Iβve been working really hard to research and rank messaging apps by their privacy. The more green boxes the better.
I plan to turn PrivacySpreadsheet.com into a place for privacy data on everything from cars to video games. Itβs all open source too on GitHub.
Not trying to advertise, I just put a lot of time into researching all this, and I want to share it since I think others could benefit.
Iβve been using Matrix for years, but now only as a replacement for IRC. The encryption key handling has always been cumbersome and flakey, and too easily broken by users. Not compromised βbrokenβ, but locked out βbroken.β Itβs been like this for years, and while the UI has improved, itβs still too hard for casual users to confidently use; Iβve given up hope that itβll ever get to a point where I can recommend it to friends who donβt give a fuck how it works, and who arenβt interested in spending a half hour figuring out how to set things up - they just want it to work. So many encrypted messaging systems have done this correctly, I dispair that Matrix canβt (itβs a common issue with all clients, so I blame the design of the protocol).
Edit oh, I also wanted to say Iβd also been disillusioned with Matrix when I realized I couldnβt run my own server. That is, I technically could; I just couldnβt afford to. Synapse is a hot mess of a server, but it also just pounds on the CPU and requires massive amounts of disk space (over time). Matrix is designed such that all content for channels joined by any user is replicated to the userβs home server. Itβs a questionable design decison, at best, but a consequence is that regardless of the server software, the storage requirements make running a home server cost prohibative. Compared to, say, running an xmpp server, which could be done effectively on a Pi.
Replicating all chat history + attachments provides a lot of resilience to the network from a node going down, but at the cost preventing to the home lab user from practically hosting a server which just means everything centralizes around Matrix.org, & when anyone on Matrix.org chats with you or your group, that metadata gets synced back to the central hub server once outwardly funded by Israeli intelligence.