The not-so-talked-about but killer feature of Matrix is that you can bridge other services into it. I'm currently able to send and receive messages from Hangouts, iMessage, SMS, and Slack all from within Matrix. If I'm working on my laptop I can put my phone in my bag and not even touch it for 8 hours, because there's no need. I have Riot running on my laptop with a full keyboard and access to all my communication platforms.
It's not exactly easy to do (iMessage requires a dedicated Mac, for example), but it's possible. And it works pretty well. Pulling out my phone to tap out an SMS when I have a full keyboard in front of me seems silly at this point. Hopefully the bridging will continue to evolve and become more accessible to the average user, because it's amazing.
Yeah sorry :/ There isn't an iMessage API to talk to, so the only way that anyone has found to bridge with iMessage is to have an instance of macOS running, logged in as you, and to send messages through the iMessage app via AppleScripts and to watch the filesystem for incoming messages. It would be great if there were some API you could use to send messages through, but Apple has worked hard to keep iMessage locked down to Apple devices.
Having said that, I bought an old Mac Mini off of ebay for about $100, and it's been working pretty well for the past year or so. It's not an easy solution, but as far as I know it's the only solution for using iMessage on an Android or non-macOS desktop.
If you're willing to ditch iOS, Android has Messages for Web (an official service by Google) which lets you view/send SMS from any browser and supports file attachments etc. It's pretty great.
It very much depends on the kind of bridging you want to do and on the service you want to do it with. My iMessage bridge, for example, is a "double puppeted bridge", meaning the people receiving messages from me via iMessage don't even know I'm using a different service, and they show up in Matrix as if I got a message from a matrix user. It's also possible to bridge the contents of an entire room (on, say, Slack or Discord) into a matrix room. The two rooms mirror each other and anyone who talks in either room has their messages relayed to the other.
A good place to get a basic rundown would be here: https://matrix.org/docs/projects/bridges For the puppet bridges (which is what I'm running), you can take a look at this repo: https://github.com/matrix-hacks/matrix-puppet-bridge. You're also very welcome to ask around in #matrix-puppet-bridge:matrix.org about getting the bridges set up. We're pretty friendly in general :)
Huge props to the Matrix team! It's given me back ownership of my messages for which I am very grateful. Simple integration is a really killer feature!
I'm not sure why every matrix post seems to be met with a lot of negativity here on HN, but I always appreciate the way devs handle it.
I am thrilled to be one of the newly announced Guardians of the non-profit foundation. I'm happy to answer any questions people may have, though bearing in mind that I'm going to be a little distracted for the next while until my son goes to bed.
In those days we worry about how to talk with each other. Share info. In fact find friends. Or server.
Whilst the the technology moves on you have E2E in beta and bridge to join other communication technology but is this addressing the more fundamental question of today’s real internet.
<driver of my worry you can skip>
The internet now is fragmented by either firm (Facebook) or country bloc (Eu data and copyright law; china e-wall).
The internet is great to share but also a great way to isolate and record and arrest people. China is a good example of what is great and nasty of this IP protocol in the real world. Social credit system where you are not allowed to sit in train (or lately bus) and suppressing of freedom of speech is hard in the real world but with internet it is so much easier.
A global communication media without firm and country is what we dream of. Yes there would be troll. But we can find ways to anti-spam, may be using lisp like Paul has done. But we can dream to hack our way back to the original free internet.
I use this to measure everything. Can it help us or empower us to program, to hack, to share and just to chat freely
<end of driver>
Can you work in today world?
Have you listened to the call for national internet by supreme leader of china or the cut off of internet link by Russia. Can you work in Eu data privacy and copyright law?
Can you empower individual... is there essentially a tor mode there?
Or even better can client talk to client direct without server so no one can have a record of what any guy (or girl as trinity would have said) said so to arrest him (or her).
I think your question boils down to: do you have to trust a server? Today, the answer is yes. In future, the idea is to have a hybrid p2p and client-server architecture where users can participate simply from an app if they want... but if they want to trust a server to also replicate their account, they can.
However, if you are capable of running your own server today (or know a trusted person who can), you can still have autonomy. For instance, there look to be many autonomous servers running behind the GFW.
Are there any firm plans for what happens to the matrix.org matrix server in the future? I worry that all the friends and family that I've been convincing to register an account on matrix.org are going to one day be asked to migrate their account to somewhere else, and that feels like it could be a big bump in the road for the non-technical ones.
So, New Vector (the for-profit org that the foundation has just spun out of) operates the matrix.org homeserver on behalf of the community.
With that said, though, I don't think it is going anywhere any time soon. Portable accounts/identity is on the spec roadmap and is a personal passion of mine, so moving servers while keeping all of your identity will hopefully be possible in the not-too-distant future.
Yup, to echo this: the matrix.org homeserver isn’t going away anytime soon.
One of the problems we saw with other protocols when starting Matrix was that often it was hard to pick a good server to host your account, and the project’s “ground zero” server was often overloaded or unavailable. So we consciously made the decision to keep the matrix.org server running to help bootstrap Matrix - but the second we have decentralised accounts we will gently start encouraging users to migrate off to alternatives, assuming that good trusted public alternatives exist. We envisage this to be seamless though; users will just need to click something to opt into storing their account on their new server, and their account will then replicate across the servers where it is hosted. Over time, we might then ask people to stop using the matrix.org server if they empirically are using other servers too, and hopefully eventually get to the point where we have both closed signups on matrix.org and even turned it off. But we are categorically not going to leave any users high & dry.
It’s worth noting that running a massive server like matrix.org is a significant burden and distracts badly from actually building Matrix (especially when things go wrong), so we would love to spread the traffic out as soon as we can.
All this remains scifi for now though, although MSC1228 gives some hints on how it could evolve.
Thanks, that's very encouraging to hear and exactly what I would hope for.
That also sounds like it would solve my biggest issue with running my own server; if my home internet drops or I spill coffee on it I can't talk to anybody until I get it fixed. Having an alternative way of accessing my account would solve that entire worry.
P2P Matrix could perhaps be layered on top of this, using some kind of overlay to route the traffic around such that you no longer have to trust any server. We have some ideas around this, but need to write up them up as an MSC. https://matrix.org/blog/2019/03/12/breaking-the-100-bps-barr... has some thoughts on what the transport could look like for this.
Where can I learn about your proposed path to decentralization of control, custody, costs and accountability given that it is, (as with any novel initiative), it is currently centralized on the dozen or so members who form the core of your foundation.
I used to be very enthusiastic about projects like this but AFAICT, decentralized governance ultimately amounts to a contradiction in terms.
We don’t have any plans for formal decentralised governance at this time; it’s hard enough making rapid progress with an open standard with ~12 people helping steer it without opening it up to the whole world to bikeshed.
So this defines how the wider community can get involved at the top level; and in turn, anyone is welcome and encouraged to submit patches (for implementation) and proposals (for spec) - thus providing a relatively decentralised end result. Our emphasis is more on open governance than decentralised governance for the sake of it.
That said, if Aragon or some similar project came along and convinced us of a better governance model, we’d of course consider it :)
This is exciting. Glad to know they're focusing on making a stable, secure protocol, and that development is going strong. Great job and keep up the great work!
there are some big security and performance holes in the DAG resolution algorithm, but hopefully more funding will give them the resources to revisit some of their dangerous assumptions.
As far as we know, we have addressed all known issues in the original algorithm - which is why we have declared ourselves out of beta. Matrix 1.0 has an entirely new state resolution alg, as well as many other security fixes.
Performancewise there are still issues, but we know what needs to be done to fix them, and this will be landing shortly now 1.0 is out.
Matrix has been on my to-do list for some time - I'm interested in exploring it as a replacement for team Slack.
As a side-note, I think the copy on the Matrix website could use some love - it's a little wordy and not immediately clear what Matrix is, and why/how you would use it. I've read a few other commenters make the same point.
Are you open to some suggested wording? If so, how would you prefer to receive it?
So we just reworded some of the site, but agreed it needs more love. We're (hopefully) much better at writing communication protocols than describing them to a broad audience.
Proposals for changes are very welcome (although we can't guarantee we'll accept them verbatim); the new site lives at https://github.com/matrix-org/matrix.org. PRs welcome.
Honest question. What's stopping Matrix from being adopted by, say, Google or Facebook, and then pulling a XMPPEEE? Imagine Matrix gets really popular, more even than Discord. So they offer their own "version" but add features like free 250GB on Google Drive or things like that. After they get everybody on board they do what they do best and cease control of it.
We're obviously very aware of this risk, and one approach is to try (as the Foundation) to steer uptake as best we can to ensure that no single 800lb gorilla ends up adopting Matrix and smothering it with love(?), even if they have the best intentions. So if Google did suddenly start using Matrix, we'd do everything we possibly can to ensure that at least one of Microsoft/Facebook/Amazon/Apple/Samsung/etc jumped on board too, to try to balance things out and ensure that the value of participating in open network outweighed the risk of proprietary extensions leaking in.
But in the end, the onus is on us to make sure there's enough stuff of value in the wider open network that the idea of someone using the protocol to try to create a walled garden is laughable and clearly missing the point - much like running a private email network is somewhat missing the point, or for that matter a walled garden like the web content on old-school AOL.
Hopefully we're on the right track to ensure there's enough stuff of value on the public Matrix network to make participation in it a no-brainer.
Very interesting. I wonder if there's a killer feature that would appear when you follow that line of thought. So even if adoption looks like 60~70% users and 30~40% enterprise, if you're indispensable to either of them, it would still prevent a take over because of the network effect. And the fact that you have an API that developers can trust would solidify the position even more. If that feature ever surfaces I hope it doesn't involve blockchain or machine learning.
Well, the feature might just be one of ubiquitous interoperability, much as email provides today. Particularly in an enterprise context: if you want to do some kind of realtime collaboration with someone, you might just reach them directly via Matrix rather than sending them an Email with a link to Slack/Zoom/whatever.
It'd certainly be more compelling if it was an actual feature though. Joking aside, federated machine learning could be an interesting approach, if the value that Matrix provided included a decentralised search engine which could help you sift through all the available content to find the chatrooms and communities you're interested in (and hide the ones you're not...)
Matrix is an inherently decentralized system. You can run your own fully featured instance on your own property. If the company behind Matrix is acquired, the foundation being announced here today stands in the way of the intellectual property becoming a toxic liability to your own use. This is very good news today.
Furthermore, the openness of the protocol allows free software projects to emerge and exist independent of the matrix company and even the foundation. Such projects can be developed by your contributions and the FOSS community's support until the end of time. One of those projects, for example, is one I started [disclosure] called the Matrix Construct server: https://github.com/matrix-construct/construct and your support of this project is necessary to that end.
These "what if" questions will always be relevant because of the nature of big (and small) tech companies. Creating a monopoly, data mining, and controlling the flow of information are simply irresistible - if not necessary - for tech companies like Google or Facebook. The only real solution is to have educated users that care about their privacy and security. In that case, if Google turns a free, open source protocol into a surveillance machine, the only solution is to step away from it and not use it. We cannot stop big tech companies from creating user-friendly, tempting malware.
What's the best option available for chat embedding right now? E.g. if I want to build Facebook's chat feature or Fiverr's Inbox feature and have it integrated into my main web app.
We haven't published an official embedded chat SDK for Matrix yet, but there are a bunch of options from the community. https://gitlab.com/sanlox/tangent is one, which is very new and immature but looks to be headed in the right direction.
Alternatively, you could take a scalpel to matrix-react-sdk and strip it down to do what's needed.
Maintaining UI SDKs like this is very time consuming, and we're currently putting our time into ensuring matrix-react-sdk (and thus Riot) pull their weight against Slack & Discord etc.
https://matrix.org/docs/spec/#matrix-versions. Matrix 1.0 is the blanket term for the set of various specific API releases we just cut: CS API 0.5 etc. We could have bumped them all to 1.0 for the sake of it (and perhaps we should have), but it felt cleaner to let each API version evolve independently, and instead say “hey, as of this set of versions, we consider the protocol stable”.
My guess is that fewer than two people reviewed it before hitting publish. For a project with the level of ambition that Matrix has, when they release 1.0 I would expect more attention than that. Just my two cents though.
Blog posts that you can reasonably expect may be shared in places where context will not be known should start out by clarifying what the subject of the post is.
Should it be in the first thing to do is to explain who you are and what your project is doing? Not everyone is in the matrix or everyone are but not woke up. Need to say.
At least I learned a lot from the github issues their hacker opened. Wonder if there are any surviving archives of those that the repo owners did not delete in shame.
End-to-end encryption is all well and good but until the app stores provide verifiable builds I think promoting messaging apps such as Riot as "Secure decentralised chat/VoIP" is unprovable and therefore somewhat misleading.
That's not to say that we shouldn't have verifiable builds (we totally should), but if we follow this line of logic we will never be able to call anything secure. By the time we have verifiable builds we will have identified other security risks that also need to be addressed.
Apps like Riot are secure compared to the majority of alternatives available today. Arguably we shouldn't use a binary term to describe that, but I'm sympathetic to the idea that consumers think in those terms and that it's not too harmful to use them. Other metrics typically don't see this kind of feedback (for example, you hardly ever see anyone complaining about someone marketing their app as 'fast', even though performance is also not binary).
Words like security and decentralization are indeed not binary, but referring to them as being on "a continuum" or something similar is not particularly helpful either. I wish I saw more application of them as modalities, such that they refer to not to a perpetual state but a systemic tendency toward an ideal (if asymptotic) structural equilibrium over time, as in "X tends toward greater decentralization", "tends towards greater security" over time.
Even better if these claims could be backed, if not by a formal proof, at least an informal definition of these terms as used in the claim and reasonable justification as to why the models being promoted would not tend to collapse into greater centralization, weaker security over time.
It's unfortunate that you posted this comment in a nearly drownvoted thread under a story submission about a product announcement.
You make a very interesting point about recognizing whether the tendency of a group coordination model is to drift toward one of the poles of centralization over time (not sure I follow that same reasoning with regard to security though).
This comment would have been much more relevant had it been made in the other story about making efficient decisions in a flat hierarchy.
I disagree that it’s totally hopeless but OTOH verifiable builds sounds like an awesome idea to increase security. Still, at the end of the day you always are trusting some entity or machines...
Fdroid looks to be heading in the general direction of verifiable builds where possible. Failing that it’s really not that hard to build yourself. But in the end you have to be trusting trust somewhere...
It's not exactly easy to do (iMessage requires a dedicated Mac, for example), but it's possible. And it works pretty well. Pulling out my phone to tap out an SMS when I have a full keyboard in front of me seems silly at this point. Hopefully the bridging will continue to evolve and become more accessible to the average user, because it's amazing.
reply