element-hq / element-web

A glossy Matrix collaboration client for the web.
https://element.io
GNU Affero General Public License v3.0
11.23k stars 2k forks source link

Adding a widget to an E2E room should warn that widget is not E2E #5160

Open pafcu opened 7 years ago

pafcu commented 7 years ago

When a person adds a widget to an E2E encrypted room there is no warning shown that the widget is not covered by the E2E crypto. There is a reasonable assumption that unless otherwise stated, things should be encrypted.

turt2live commented 7 years ago

Worth noting that the person adding the widget is not warned, however everyone else in the room is warned: image

This is because widgets assume permission to load by the person adding it.

pafcu commented 7 years ago

While the person adding widgets certainly has permissions to do so, the implications of said action may not be clear to them. E.g. I may create an E2E room, see that there is an Etherpad widget I can add, and quite reasonably assume that the widget is also covered by this encryption (unless I already know what Etherpad is and how it works or how widgets are implemented).

turt2live commented 7 years ago

I'm not disagreeing with you, just explaining what the code does.

rubo77 commented 6 years ago

Also In an unencrypted room with widgets, there is missing a big warning, when you later turn on encryption.

Some widgets would even stop working, when you turn on encryption!

For example it should be prevented to turn on encryption in an IRC bridged room

t3chguy commented 6 years ago

Scalar/Modular does this not but having it native to the app would be better imo image

turt2live commented 6 years ago

for reference, dimension also does this. It'd be great if it was indeed baked into the app though (banner at the top of the manager?)

image

edit: I should probably tone down that warning to be less petrifying

turt2live commented 5 years ago

@lampholder in practice both known integration managers do the warning and have been for a while - is it worth making this in-app still?

lampholder commented 5 years ago

I think it would still be good to, but there's no way this is appropriately prioritised. I'll retriage - thanks.