FBx day 4: Matrix Synapse's howto


After running my first few tests, I must say I am very happy with my FBx’s Synapse. The call quality is really great both on voice and on video, the chat is very responsive, and I had lots of fun trying out different clients for it. I have a few questions, following this first experience :

-When connecting to matrix.org’s rooms through federation, my FBx is extremely slow. Like, extremely. It seems that FBx has to copy all of the room’s previous communications to storage, before the user can interact. Is there a way around this inefficiency ?

-How do I check that abandonned rooms’ communications have been erased ?

-How can I add phone numbers to users’ accounts on my Synapse ? The current setup doesn’t allow it.

-Is there a way to connect people through phone numbers on my Synapse ? Example à la whatsapp: telephone contacts that use the Matrix network would be immediately findable on the client.

Well, seems matrix is good at a couple of things, though, that could rather be marketing and lobbying than actually privacy in the user’s interest.

Your observations bring up some performance issues with its centralized meta-data and (message) data handling. (The implementation details that were often glossed over.)
And no, you can’t control nor check what is done on other matrix servers and the clients. I think matrix stores things like provided phone contacts on central servers, and all clients (possibly even servers) default to connect to these central services in parallel to the connection to your own server (and server-to-server).

If you want phone number based contact discovery, one might have to compare the privacy policy and usability of matrix (Vector Corp. etc.) with the https://quicksy.im solution (conversations.im flavor) that works in the XMPP (Jabber) network.

There were some interesting comments under this link (machine translated):

1 Like

Yikes, sounds quite (not) reassuring!

So, according to the info you gave me, Matrix is a communications protocol developped by foreign powers, meant to store the american public’s communications, which mutated into an inefficient metadata collector… basically, just the kind of service that anyone would dream of using.

Thanks for the pointer. Do I understand correctly also if I say that :

1.XMPP/jabber is a more secure interoperable standard than Matrix.
2.There is currently no technical solution that allows for phone number sign up outside of Quicksy’s registry.

Question regarding JSXC:

-I have my DDNSup and running. Ejabberd is on, as well. JSXC doesn’t let me in, and says: “BOSH server NOT reachable or misconfigured.”
Is there anything else I need to do to get in ?

At least I don’t know another at least workable alternative than XMPP. Its less monolithic (extensible) way of organizing things does come with some drawbacks (like at least temporary interoperability problems).

For example, searching for that JSXC problem turns up this post:

Unfortunately, supporting video chat with freedombox still needs a workaround and backported ejabberd:

Seems like my BOSH issue was encountered previously here:

From the discussion, it looks like it’s a matter of JSXC’s version, but it doesn’t explain why I can’t reach the server from other clients…

In my situation:

https://mydomain.freedombox.rocks:5443/bosh does not lead anywhere.
The internal server issue persists when I try to connect via other clients.

Is there anything that I can do to connect to the ejabberd server ?

I’m sry but I think some information is out of date by now. (or I am misinformed. You never know…)
Also I think it is relevant to differentiate between the protocol Matrix (matrix.org/docs/spec/), that is maintained by the foundation (matrix.org/foundation/), and the company Element (used to be new vector) and their chat client Element (used to be riot). There are members of Element who are also in the Foundation, mainly because they founded both. The idea came from two people working at amdocs to not create another proprietary chat but instead one to “glue” all together and that can be implemented fairly easily by anyone. But as a proof of concept they needed to build a server implementation (synapse) and a client implementation (riot), otherwise who would use a protocol without a working example. Originally they were funded by amdocs but not since 2017. They seem to be fairly good sponsored by now with multiple big companies and governments being interested in the development of an open, decentralized and secure protocol. And the foundation is there in place to …“act as the neutral guardian of the standard on behalf of the whole Matrix community.” Matrix is under a lot of development from the spec getting refined with new ideas to all the server, client, bot and bridge implementations. They publish a weekly blog (matrix.org/blog) where you can read everything that is being done around the protocol.

For the first link:

The matrix protocol doesn’t define when a server deletes its data. What you say in a conversation, can be remembered by anyone who participated. (Not unlike in the real world) Yes it seems that the homeserver they used (synapse) didn’t have the room deletion api back then so it wasn’t that convenient to delete data. (https://github.com/matrix-org/synapse/blob/develop/docs/admin_api/rooms.md#delete-room-api)
I don’t think the solution is to use xmpp and just don’t store any data.
The rest is just complains that synapse at the time had federation problems, which I don’t know but I can say that it is working pretty nicely since I started to use matrix exclusively in April.

Reading this I can’t find anything speaking against matrix. This just looks like a (not currently developed) matrix competitor that even states that it doesn’t see matrix as inferior just following different philosophies.

The next two links already clear themselves up if you read the reddit comments.

In the next paragraph seems to be confused as to how everything interacts.
Amdocs used to fund the development. So now the independent protocol is connected to what amdocs did/does by themselves?
And the metadata they are talking about is on the one hand your ip (for 180 days), if you request the website, and anonymous usage reporting, if you enabled it (it isn’t by default).
But you can also just host the element webclient yourself or use any other client.

But matrix has it’s problems:
Mainly that most users are on matrix.org. It’s the hosted server by the Foundation for themselves and open to anyone. (because most people won’t try a chat where you have to setup your own server first) This is of course against the decentralization idea and accumulates metadata on their end. But that’s exactly why you should run your own.

On the other hand there are very interesting things being done with this protocol. For example a complete p2p webclient (and I think there is already an ios build?..). Where you run a matrix server inside your browser! Threading seems to be coming in the near future. Portable accounts that can move between servers. Gitter is being transformed into/onto matrix. And a lot more…

Hopefully I could make sense of myself. To much things i wanted to write :smiley: and thanks for reading :slight_smile:

1 Like

Ok, I understand. Thanks for the insight.

Anything about the BOSH server issue on ejabberd ?

Investigation documents: https://gitlab.com/thegridprotocol/home

Reading this I can’t find anything speaking against matrix.

Actually seems they sorted out the repository, found the documents here now: https://gitlab.com/libremonde-org/papers/research/privacy-matrix.org

To much things i wanted to write :smiley: and thanks for reading

But what you wrote reads just like the stories that come from the sources you cite.

Did you want to write why you would like clients to default to connect to central places?
Why you would like them checking stuff and creating tracks in the process?
Why you would like if things are transferred to storage on other servers?
Why you would agree with repeated backpedaling only after things were discovered, after silently not doing good (repeatedly) in the first place?

I don’t think the solution is to use XMPP and just don’t store any data.

Really? Ok, then the solution may indeed be some crucial improvements to the matrix protocol, like envisioned as “grid protocol”.

Wow thanks. I didn’t know about this document. Very interesting and enlightening. Even tough i only read it once or twice now I still need to go through all the links provided. But doesn’t look that good for the avarage matrix user :confused:

No. No central place for all users. That’s obviously bad.
But a central place for all clients a user uses (f.e. the Freedombox) then yes :slight_smile:

I don’t want any tracks created by checking stuff. But the fact that everyone who participated in a conversation knows about it is hard to change. You can trust the other side to delete something along side you but given information is given. I didn’t know that the IS gets information even if it is not yet activated in the client (very worrisome).

Isn’t it good if a room exists on both our servers and I don’t have to ask your server all the time about a conversation?

I didn’t know about that / the original github gist and the reactions. (Makes matrix look really bad)

Well yes :smiley: if matrix has such security holes that won’t get revised, a fork/competitor would be preferable.

But then there are a lot of the problems that seem to be solvable by having you own IS and Stun/Turn configured. Maybe the Freedombox could be such a “Default” secure setup.
Sad to see them not trying to fix reported security issues.

Thanks for educating me.
And sorry for getting this thread off topic

Anything about the BOSH server issue on ejabberd ?

There does not seem to exist an issue at https://salsa.debian.org/freedombox-team/freedombox/-/issues , you could file one and maybe look for a newer, backported JSXC package version.

Having own information services would probably defeat the central/global scope, and it can’t do anything about the clients connecting elsewere.

But I guess it’s still ok to have both alternatives available. Though, vanilla custom XMPP servers do not need any information service running, and there exist a multitude of alternative client projects. And its just the integration of the same Stun/Turn server package installation in the freedombox XMPP server setup that is missing.