• Chris Remington@beehaw.org
    link
    fedilink
    arrow-up
    4
    ·
    9 months ago

    It also basically undoes all of the security and privacy features of Signal.

    I’d like to have a source for this claim, please.

    • deadcade@lemmy.deadca.de
      link
      fedilink
      arrow-up
      5
      ·
      9 months ago

      I don’t have a direct source other than the source code of the software they use: https://github.com/mautrix/signal

      When using one of their “cloud hosted” bridges, the bridge software (that connects between Matrix/Beeper and other protocols) has to read all message content. Otherwise, it’s impossible to bridge to another protocol. E2EE becomes end (other users) to bridge (beeper) encryption.

      With “local hosted” bridges, E2EE stays intact, but messages can’t be sent/received if the device hosting the bridge is unavailable.

      In the future, with MLS (a different E2EE protocol), it could be possible to keep E2EE even when bridging to Matrix on cloud hosted bridges.