The other problem with Matrix for me is that Element call (the protocol) is not present in most public instances and isn’t very straightforward to selfhost. The default is jitsi which is not E2EE. Pretty major IMO because if Matrix is supposed to be a Discord alternative and supposedly E2EE but VC isnt encrypted, pretty yikes.
Also they have claimed for years that they have forward secrecy. Has something actually changed recently?
I’ll preface saying I’m not a security expert but my understanding Is sometime in 2025 they changed the encryption scheme in matrix following a lot of disclosures of how it was broken to a new scheme that uses MLS and supports forward secrery. I haven’t seen a post yet from security experts discrediting it yet. It sounds like it still has issues from what you’re saying, about soatok disclosing some new problems with it.
On the call side they have element call instead of relying on a jisti widget (but only a few client support it). Afaik it supports encryption. They talked about it last year at the matrix conference https://cfp.2025.matrix.org/matrix-conf-2025/talk/BQZHAH/
The other problem with Matrix for me is that Element call (the protocol) is not present in most public instances and isn’t very straightforward to selfhost. The default is jitsi which is not E2EE. Pretty major IMO because if Matrix is supposed to be a Discord alternative and supposedly E2EE but VC isnt encrypted, pretty yikes.
Also they have claimed for years that they have forward secrecy. Has something actually changed recently?
I’ll preface saying I’m not a security expert but my understanding Is sometime in 2025 they changed the encryption scheme in matrix following a lot of disclosures of how it was broken to a new scheme that uses MLS and supports forward secrery. I haven’t seen a post yet from security experts discrediting it yet. It sounds like it still has issues from what you’re saying, about soatok disclosing some new problems with it.
On the call side they have element call instead of relying on a jisti widget (but only a few client support it). Afaik it supports encryption. They talked about it last year at the matrix conference https://cfp.2025.matrix.org/matrix-conf-2025/talk/BQZHAH/