This scientifically-looking paper could have been written by Captain Obvious himself. It is beyond obvious that contact discovery in any major messenger or social network is facilitated by uploading all contacts from the user’s address book, with all the implied drawbacks.
If users' behaviour has shown us anything, it's that they love it. And for all the dangers of their privacy loss, they happily trade it for the convenience of finding the people they know.
"They love it" but they often aren't given the choice, nor are they fully aware of the consequences (I expect many would choose not to accept if the findings in this paper were presented to them in a clear understandable way).
The average person barely knows what a server is. They install e.g. WhatsApp on their phone, they are likely to think that the app on their phone is doing the work of telling them who else is on WhatsApp. They are not likely to think that their contact list is being scraped and uploaded and stored on someone else's computer in a warehouse, and then profiled for advertising purposes and then exposed to strangers via an API.
The average person may love the convenience, but the average person does not understand how it is implemented or the consequences of using such a service (as described in this paper).
In my experience, even after having made fully sure that they understand the risks involved, "the average person" will happily switch back to a walled garden IM platform the moment the next stupid feature comes in.
Last time it was the (I think Whatsapp?) feature that allows, when replying to a message with an attached picture, to highlight a portion of the attached picture. That's it. There was no network effect at this point whasoever. This pseudo-feature was enough for an adult person to decide to switch back to Whatsapp and fuck my and everyone's privacy. THEN the network effect kicks in in favor of Whatsapp, because of course Whatsapp is a walled garden, so everyone is forced to switch to Whatsapp.
I have seen this already happen several times network-wide and I will see it happen again. Non-walled garden IM networks are just set-up to lose.
It doesn’t show that we love it. I hate it. But it’s the cost of entry if you want to communicate with a group on any of those platforms (which I refuse to do outside of Signal). I didn’t love giving Signal my contacts list, but I did it.
> It is beyond obvious that contact discovery in any major messenger or social network is facilitated by uploading all contacts from the user’s address book, with all the implied drawbacks.
Mass uploading contacts should be limited, like Telgram rightfully implemented. Signal should do the same.
Also, for signal you have to give the list of your contacts. And you don't have with Telegram (and I didn't).
Actually, the general love for Signal on HN is puzzling to me. It's nothing more than yet another centralised silo not owned by the users. End-to-end encryption? I'd take federation over it any day.
Some may argue that Matrix still a centralized server by the virtue of seeding your group info somewhere. But this seeding can be done via paper-only thereby it is still a true decentralized messaging server.
No, there is always xmpp. Matrix is just an app, and we need a federated protocol. I think that Matrix will never have an alternative server implementation made by a competing party, which makes it's main selling point void.
As I understand it, Matrix seems to be an open protocol that supports federation.
The open protocol part is evident by the extense documentation of the protocol specification that I linked in my previous message and by the fact that anyone can propose a change in the spec: https://spec.matrix.org/unstable/proposals/
In the foundation page it states it is "a non-profit UK Community Interest Company, incorporated to act as the neutral guardian of the standard on behalf of the whole Matrix community"
by an open federated protocol I understand the likes of email or xmpp, or TCP, for that matter. Standardized and developed by an independent entity, for better or worse. Where the power of any single developer is checked by other developers and the standards body. Currently, matrix.org owners can unilaterally change the protocol in any way they like, upgrading their server that hosts the vast majority of users, and all the other independent implementations would be left in the dust.
Until this is possible, it is not really a protocol, it's more like a private API available on multiple instances.
So if all goes well, it will become an "open federated protocol", according to your definition, in a few years when it is more stable, mature and multiple interests (companies) are governing its direction?
If you make a device (say, wireless walkie-talkie) that can communicate with other devices of this type, it is not yet an open standard protocol. It's just your proprietary thingy that you do with some communication properties.
Same thing here. It's a product of one commercial company, which fully decides how it works.
Conduit is not finished, and, given the monolytic nature of matrix protocol (as opposed to XMPP, by the way) it will likely never be finished. Even on it's GitHub page it writes with big big letters: DO NOT RELY ON IT.
> If you make a device (say, wireless walkie-talkie) that can communicate with other devices of this type, it is not yet an open standard protocol. It's just your proprietary thingy that you do with some communication properties.
True, but this isn't the case. The device you are talking about is Element, which uses the protocol.
Here you can find the protocol:
https://spec.matrix.org/unstable/
It is an open standard.
> Same thing here. It's a product of one commercial company, which fully decides how it works.
You, again, conflate Matrix with Element, which btw. does not fully decide how it works.
Read more about that here: https://matrix.org/foundation/
> Conduit is not finished, and, given the monolytic nature of matrix protocol (as opposed to XMPP, by the way) it will likely never be finished. Even on it's GitHub page it writes with big big letters: DO NOT RELY ON IT.
Conduit is a server of a competing entity. I didn't claim it was finished or will ever be finished in the way that there won't be any development any more.
If users' behaviour has shown us anything, it's that they love it. And for all the dangers of their privacy loss, they happily trade it for the convenience of finding the people they know.