The Internet was built as a kind of decentralized democracy. Change is slow and messy but it protects us from a single entity forcing their will on us.

When you move your data and social graph to a closed platform you vote for authoritarian rule.

Such choices never end well.

Many trusted their data and social graph to VK in Russia under a benevolent dictator that fought for their rights.

The Russian government saw him replaced with someone more ethically flexible and now they control those systems.

Many trusted all the Apple marketing on privacy.

In China, Taiwan, and Hong Kong we saw apps and emoji used for dissent were banned, rooms on private networks like Telegram were pressured to be banned, and encryption keys for iMessage/iCloud were handed over to the CCP.

The Oculus VR team intended to protect users on their network from excessive surveillance and abuse.

They sold to Facebook, who told them they would carry that vision forward and never require Facebook accounts.

Facebook changed their mind when they saw value in the data.

The founders of WhatsApp sought to provide easy secure communication for the masses, but scaling is hard and expensive.

Facebook offered to buy them and help them scale their vision for privacy, and keep them independent.

Spoiler: they lied.

The masses are now flocking move their data and social graphs to Signal, yet another closed network run by a well meaning benevolent dictator.

I am sure if will be different this time.

We have a choice.

HTTP is standard and controlled by no single party. You can choose whatever web browser or ISP you want and people who made different choices can all communicate and cooperate.

Same story with SMTP, ActivityPub, or Matrix.

Building huge networks with decentralized control means you get new features slower, and sometimes rollouts are messier, but to adopt anything else is to abandon the very freedom that allowed the internet to become what it is today, instead of all being owned by someone like AOL.

I once thought I too could protect the data of a lot of users.

I ran a machine learning company that analyzed social media data.

Unlike competitors I made this a free public search engine.

Investors demanded I turn it into a political propaganda machine.

I ultimately quit.

I ran infrastructure, and security at Pebble and was unquestionably the loudest voice for privacy.

But then we got acquired by Fitbit. I realized I could not protect user data anymore. I quit.

Now that data is owned by Google.

Any single entity that thinks they can protect a huge pile of valuable data forever is as naive as I once was.

We must stop taking the easy road or picking things based only on their UX.

Learn to use decentralized systems and teach others or the free internet won't survive.

@lrvick nice thread Lance. I agree and bang on about this all the time.

It feels a bit lonely "out there" but there are many who do get this as well. If you've not done so yet, check out which has a great community, and I think ground breaking privacy tech. It's where I put most of my effort in this topic.

@adfeno the matrix protocol is public and many are implementing clients and servers.

XMPP while first of its kind, is also heavily XML based and was largely developed without universal end to end encryption, or battery budget in mind.

Matrix corrects a lot of the XMPP failings that made it ineffecient and expensive to scale which is exactly why Facebook, Google, and others abandoned it for their large scale deployments.

@adfeno They intentionally didn't go the IETF route until all the major use cases are covered, however the IETF itself is in the process of moving to Matrix for their own internal use to discuss new internet protocols soooo.... Yeah.

@lrvick @adfeno XMPP scales better than Matrix afaik. Matrix has had a lot of issues with its scalability and efficiency. I think it still uses more memory than an XMPP server.

@bob @adfeno that is not a problem with the protocol but because the initial implementation, synapse, was in python.

The new binary implementation that is ramping up, dendrite, will be able to support dramatically more users per GB of memory.

They both leak all traffic metadata, depend on DNS and on trusting servers a lot. I hope the world can learn from

@federico3 @adfeno Briar is awesome but won't scale nearly as well. You can run your own server and house your own metadata on matrix though. Tradeoffs.

On that note, Matrix p2p is in testing now though where each client can be a server for itself automagically.

@adfeno @lrvick xmpp was designed from the start to be easy to expand and adapt to new needs: it is of course still heavily XML based (not that it really matters if you're not writing an xmpp server or a client without using an existing library), but the battery budget issues have been solved since a few years and end to end encryption is, with some caveats on the metadata that also apply to matrix, working as well as most alternatives.

The standard did have a few years of stagnation, just around the time when facebook and google started defederating from it (but afaik they kept using xmpp for quite some time, although they added some proprietary extensions with time), but it has since recovered.

@valhalla @lrvick I agree with you.

The argument that “it's bad becaus of XML” is moot. Sure it does consume more resources depending on the message, but with the #XMPP #XEP for push notifications, it provides incentive for account providers to make those push services available for their own accounts, thus no longer depending on #GAFAM and such like.

@adfeno @valhalla @lrvick This old post comes to mind.
Yet, both JSON and XML require linear parsing and do not support zero-copy operation. It's like racing donkeys VS mules.

@lrvick @adfeno

> the matrix protocol is public and many are implementing clients and servers.

Clients, yes. But servers? I thought there was basically only one real server implementation that anyone used?

@lrvick @adfeno I'm glad Matrix exists and am glad for the work they are doing, don't get me wrong

Synapse is the proof of concept server, anyone is can make their own server code, Dendrite is one such example.
They just need to implement the different specs. This issue is that matrix is growing really fast and servers like dendrite are fairly new. There will soon be a time when dendrite catches up fully and only needs to add new features as and when they come.
@lrvick @adfeno

@lrvick @adfeno This is not true. XMPP works really well in resource constrained environments (and actually, it was developed for it, according to It does scale far better than current matrix implementations. Missing E2EE definitely is not a problem, as the core XMPP protocol is deliberately minimal. Facebook and Google simply don't want compatibility

@lrvick I don't know why then #Matrix team didn't register the standards officially with a standards body such as #IETF, #W3C, #ISO or #OASIS. This is my major point. Without this, #Matrix team can change the specification as they see fit, without anyone even having a way to say no, nor a test period.

@adfeno Hi there, why wouldn't you mention this topic on Matrix's official forum? I think it must be worth doing so.

@ctonysem I won't be able to influence the #Matrix developers that much. Better for those already registered there to raise awareness, even better if one is a developer too.

@adfeno we are seeing the test period right now. They want to see how the published spec works at scale before they take on the overhead of locking it in stone with IETF.

Meanwhile the IETF itself is using Slack and considering Matrix because there is nothing better atm.

@lrvick @adfeno Using slack is new to me in that context. The WGs I'm active in (CBOR, CoRE, ACE) still use EMail primarily, Jabber for chat during meetings, WebEx during interims and MeetEcho (which integrates Jabber) for the full meetings. Matrix and Zulip(?) got trials at the last full meeting, and at least the Matrix bridge is still up.

@lrvick I agree with you on promoting “protocols over products”.

Isn’t Signal all open source?

Including the core protocol implementations?

@bmann yes it is open in theory, but in practice if you run your own server you are not allowed to connect with the Signal network.

If you compile and distribute your own client with reproducible build accountability and external review etc, it is not welcome on the Signal network.

If you choose to write a custom client for a currently unsupported architecture like OpenPOWER or RISC-V it won't be welcome on the Signal network either.

Open source code you can't really use is just marketing.

@lrvick right. So federation not being built in is the core issue.

I’m simplifying obviously, but “go run your own separate network” is the current stance of Signal, vs the Matrix protocol which has federation built in.

Ok, thanks for the info!

@lrvick Don't forget about Keybase, a provider of E2E encrypted chat, being acquired by shady videocalling firm Zoom.

@lrvick If they sold Oculus to Facebook they , in fact, never cared about user privacy.

@lrvick I heard about the censorship, but didn't know about the private keys handover - can you share some details/sources?

@setthemfree china mandated all services that operate in their country must host all hardware and HSMs there and ensure a path exists for user monitoring.

Some left China over this. Apple readily complied. Some more evidence:


Apple can run different firmware with different rules on different HSMs, and even encrypt data to an extra special set of keys.

Apple web services in China are hosted locally and controlled by the CCP without question now.

@lrvick @alcinnz This is a great thread. I realize that #Signal isn’t a saviour, just like previous centralized services aren’t. I think of it instead as a manageable “jump” away from the likes of Facebook and company for people scared to leave.

One step closer, hopefully, toward becoming familiar and comfortable with using decentralized services.

@rd @lrvick @alcinnz Right, it's convenient. Having a drop-in replacement for WhatsApp helps get people off of WhatsApp at least.

@benk @alcinnz @rd people have a very limited change budget. If we can only convince people to move once every few years, why push them to another walled garden?

Matrix has multiple clients in every platform and already exists. IRC and Matrix are all I use. The water is fine. You can even bridge it to Signal if you really want to. Code for this already exists too. ( though moxie haaates this idea and will fight you )

@lrvick @benk @alcinnz For sure. But at least in my experience, no one in my groups are quite ready to move over to something decentralized just yet. It's simply too daunting for them.

For me, I've found that the first step I need to take is to educate folks in the simple fact that the Internet *does not equal* Facebook. I think for many, it will be the same type of gradual realization and/or migration.

@rd @lrvick @benk @alcinnz I work at Signal and here are my two cents: Signal is incrementally better than the incumbents, but it's not perfect.

I think more people realize that corporations don't have users' best interests in mind. Switching to Signal is a big step in that regard even if our underlying technology is similar.

A decentralized or federated Signal (Matrix? Berty? Briar?) is my dream, steps!

(Note that I'm not speaking for Signal here; just my opinion.)

@EvanHahn @rd @lrvick @alcinnz I'm one of those people who likes to use them all, so I'm fine with the plurality of alternatives. I think they fill slightly different niches, so some people will prefer Signal, others might be really happy with Matrix. I'm a big fan of XMPP, myself.

@EvanHahn @rd @lrvick @benk @alcinnz
I think Moxie has historically done a bad job of explaining why Signal is the way it is, and has been unnecessarily inflammatory at times—to the point where I wrote my own article attempting to explain to friends the tradeoffs made:

Yes, decentralized would be even better. But last time I tried encrypted XMPP it was a dumpster fire; and Matrix requires lots of servers for scale, and the non-interpreted server code is still beta.

@mathew @EvanHahn @rd @lrvick @alcinnz XMPP clients are doing pretty well with OMEMO now. It's also not inconceivable to do without E2EE, depending on your use case.

@benk @EvanHahn @alcinnz @lrvick @mathew I haven’t had very good luck with #XMPP apps on #iOS. Some looked nice but couldn’t handle encrypted/OMEMO without giving me grief, some just didn’t look like they were updated in years, and others couldn’t handle groups very well. If there’s a client I should be looking at, I’m open to suggestions.

Still, it wouldn’t replace #Signal’s group chat feature for me anytime soon.

@rd @EvanHahn @alcinnz @lrvick @mathew Haven't heard that many great things about iOS clients unfortunately. I would try Siskin if you haven't already.

@benk @EvanHahn @alcinnz @lrvick @mathew I really liked that one but for the fact that I was having group issues with it. Will give it another look, thanks

@benk @EvanHahn @alcinnz @mathew @rd

I know people who use Element on iOS full time with no complaints recently. That said I assume very few engineers that care about software freedom enough to contribute to Matrix clients also use Apple products.

That would make me expect it is a secondary priority target.

@lrvick @benk @EvanHahn @alcinnz @mathew @rd Element now has the backing of a hosting company so it has more incentive to work on clients for proprietary OSes.

@lrvick @benk @EvanHahn @alcinnz @rd
I care about software freedom, but I also care a lot about security and privacy, which is why I use iOS. I'm not an iOS developer, though, so I can't really help with Matrix clients.

@mathew @benk @EvanHahn @alcinnz @rd if you care about security then why use something only a small group of biased corp employees get to audit?

If you care about privacy why use products by a company that had no problem selling out users in China when the CCP asked?

Don't mean to start a flame war, but I never understood those arguments for Apple products.

Don't get me wrong, stock Android devices are often even worse. Neither represents a healthy direction we should be recommending imo.

@lrvick @benk @EvanHahn @alcinnz @rd I ran an Android device with custom firmware for a while, but it's a lot of pain. iOS gets me an acceptable degree of security and privacy with practically no effort, and the devices seem to last longer too.

@mathew A great post. I agree with this basically 100%. (I can't speak to our organization's motivations too well, but I think this is our tack as well.)

Sign in to participate in the conversation

The original server operated by the Mastodon gGmbH non-profit