Hello fellow c/privacy members.

I’m not new to privacy related things but I had a hard time persuading my family members and friends to switch to Matrix/Element. It is a reponse to UK’s Online Security Bill and Investigative Powers Act that may soon in effect.

While it is just a preperation and planning in case those actually became law, I already face resistance from them. When I ask them would they switch, their first reaction is “Why one more app?” then follows with “That’s cumbersome.” or “I don’t want to learn a new app.” and suggest something more popular like Line, Telegram or Discord. Sometimes they would “Install WhatsApp because X is on there and he/she won’t install one more app just for you.”

What can I do to persuade them to use a new platform? Thanks in advance.

EDIT: I think I should elebroate more of what Online Security Bill and Investigative Powers Act does[1]. As far as I understand, OSB will break E2EE by require scanning data on client device, like CSAM but much more generic. IPA requires companies to submit security funcition to the government for approval before releasing, and disable such feature upon request. Apple[2], Single[3] and WhatsApp made the announancment of exiting the UK market totally or partically if two were signed into law.

[1] https://web.archive.org/web/thenextweb.com/news/uk-investigatory-powers-act-default-surveillance-devices-privacy
[2] https://web.archive.org/web/www.forbes.com/sites/emmawoollacott/2023/07/21/apple-threatens-to-pull-facetime-and-imessage-from-the-uk
[3] https://web.archive.org/web/20230809125823/https://www.bbc.co.uk/news/technology-65301510#2023-08-09T12:57:48+00:00

48 points

Just a reminder, telegram is NOT secure at all. Telegram is NOT end-to-end encryptes by default, and they are not disclosing this fact peoperly, which makes them untrustworthy and not a tool against growing online surveilance

permalink
report
reply
1 point

Sure you have to enable E2EE but they never say they use E2EE by default, they’re not advertising at all anyway. Saying it is “not secure at all” is a bit of a reach. They have proven they don’t share data with governments and again, you can use E2EE if you want

permalink
report
parent
reply
-3 points

Honestly, WhatsApp is more trustworthy than Telegram.

permalink
report
parent
reply
31 points
*
Deleted by creator
permalink
report
reply
9 points

I can’t confirm this. For me it runs smooth and without bugs. Calls with Element are sometimes better than calls with my mobile carrier.

But I don’t have the technical knowledge to understand why a backend in python is a bad thing. Maybe your experience with Matrix is biased because of this knowledge?

permalink
report
parent
reply
3 points
*
Deleted by creator
permalink
report
parent
reply
1 point

This huge difference in experience isn’t a great sign. But I hope it gets better over time.

permalink
report
parent
reply
1 point
*

when did you experience this?

loading the web client also takes a lot of time (1-2 minutes) for me, but everything else is ok. even that is because of an API design problem, and they are already working to replace that bad decision

permalink
report
parent
reply
5 points

I’m planning to use Conduit[1] which is written in Rust instead of Synapse. I belive this will consume less resources but have no idea will it run smooth or not.

[1] https://gitlab.com/famedly/conduit

permalink
report
parent
reply
2 points

Afaik conduit is even more beta than denderite, personally I would not use it after seeing how buggy experience friends had with it

permalink
report
parent
reply
1 point

I haven’t tried yet. Dendrite follows the micro services architecture which I don’t need and increases management work. That’s why I choose Conduit.

permalink
report
parent
reply
-1 points

This paragraph is why you won’t convince friends and family to use Matrix. It’s still too technical for non-technical people.

permalink
report
parent
reply
4 points

I agree it is technical. However, considering if the laws are in effect, there might not be a secure option, let alone private. It means that all conversations might be under government’s watch. That’s why I’m looking for a self hostable option, that can make sure data is in my control.

I am open to considering alternatives, but the foundation of the plan is based on the assumption that apps commonly used for secure and private conversations, such as Signal, may become insufficiently secure and private due to potential future laws or the possibility of exiting the UK market. The preferred criteria for the chosen app are that it is open source, audited, or ideally, both.

permalink
report
parent
reply
3 points
*

friends and family dont even have to think about servers. they pick the client they like, log in to their account, and thats it.

conduit is server software, an alternative to the official python-based homeserver that is called synapse

permalink
report
parent
reply
25 points
*

Look, I once got everyone I know to switch to matrix (Riot, before element) and they depracated the client, made everyone redo their encryption keys, it was a huge mess. Nobody will ever listen to me ever again about a messaging app because of what new vector did with riot.

Matrix is too janky for people. Use something else. Simplex, signal, whatever.

Beyond that, the key is breaking this “one more app” mentality. Why is it so hard to have an app on your phone? These people would install the Starbucks app for a single free milkshake in a heartbeat. This expectation that everyone and everything can be done in one app is absurd, and it’s marketing by the big companies to lock people in when there’s no reason for it. your phone runs apps. What’s the big deal?

And that starts with you. make yourself available on multiple different messengers as possible. Don’t say “I use matrix”, youre being inflexible. Use everything that doesn’t collect your contacts and spy on you. Use telegram, but tell people telegram isn’t encrypted. I personally have matrix, XMPP, session, signal, simplex, telegram, and I even have a discord but I never use it. I fall back to email if I have to. Be flexible if you expect others to be, be available to communicate with in as many ways as you can privately to incentivize people to switch, give them options and let them pick.

permalink
report
reply
11 points

Matrix is too janky for people. Use something else. Simplex, signal, whatever

This is the gist of it, yes. Setting up a Matrix account has several steps (e.g. backups, identity server, discovery) that are each complicated enough on their own to be deal-breakers for the vast majority of users. It’s just a non-starter for anyone who’s not a techie. It’s been around for many years but still has an absolutely terrible UX.

I wouldn’t dare to recommend it to anyone I know because I do not have the patience to walk them through it and explain it. It would cost me time, energy, and most importantly it would cost me social trust. Nobody would take me seriously anymore if I recommended something that is so user-unfriendly.

Signal is a pretty easy sell, on the other hand. It’s simple, it’s secure, and it works like any other messaging client. It’s not 800 steps to set up backups and discovery. I would prefer to use a decentralized platform, but I’m not investing into Matrix because IMHO, it has no future in the mainstream. I have a Matrix account but I don’t use it talk to anyone I know IRL, and I doubt I ever will.

permalink
report
parent
reply
5 points
*

Signal is only easier because it entirely ignores logging in on multiple devices. Maybe for some it is ok, but for me this is a huge dealbreaker, not an advantage.
If you dont set up key backups (an optional feature), its the same thing: with Signal, if you delete the app or lose your phone, all your messages are gone, along with your contacts that werent saved in your phone contacts and uploaded to a cloud service. If you use Matrix as you do with Signal, it works the same: you delete it, messages are gone. This is the default. But, you have the option to keep your messages.

Identity server? You dont have to use that, and I don’t either. You are not obliged to set up being discovered by outside identifiers. Like I don’t want people to find me by my phone number, as I don’t want to use my phone number, for anything, at all, and so I didn’t do that.
I see that on Signal, you always find people by their phone number, which you are required to hand in. On Matrix, you find people either by their handles (~username), or their phone number or email address if they have handed those in, voluntarily.
So with an indentity server you can make yourself discoverable by your phone number, and you must use one if you want that.
But I think there is a better solution (on the long term, at least): to forget about phone numbers altogether, when possible. Why would this be feasible? It is possible to store the handle in your phones contacts, with the standard “instant messenger” field. Contacts then are usually sharable in messaging apps, or with a QR code, and a lot of software generally understands this format, so you could use this to make your handle known.
By the way, identity servers and discovery is the same step, not 2 different one.

permalink
report
parent
reply
2 points

Perhaps this varies by server, or perhaps it’s changed since I signed up. When I signed up, I connected an identity server and then needed to go through a few extra steps to enable discovery by email address and phone number. IIRC my identity server did not support phone numbers at the time.

I greatly prefer service-specific usernames over phone numbers, and that’s a huge point in favor of Matrix. And I agree, Signal is ass-backwards when it comes to multiple devices.

permalink
report
parent
reply
2 points
*

I personally have matrix, XMPP, session, signal, simplex, telegram, and I even have a discord but I never use it.

I have Matrix, Session, Singal, Telegram, and Discord. Telegram is saldomly used and Discord is just subscribed to a bunch of game communities. Signal is threatened by OSB and IPA, which announced by them that they will get out of the UK market if those are in effect. Then left Matrix and Session, both not used by anyone.

I would like to be flexible but the reality is there are not much choices. Only XMPP which I don’t have, nor natively supports E2EE which varied by clients.

permalink
report
parent
reply
5 points

Look into JMP.CHAT. it’s XMPP, with a phone number that is gatewayed to PBX for voice, and can send/receive SMS.

permalink
report
parent
reply
0 points
Deleted by creator
permalink
report
parent
reply
1 point

From what I understand, many large tech companies will leave UK if those laws are passed. I highly doubt it will happen, and if it does, I bet it will take about five seconds for the government to realize how vastly they fucked up.

permalink
report
parent
reply
14 points
*
Deleted by creator
permalink
report
reply
5 points

I wish I can be this definitive but I couldn’t. Those connections are still needed, and most of the time is I need to talk to someone rather than the opposite.

permalink
report
parent
reply
10 points

Which is why I don’t like that advice. These connections are valuable, and people might want to talk to you but have other reasons why they won’t end up using the privacy focussed option only. It’s very hard to switch fully to something like Signal or Matrix, and this isn’t unique to privacy focussed chat apps either.

For me I talk to close friends and family on Signal, and that works because those are the people I have personal discussions with. For other friends that don’t really use Signal consistently, I’ve found that they still use Signal when they want to talk about something private. It’s a process, and I’m happy to put in a little bit of work while people I care about switch over.

permalink
report
parent
reply
3 points
*
Deleted by creator
permalink
report
parent
reply
3 points

and all the others say, “if you want to talk to me I’m on Facebook”
for them, problem solved

permalink
report
parent
reply
1 point
*
Deleted by creator
permalink
report
parent
reply
1 point

This itself is a kind of ignorance.

permalink
report
parent
reply
14 points
  1. I set up a home server with a litany of bridges.

  2. I show them all my chats from multiple platforms in one app.

  3. They ask me for an account.

permalink
report
reply
7 points

Got a how to for #1? Sounds like you hid a lot of complexity in that 1 step.

permalink
report
parent
reply
2 points
*

You can also try to find an instance that already does bridging. For Finnish citizens, pikaviestin.fi is a good option, but they don’t provide accounts to non-finns.

But no, I do not have a guide for setting this up. But you set up a homeserver, with a domain you can commit to, and once that is working, configure whatever bridges you like using their respective docs.

And yes, it is complex. Matrix is the most complicated thing I’ve ever self-hosted. But it wasn’t untenable, and it’s been very low maintenance.

permalink
report
parent
reply
2 points

Nice move

permalink
report
parent
reply

Privacy

!privacy@lemmy.ml

Create post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

Community stats

  • 4.3K

    Monthly active users

  • 2.9K

    Posts

  • 78K

    Comments