Edit: E2EE-and-Public-Rooms

[MilkManzJourDaddy]

zottel: MilkManzJourDaddy: in https://github.com/MilkManzJourDaddy/matrix-org/wiki/E2EE-and-Public-Rooms , you forgot the most important points, IMHO: 1) New members will not be able to read messages from before they joined as they don't have the keys for them. 2) The search feature is server-based (the server searches for you) and thus doesn't work on encrypted rooms. ␤https://matrix.to/#/#cybersecurity:disroot.org/%241511559599586GzpsQ:matrix.zottel.net ¶«if a new member does not have the keys they will not be able to decrypt or search.» • «Also, room members may send where others may not have keys for decryption.» • «zottel: Search is generally impossible in encrypted rooms. The backlog, well, depends on if public rooms are set to allow that for new members, anyway, but most are, and it's nice to have.»

[MilkManzJourDaddy]

Further clarify, people just don't get it, even with the Wiki. Add TLS expanded explanation, including Gmail™ datamining, and view.matrix.org. From a discussion: «¶Matrix already has TLS. On Riot-Web, look in the browser Navigation bar, the protocol for the URL/URI is https://*!!! ¶E2EE: End to End Encryption. It's like adding GPG/PGP to Google® Gmail™, to keep Google® from reading your mailto: protocol (e-mail) messages. Gmail™ already has some TLS, and so does Matrix. https://en.wikipedia.org/wiki/Transport_Layer_Security •. But the idea of using E2EE to keep Admin's of Homeservers, or anyone from reading messages in a Public Room is absurd, as they could simply join, or perhaps read the room contents on https://view.matrix.org •, such as this very room!!! Look in the topic!!!: Room History is World Readable by anyone. → https://view.matrix.org/alias/%23Help:matrix.org» ¶Copied from: #Help:matrix.org.

[MilkManzJourDaddy]

Further clarify E2EE, people just don't get it, even with the Wiki. From the Matrix FAQ: «remember that the main reason for using e2e encryption is that we don't trust the sysadmins», «Privacy of metadata is not currently protected from server administrators». But hopefully that might change. It also illustrates that in a private Direct Chat with E2EE enabled, «a malicious homeserver administrator can see who is talking to who and when» (metadata), «but not what is being said». ¶Transcribed for Markdown from: #darknet:chat.weho.st • https://matrix.to/#/#darknet:chat.weho.st/%2415155709292132itktA:chat.weho.st •

[MilkManzJourDaddy]

Further clarify E2EE, people just don't get it, even with the Wiki. From the Matrix FAQ: «remember that the main reason for using e2e encryption is that we don't trust the sysadmins», «Privacy of metadata is not currently protected from server administrators». But hopefully that might change. It also illustrates that in a private Direct Chat with E2EE enabled, «a malicious homeserver administrator can see who is talking to who and when» (metadata), «but not what is being said». ¶Transcribed for Markdown from: #darknet:chat.weho.st • https://matrix.to/#/#darknet:chat.weho.st/%2415155709292132itktA:chat.weho.st •

[MilkManzJourDaddy]

Many people do not realize that many Public Rooms are on https://view.matrix.org •That does have TLS security ala https://*, but no privacy as Google® indexes view.matrix.org.

[MilkManzJourDaddy]

anomie in #Cybersecurity:matrix.org mentioned that «the time to send a message linearly increases according to the number of people that join the channel.» That's in reference to E2EE messages in Public Rooms. It Certainly takes time to faux verify all their keys for multiple devices. An the encryption & decryption time alone, adds up. So, some fact-checked wording should be added.

[MilkManzJourDaddy]

JollyRoger's comment on the issue:↵↵¶> Having end to end encryption enabled in a public room is like building a 50-foot high wall around your yard, demanding visitors check IDs, conducting background checks, then not even shutting the gate when you go to sleep at night.  ↵↵¶> The End To End Encryption in Matrix is as of this point in time, in beta. It requires each device be verified out of band individually, across every device that the user owns, across every single device everyone ELSE owns in that room. If we were to turn it on, then what would happen would be that the server wouldn't be able to decipher the messages, and people wouldn't be able to read room history from that point forward until they joined, but if the server really wanted to read our messages, they could do something as simple as just click join and all the trouble of using E2EE would be for nothing.

[MilkManzJourDaddy]

It has been mentioned that in a group room, enabling E2EE eliminates the concern over any duress demand for chat logs from a Homeserver.  But again if the room is Public, all an opponent need do is join.  Groups with such worries would be better served with invite-only rooms, possibly not listed in any Homeserver Directory, making such not a Public Room.

[MilkManzJourDaddy]

In a Public Room, even with E2EE enabled, an opponent could easily record all room traffic, using a tool like Matrix Recorder: https://matrix.org/docs/projects/other/matrix-recorder.html

[MilkManzJourDaddy]

"JollyRoger made a good point that Matrix TLS is not "opportunistic" like mailto: where STARTTLS" may be stripped off in transit. Includea bit about that, in that Matrix is more secure than mailto: protocol. Also, France is using Matrix and a fork of Riot. «Twitter Search / RiotChat posted a new article: France confirms that Matrix (and Riot) is the basis for their upcoming secure communication app for official government use, and will be 100% FOSS! Exciting times :D https://matrix.org/blog/2018/04/26/matrix-and-riot-confirmed-as-the-basis-for-frances-secure-instant-messenger-app … ( https://twitter.com/matrixdotorg/status/989514267408912385 )»"

[MilkManzJourDaddy]

Jolly Roger made a good point that Matrix TLS is not opportunistic like mailto: where STARTTLS may be stripped off in transit. Include a bit about that, in that Matrix is more secure than mailto. Also, France is using Matrix and a fork of Riot. «Twitter Search / RiotChat posted a new article: France confirms that Matrix (and Riot) is the basis for their upcoming secure communication app for official government use, and will be 100% FOSS! Exciting times :D https://matrix.org/blog/2018/04/26/matrix-and-riot-confirmed-as-the-basis-for-frances-secure-instant-messenger-app … ( https://twitter.com/matrixdotorg/status/989514267408912385 )»

[MilkManzJourDaddy]

It seems E2EE in Public Rooms, probably where the user has not verified other devices, gives a "noisy" notification e.g. including a message counter, with every new message.  There might be an open issue for this, which we should correlate in the Wiki entry.  But it is certainly of interest to anyone thinking of setting E2EE in a Public Room, or anyone who might join, or has joined one.

[MilkManzJourDaddy]

Edited. We will see if it is well received.

https://github.com/MilkManzJourDaddy/matrix-org/wiki/E2EE-and-Public-Rooms