i have a question related to element
according to this link the one you share in your site
Discover secure and private ways to communicate with others online without letting any third parties read your messages.
Country of origin: UK
Encrypted by default: No
Messages stored on server: Yes
Muppeth from Github notes
- All files can be obtained if you know URL. No need to be part of the room. Also no files by default are encrypted.
- All contact are stored on the server in plain text
- Server keeps track of every time you login/logout/open client without any retention time indefinatelly since the moment you created an account (that data consists of timestamp, user agent, your ip and your token
- Server keeps track of your activity in each room indefinatelly. Each server is aware of all room participants since the inception of the room. Even if the room was not originally created on the server (as soon as user of another server joins in, the state of the room such as member list, joins and leaves etc is synced to that server)
- Server keeps indefinatelly even things like which line/post you have read last time.
- Server keeps indefinatelly every IP address you have used since you created account
Riot/Matrix is a great way to meet new people, and with E2EE for individual and group chats it offers a way to go dark for private conversations. Be careful though because E2EE is not on by default, it must be enabled.
While Matrix is designed as a decentralized system where anyone can choose their own server there currently aren’t very many choices. Most people choose the default Matrix home server, so there is not a lot of decentralization going on yet. Even if you do choose a different server, conversations are synced to all the servers of all the room participants. So that means that pretty much all rooms will be synced to the Matrix home server since there is most likely to be at least one person in each room from the Matrix server.
so is there any updated related to those topics
Status sends messages by connecting directly to the devices of other Status users directly, creating a very large mesh network. When you send a message, it gets encrypted for only the recipients, but the encrypted message gets broadcast to all devices in the entire Status mesh network. Eventually all devices receive the message, but only those that have the right private keys can decrypt it. Status claims this strategy prevents anyone monitoring the network from knowing exactly who is communicating since all devices get all messages.
This is an interesting setup, however I see some potential issues with it:
- Scale: What kind of network traffic will this produce if Status becomes popular and there are many users? Any single device will be receiving every single message sent to all other users in the network, which could put a strain on endpoint networks or use up lots of data on mobile plans.
- Related to the first point, every message needs to be tried to be decrypted by each device. This could use up a lot of CPU time and battery power on mobile devices.
- Since every device receives every message, recording and saving every encrypted message will be easy, and a flaw in the cryptographic protocol could have widespread consequences.
I did not find any files saved directly into public file storage on my Android device (good). But sending files and photos isn’t even a feature in chats yet so it remains to be seen if this is true when and if those items can be sent in chats.
also what your opanion about https://securechatguide.org/centralizedapps.html#safeswiss
i know it very long one but sorry
thanks for your time and have a nice day