flux

flux, 4 days ago

Am I to understand correctly that if you are running Gtk+ apps in the Gnome compositor, you get this working, but if you are running non-Gnome compositor with Gtk+ apps, it will not work? Or is it independent of the compositor?

flux, 4 days ago

Because encryption doesn’t work for rooms over 50 people, so any room over that size is public by default.

By public you mean non-encrypted? How does that work? When you create a room, you default to encryption, and there is only one participant (the room creator). And you cannot turn off encryption, so what then happens when you get 51 participants?

Also existing non-encrypted rooms are never automatically switched to encryption, so the switch must be explicit. Does it refuse to do it if there are more than 50 participants?

I’ve never heard of this limit nor was I able to find info about it (so a link would be great), but there could some factor that increases problems as the number of people increases… Perhaps 50 is some practical suggestion for the maximum number of people to have in encrypted sessions?

flux, 4 days ago

Thanks!

The mention was at about 12:06, in the form that OLM breaks down at about 50 users “give or take”, so it’s not really a limitation imposed by the system itself and it would be difficult to impose it. I doubt this is the experience of all Matrix e2ee users at least at that exact point, but e2ee has always had some growth pains, so there could people with those issues; on the other hand few large rooms are e2ee to begin with, so experience on those is limited. E2ee also requires the users to be more mindful about their data as in not to lose their private keys, and these problems probably increase linearly as the room size increases.

I didn’t notice any claim of rooms larger than 50 becoming public.

I’ve only heard a second-hand info about it, but apparently one local policital party uses e2ee in Matrix with hundreds of people in the room, so that should be a proof that the encryption is not limited to 50 users—and this info sounds just as well founded as the information provided by the video ;).

The guy carries on stating that pretty much all of the huge matrix rooms are not end-to-end-encrypted, and I have no reason to doubt that. Personally I see little point in having such large rooms encrypted anyway, because if you have a large room you will also likely have very relaxed checks on who gets to enter it (e.g. it could be completely public), and if that’s the case, then so can any party who wishes to monitor the room join the room as well. E2ee won’t be protecting those cases. (While at the same time you lose server-side search feature and efficient notifications, though at least the latter one is being fixed with out-of-envelope notification data—which again leaks a bit more metadata…)

The video also makes it sound like that if you have a Matrix Home Server in the network, it’s going to end up hosting CSAM. This is only the case if one of the users of that HS are in a room that has the content, so it’s not like it will just automatically get migrated there. I imagine vast majority of Matrix Home Servers have limited account creation abilities (e.g. companies, personal home servers, organizations, etc), eliminating or at least highly discouraging this kind of issue.

Btw, the video makes an excellent point about the Matrix CDN issue, which is being fixed currently as well (that change is already merged to the matrix spec), by requiring authentication. Next steps is going to associate media to messages, making this kind of thing even more strict. All this means IRC bridges will need to start hosting Matrix-side contents by themselves, though…

flux, 13 days ago

You should have backups. Preferably also snapshots. Then rm will feel less scary.

flux, 18 days ago

If you want to have multi-host redundant storage at home (via e.g. minio or ceph), S3 is a pretty good protocol to provide it.

S3 is nice in the way it’s not a file system so it can have relaxed semantics, while also providing secure access to individual files over HTTPS via URL signing.

Some people seem to be stuck in the idea that S3 means cloud hosting. Not sure if that was your view, but it’s worth spelling out sometimes.

flux, 24 days ago

Moving away from Discord can mean you need to stop interacting with the community using it. My personal examples are: Tilt5, Makera, Turbo Sliders. In the these cases Discord is also the way to access support for something you’ve paid for.

Getting thise communities to move into something open (e.g. Matrix) can be a tall order.

flux, 1 month ago

What a nice succinct explanation!

But also completely useless. Run0 ignores the suid bit for the same reason as 99% of command line apps do: it ignores because it isn’t relevant to its functionality.

flux, 2 months ago

I think the second point is the biggest for me: it’s almost like Canonical wanted to have a single dominant store for apps, as the ecosystem they are building supports only one. And, apparently, that one server is also closed?

So if you try to make an alternative source and give instructions to people how to configure their snap installation to use it (I found this information very hard to find for some reason…), your “store” probably won’t have the same packages Canonical’s has, so users won’t be able to find the packages and I imagine updates are also now broken?

Contrasting this with flatpak: you just install apps from wherever. Or from flathub. Or your own site. Doesn’t matter. No business incentive behind—built into the tools—to make everyone use flathub.org.

flux, 3 months ago

Does finding the guilty party solve the issue?