Does any data get sent to matrix hq or element?

  • fmstrat@lemmy.nowsci.com
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    1 month ago

    Disclaimer: I am not a synapse dev, but I have run a non-federated server for a long time.

    Assuming you have fully disabled federation and Matrix.org provided services, data should not be leaving your instance. I run mine with bridges for services like Signal, IRC, and Discord, so as expected data goes out through the bridge software (via VPN).

    To be extra safe, you could run it in a Docker container who’s network is limited to local, and an nginx proxy for Element.

  • toastal
    link
    fedilink
    arrow-up
    2
    ·
    1 month ago

    If you interact with any other server on the network (meaning users on another server), all messages/attachments/metadata will be synced with all other servers by design.

    Given the percentage of users on Matrix.org & servers they provide, some of your data will end up on Matrix HQ servers.

      • toastal
        link
        fedilink
        arrow-up
        2
        ·
        1 month ago

        Somehow missed that part. But what would be the point of a defederated chat then?

        • fmstrat@lemmy.nowsci.com
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 month ago

          I use mine like old school Trillion. Element is my Discord, Signal, IRC client. One thing open on my desktop to do them all.

          Edit: For instance, Beeper (https://www.beeper.com/) is just a defederated Synapse server with bridges.

          • toastal
            link
            fedilink
            arrow-up
            1
            ·
            1 month ago

            I want to set up XMPP gateways to do the same, but I would still feel comfortable federating since the network isn’t centralized around a single hub. The clients are a lot less weighty too.

  • ReversalHatchery@beehaw.org
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 month ago

    a few years ago there was a scandal about synapse having a lot of defaults that in one way or another resulted in matrix.org receiving a lot of data.

    I think it was cleaned up since then, but it’s always better to audit your configuration along with what are the defaults.

    • ludicoloOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 month ago

      I had seen a post from the official element account that said something along the lines of “we send encrypted data to the government. If you don’t like that, element isn’t for you.” Not word for word accurate but you get the gist. I didn’t know if that statement only applied to the official matrix.org server or self hosted instances as well.

          • ReversalHatchery@beehaw.org
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 month ago

            I understand that message so that they are providing a messaging service for a fee to police forces. I don’t think they meant that they send encrypted data to them for money.

            • ludicoloOP
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              30 days ago

              “Yes, we fund Matrix dev by selling encrypted messaging to governments, which includes police: if you don’t like that then please feel free to use a different app.”

              Idk that seems pretty clear to me that they are selling encrypted messages to governments and police. Not only that all the comments interpret it the same way.

              EDIT: The more I read it the more I become unsure. Hopefully they elaborate. To me I am confused at the service they are selling. Matrix is open source these organisations could dedicate their own employees to spin it up. Do they have somewhere you can purchase the same service? The phrasing is what gets me. It feels like they are referring to already sent messages and data. If they were referring to a service they provide, that should be clearly stated.

              • ReversalHatchery@beehaw.org
                link
                fedilink
                English
                arrow-up
                1
                ·
                30 days ago

                Indeed, now rereading it I understand ypur uncertainty. It would be best if they would clarify it.

                I still think they’re selling the service (the Element One SAAS thing), but with this wording they could point to this toot if something changes in the future to that end

                Matrix is open source these organisations could dedicate their own employees to spin it up

                sure but a lot of companies don’t want to deal with that, especially non-tech companies. also, look at how popular aws/azure/google cloud is, but also teams, zoom and the whole google suite. Companies love it when it just works, without them needing to pay someone (ideally multiple employees) to keep it operational and up to date. Also, Element One employees will basically always have more experience in maintenance than your own admins.

                Do they have somewhere you can purchase the same service?

                I don’t understand this one. Could you elaborate?

              • Austin Huang ❤️@mstdn.party
                link
                fedilink
                arrow-up
                1
                ·
                26 days ago

                You can see Element’s paid service offerings at https://element.io/pricing; their use cases for police is at https://element.io/sectors/interoperable-blue-light-emergency-services. Yes, it’s a bit confusing to have both b2b and b2c under the same brand, but they do mean “the ability to encrypt communication within” and not your messages, similar to Slack’s model. I’d also expect the community to catch any call-home attempt.