into creating solid clients.

        server operators unknowingly hosting copies of it across the world.

        Well, at least a properly configured XMPP server with the relevant extensions won’t be a metadata clusterfuck like Matrix is. Nor it will be centered around a spec and software made by a single for profit organization.

        Then there’s the privacy and GDPR minefields that come with any decentralized/federated service.

        Email is federated and nobody is complaining about it.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      3
      ·
      5 months ago

      XMPP sucks for me

      If it works for you that’s great but it won’t work for everyone. XMPP lacks coherency and is kind of a mess. Matrix isn’t perfect but at least there is a central direction. It also has companies that provide commercial services which is nice although I wouldn’t trust it in prod right now.

      • TCB13@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        2
        ·
        5 months ago

        XMPP lacks coherency and is kind of a mess.

        Yeah, this is a problem. Cisco used to drive XMPP but right now with MS Teams and whatnot they kinda lost interest.

    • delirious_owl@discuss.online
      link
      fedilink
      arrow-up
      1
      arrow-down
      4
      ·
      5 months ago

      Both XMPP and Matrix support unencrypted communication, which is a huge unacceptable barrier to adoption by many orgs

  • 乇ㄥ乇¢ㄒ尺ㄖ@infosec.pub
    link
    fedilink
    arrow-up
    10
    arrow-down
    2
    ·
    edit-2
    5 months ago

    It’s kinda strange, the guy reached a conclusion that the service is legit hard to control and take down by any government, but was insisting on: BUT… BUT… BUT… trying to stress the negative points, which by the way, they’re way more apparent on other Big tech Platforms, specifically : Discord…

    If you have a centralized server and that server straight out refuses to take measures against abuse ( I’m just gonna say abuse in general and that includes all things: Child abuse, Ra*e, addictive drugs…etc )

    if you as a user notice these things and after you report them nothing happens… Then what ? Wait until a big news outlet notice, then they publish it on their website, and after a week or so, you’ll watch the CEO walk away from court like nothing happened…

    On Matrix, as a user, I can spin up my own server, make my own rules, and make sure stuff like this ( abuse ) doesn’t happen, the point here is that you can’t blame Element Team or Matrix Team for what happens on this system, they just make the software and people deploy it

    the only thing left to blame afterwards is human nature!

    Which brings me to an important question, who is his source ? they must have great control over the network to realize that Matrix ( a huge decentralized network with many servers is a pit of abuse ) !!!

    without a source ? without knowing how they knew what they claimed ? this video is just a conspiracy theory in my view… And having ties to the French government isn’t necessarily a bad thing… ( knowing that the French government spied on it’s citizens, yes )

    I have been using Matrix for years, and never encountered a single instance of abuse… trolls yes… Hentai…yes … but no shady stuff… It’s mostly nerds talking about Computers, Linux and Anime

    • refalo@programming.devOP
      link
      fedilink
      arrow-up
      4
      arrow-down
      2
      ·
      edit-2
      5 months ago

      never encountered a single instance of abuse

      I encounter it literally every single day and I know many others that do too. It’s so bad it makes me want to quit using Matrix altogether. You’re just not in the right (wrong) rooms. The ones that happen to get left unmoderated are always taken over by bad actors, not even talking about the ones (like mentioned in the video) that were deliberately setup to harbor vile content, which is also plentiful unfortunately.

      • 乇ㄥ乇¢ㄒ尺ㄖ@infosec.pub
        link
        fedilink
        arrow-up
        9
        arrow-down
        2
        ·
        edit-2
        5 months ago

        The UI is designed in such a way that it doesn’t expose the user to outside servers ( by default you’re on Matrix.org ) even when you press the discover button you’ll see rooms from the same server.

        the only way for an average user to get exposed to such rooms is by being invited to them by strangers or Bots ( so maybe there should be a way to disable community invites, especially Bot invites )

        Or maybe your client didn’t put much thought into the user journey and let you discover everything, even abstract/shady servers

        Don’t take this the wrong way, but do you lurk on Matrix everyday ? I’m not on the right ( wrong ) rooms because I only take what I need from any service, the Internet can be depressing, so my advice is to be careful

        • refalo@programming.devOP
          link
          fedilink
          arrow-up
          3
          arrow-down
          2
          ·
          5 months ago

          the only way for an average user to get exposed to such rooms

          But there is a growing dissent for matrix.org itself as a homeserver for various reasons, and many people/blogs/posts/etc. online will try to steer users towards alternative “privacy-respecting” or “free-speech/anti-censorship” (aka allowing illegal content) servers, many of which of course host terrible content, so I think more and more people are getting exposed to it and realizing how bad of a problem it is.

          • 乇ㄥ乇¢ㄒ尺ㄖ@infosec.pub
            link
            fedilink
            arrow-up
            6
            arrow-down
            2
            ·
            5 months ago

            i see, I think that’s a problem of who is recommending the servers to people, I always go with one of the servers that are on the matrix.org website ( these has strict moderators and are under active development ), I can certainly go with another list of abstract/shady unknown servers but that’s a recipe for disaster…

            Btw, I’m not denying that there is terrible content on some of these servers/rooms, but I’m saying it’s a byproduct of the system architecture, Element/Matrix can implement more safety settings that’s for sure

            that being said the worse footage I saw in my entire life was on Facebook, and it was completely allowed, which tells you something about the platform and how little to no control you have to change it’s direction.

            • refalo@programming.devOP
              link
              fedilink
              arrow-up
              3
              arrow-down
              2
              ·
              5 months ago

              I think that’s a problem of who is recommending the servers to people

              I don’t think that is true at all, for several reasons:

              • matrix.org actually has tons of terrible users itself, and many channels even ban or strongly discourage even having users from that server, plus it’s usually the slowest.

              • a great many channels on matrix.org are unmoderated and already host CSAM and abusive/illegal content

              • because of how federation works, anyone who is on matrix.org and happens to join a “bad” channel even on another server, now forces matrix.org to always keep a copy of that channel and all of its content forever.

              Facebook

              Including Cloudflare, who for some reason banned kiwifarms yet continues to allow sites like 8chan and others who are also hosting CSAM/zoosadist/other vile content.

      • Hanrahan@slrpnk.net
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        2
        ·
        5 months ago

        Wtf ? I use it semi often and have never enxouterd it either. That seems a little off ? You make it sound like.its all over the place like with Discord.

  • Hirom@beehaw.org
    link
    fedilink
    arrow-up
    9
    arrow-down
    1
    ·
    5 months ago

    That’s the first time I hear of Matrix having this issue.

    I’m curious to know more, but the video only cite an anonymous source. Are there evidence or more technical details available regarding this?

    • refalo@programming.devOP
      link
      fedilink
      arrow-up
      6
      arrow-down
      1
      ·
      5 months ago

      The problem is the evidence requires linking to channels hosting CSAM, so nobody is going to provide that for you.

      • Hirom@beehaw.org
        link
        fedilink
        arrow-up
        13
        ·
        edit-2
        5 months ago

        I’m interested into the technical details, not actual URLs. How come servers cited in the video keep hosting/seeding chatrooms despite closing corresponding accounts? Is this impossible due to Matrix’s design, or is it poor moderation from server admins?

        About URLs: the author is absolutely right to blur these. The only people he should be sharing this is police, or maybe admins if they’re not aware of the abuse on their server.

        • refalo@programming.devOP
          link
          fedilink
          arrow-up
          7
          ·
          edit-2
          5 months ago

          Is this impossible due to Matrix’s design, or is it poor moderation from server admins?

          Kinda both. The design does not inherently destroy rooms permanently afaik, and server moderators don’t do enough to prune bad things either way. It’s a never-ending game of whack-a-mole. People have also been (ab)using its file upload capabilities to use matrix as a global, free, unlimited CDN, sometimes even for completely (to normal users) hidden content using custom message types hiding in plain sight.

  • minnix@lemux.minnix.dev
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    2
    ·
    5 months ago

    Nothing wrong with the matrix spec. I’ve ran a matrix homeserver for several years now and have never had issues with illegal material. It’s free, open source, and self-hostable. If you have an issue with matrix.org that’s a different issue. Don’t use matrix.org servers. In fact, they have made it a point in their literature that they want you to use your own servers, they preach against centralization, and point out that matrix.org is an entryway to get you started, not an endpoint.

      • minnix@lemux.minnix.dev
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        2
        ·
        5 months ago

        Yes I watched your video. So many wrong comments from ignorance. And blaming a protocol for the behavior of people? Another commenter here pointed out how Tor could be blamed in the same way. Why not just do away with the internet then? Ridiculous.

        • refalo@programming.devOP
          link
          fedilink
          arrow-up
          2
          ·
          5 months ago

          have never had issues

          Sample size of 1 doesn’t really mean anything, sorry.

          I’ve never been in a car crash, I guess that means it’s not a pervasive issue.

          See the problem with this logic?

          • minnix@lemux.minnix.dev
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            1
            ·
            5 months ago

            Feel free to link us to these abusive communities then since you are making a singular claim yourself.

            • refalo@programming.devOP
              link
              fedilink
              arrow-up
              2
              ·
              5 months ago

              Absolutely not. I left those communities because of what was in them, I will not be seeking them out on purpose just to show a bunch of CSAM to people and probably incriminate myself.