element recommendation

This commit is contained in:
anarsec 2023-08-20 17:13:26 +00:00
parent 8b56d36300
commit 2673356dba
No known key found for this signature in database

View file

@ -229,7 +229,9 @@ https_proxy = 127.0.0.1:8082
* **Peer-to-peer**: No
* **Tor**: Not default
Element is the name of the application (the client) and Matrix is the name of the network. A comparison to email may be helpful in understanding this; Element is the equivalent of Thunderbird, while Matrix is the equivalent of the Simple Mail Transfer Protocol (SMTP) that underlies email. Element/Matrix is not peer-to-peer; you have to trust the server. However, unlike Signal, the servers are not centralized, but rather federated - anyone can host their own. Unfortunately, the "federation model" has the trade-off that Matrix has [no metadata protection](https://web.archive.org/web/https://serpentsec.1337.cx/matrix): "Federated networks are naturally more vulnerable to metadata leaks than peer-to-peer or centralized networks". To minimize this, see Systemli's [notes on the safe use of the Matrix service](https://wiki.systemli.org/en/howto/matrix/privacy).
Element is the name of the application (the client) and Matrix is the name of the network. A comparison to email may be helpful in understanding this; Element is the equivalent of Thunderbird, while Matrix is the equivalent of the Simple Mail Transfer Protocol (SMTP) that underlies email. **We recommend Element for one-to-one voice and video calls**.
Element/Matrix is not peer-to-peer; you have to trust the server. However, unlike Signal, the servers are not centralized, but rather federated - anyone can host their own. Unfortunately, the "federation model" has the trade-off that Matrix has [no metadata protection](https://web.archive.org/web/https://serpentsec.1337.cx/matrix): "Federated networks are naturally more vulnerable to metadata leaks than peer-to-peer or centralized networks". To minimize this, see Systemli's [notes on the safe use of the Matrix service](https://wiki.systemli.org/en/howto/matrix/privacy).
Element will work with Tor when used on an operating system that forces it, such as Whonix or Tails.
@ -249,7 +251,7 @@ Once you are logged in, go to **Settings → Security & Privacy**.
## Some current limitations
* "Disappearing messages" is not a feature yet, but it is coming. Message retention time can be set by the homeserver administrator, as mentioned above, and is in fact set on both of our recommended homeservers.
* One-to-one audio/video calls [are encrypted](https://matrix.org/faq/#are-voip-calls-encrypted%3F) and you can use them. Group audio/video calls are not encrypted, so don't use them. This will be fixed when [Element-call](https://github.com/vector-im/element-call) is stable.
* One-to-one voice/video calls [are encrypted](https://matrix.org/faq/#are-voip-calls-encrypted%3F) and you can use them. Group audio/video calls are not encrypted, so don't use them. This will be fixed when [Element-call](https://github.com/vector-im/element-call) is stable.
* The Matrix protocol itself theoretically supports [forward secrecy](/glossary#forward-secrecy), but it is [not currently supported in Element](https://github.com/vector-im/element-meta/issues/1296) because it breaks some aspects of the user experience such as key backups and shared message history.
* Profile pictures, reactions, and nicknames are not encrypted.