Matrix Conference 2025 Highlights
12 comments
·October 20, 2025Scene_Cast2
_def
As of lately, Spaces are now supported in Element X which possibly brings it to feature parity (at least I wouldn't know what's missing, and I've been using Element X now for some months because of these plans)
bilal4hmed
Compared to Signal, where does element stand today in terms of privacy and encryption? Due to the decentralized nature they werent able to offer the same guarantees from what I remember
jeroenhd
Matrix allows for unencrypted messages so it's inherently less encrypted than Signal. The federation capability also means messages leak metadata. Furthermore, encrypted messages also contain some metadata in the unencrypted envelope. Some protocol features (emoji reactions) also ended up outside of the encrypted envelope because of that. It's a risk with any protocol that has encryption bolted on and optional.
On the other hand, you can host your own Matrix server and still participate in the network, whereas Signal will have you convince your friends and family to install a custom Signal client if you want to run your own Signal server, for instance because you don't want to rely on Amazon's servers (Signal was down when Amazon went down this morning).
Signal sacrifices network openness for encryption capabilities.
There's also the MLS/MIMI side of things, but AFAIK that work hasn't been completed yet (MIMI isn't even a full RFC yet).
Element/Matrix, with some modifications, has been chosen as the messenger of choice by the French government (Tchap) as well as the German military (BwMessenger, BundesMessenger) and healthcare (TI-Messenger).
_def
I think these two topics need to be looked at a bit separately, similar to for example WhatsApp, where you have e2ee but there are still lots of privacy risks.
In the matrix ecosystem, as far as I understand, having only one user from the matrix.org homeserver in your room already undermines metadata privacy to some degree. Also, there still are issues with decrypting messages from time to time with certain combinations of clients, rooms and homeservers, which effectively means that the "failsafe" option for getting messages across the network is using unencrypted rooms.
Having free, secure, federated, usable instant messaging is still not solved imho, and I think it's not easy to solve. So far matrix is the best attempt in my book, but it's also not there (yet?).
uyzstvqs
> So far matrix is the best attempt in my book, but it's also not there (yet?).
IMO XMPP is the best attempt so far, but it's completely outdated by today's standards. Matrix is a modern attempt, but it's just bad. I doubt that Matrix will actually get anywhere usable in the future.
It's absolutely possible to build such a protocol with high performance, seamless UX, Signal's level of privacy and security, and Discord's level of features. It's just a lot of work to actually build the specifications and flagship implementations, compared to just building a good centralized option.
singpolyma3
It's exactly the same encryption tech, but a bit more trustworthy than signal.
heinrich5991
It's less encrypted. E.g. you'd think that emoji reactions are end-to-end-encrypted (as they are in Signal). But they aren't[1]. I expect similar implementation issues wrt. the encryption in Matrix.
bilal4hmed
can you expand on how its more trustworthy than signal?
candiddevmike
You can validate the code that's running on the client and the server, in theory
dijit
The fundamental difference boiling down to trust isn't in the cryptography; it's in the infrastructure.
Signal is great, sure, but at the end of the day, you must trust them (Signal/Moxie/Wickr/whoever) with all your metadata and communication routing, because you're locked onto their centralised server and their pre-built binary client.
With Matrix though:
1) You Can Run Your Own Server: This is the killer feature. You can host your own Synapse/Dendrite instance. That means your metadata (who you talk to, when, for how long) never leaves your control. It's the only way to genuinely ensure "no communication outside your control." It moves the root of trust from a single corporation (Signal) to you.
2) Client Diversity: Since Matrix is an open standard (the Matrix Specification), you're not shackled to just Element. You can use FluffyChat, SchildiChat, Nheko, or even roll your own client. This prevents a single entity (even the server owner) from having a monopolistic grip on the client-side experience and potential security holes. The security model is federated and auditable at every layer.
3) With Signal, you must trust that the pre-compiled binary they push to your device actually contains the open-source code they advertise. You cannot practically verify it. With Matrix, the architectural diversity and open specification make verifying client security far more achievable and distributing the trust risk across multiple projects.
TL;DR: Signal is "trusted third-party" crypto. Matrix is decentralised, verifiable zero-trust communication. It's the difference between leasing a secure vault and owning the land and building the vault yourself. That architectural freedom is a massive leap in trustworthiness.
EDIT: the pro-signal thought police have arrived! Hi tptacek!
null
I noticed that they renamed the Element mobile app to Element Classic. Has Element X reached feature parity and stability yet? For how long will Classic be maintained?