So, I was told to not use Signal, so all that is left is Matrix. And I am not techy enough to have my own server and neither are my relatives, so Matrix.org is the only option
Probably yes, it depends on your threat model.
If you are using E2EE on a matrix.org account then your message content, attachments (images) and most other traffic isn’t accessible to anyone but the people in the chat. However Matrix isn’t the most private option, it has a number of leaks such as reactions and chat topics (these are being worked on but aren’t close to happening).
For most people Matrix is a very private and secure option and the fact that it is federated is a huge plus. If you want something more secure you are probably looking at Signal (which you don’t want to use and isn’t federated) or Simplex Chat (which doesn’t have multi-device support).
Unfortunately even with E2EE, the admins of a homeserver can still impersonate you or take over your channel.
Of course you could run your own instance, or maybe none of this is part of your threat model, but I felt like bringing it up either way.
even with E2EE, the admins of a homeserver can still impersonate you
No, they cannot. Your homeserver admin could create an impostor login session on your account, but it would be pointless with E2EE, because it would be flagged with an obviously visible warning. You and all of your contacts would see that the impostor session was not verified as you (this typically shows up as a bright red icon on the impostor and another one on the room they’re in). Also, the impostor would be unable to read your communications.
What do you have to say about this then?
In an encrypted room even with fully verified members, a compromised or hostile home server can still take over the room by impersonating an admin. That admin (or even a newly minted user) can then send events or listen on the conversations.
Perhaps we have a different definition of “impersonate”… not everyone will pay attention to unverified warnings, and afaik they can still communicate with people (just maybe not read old messages)… but I would love to be proven wrong.
That isn’t what that document says. It says that they can impersonate you in non-E2EE scenarios. The clients I use warn me when a message isn’t properly encrypted so someone without E2EE keys can’t impersonate someone in an E2EE room.
That being said the general concept is a problem. I would love to see progress where all events from a user are signed by a device key and non-forgable. There is some thinking about this with portable identities (such as MSC2787) where you server is basically just storing and forwarding events but the root of trust is your identity and keys that you control. But none of this will land soon, not for many years.
