-
-
Notifications
You must be signed in to change notification settings - Fork 384
instant-messenger: add privacy concerns warning to Riot #1024
Conversation
Deploy preview for privacytools-io ready! Built with commit 5015c49 |
@@ -24,7 +24,7 @@ <h1 id="im" class="anchor"><a href="#im"><i class="fas fa-link anchor-icon"></i> | |||
{% include cardv2.html | |||
title="Riot.im" | |||
image="/assets/img/tools/Riot.png" | |||
description="Riot.im is a decentralized free-software chatting application based on the <a href\"https://matrix.org/\">Matrix</a> protocol, a recent open protocol for real-time communication offering E2E encryption. It can bridge other communications via others protocols such as IRC too. <span class=\"badge badge-warning\" data-toggle=\"tooltip\" title=\"The software is currently in beta and the mobile client states 'End-to-end encryption is in beta and may not be reliable. You should not yet trust it to secure data.'\">beta <i class=\"far fa-question-circle\"></i></span>" | |||
description="Riot.im is a decentralized free-software chatting application based on the <a href\"https://matrix.org/\">Matrix</a> protocol, a recent open protocol for real-time communication offering E2E encryption. It can bridge other communications via others protocols such as IRC too. <a href=\"https://github.com/vector-im/riot-web/issues/6779\"><span class=\"badge badge-warning\" data-toggle=\"tooltip\" title=\"The end-to-end encryption is currently in beta and the mobile client states 'End-to-end encryption is in beta and may not be reliable. You should not yet trust it to secure data.'\">Experimental <i class=\"far fa-question-circle\"></i></a></span> <a href=\"https://gist.github.com/maxidorius/5736fd09c9194b7a6dc03b6b8d7220d0\"<span class=\"badge badge-danger\" data-toggle=\"tooltip\" title=\"Riot sends a lot of data to matrix.org and vector.im with default settings that aren't trivial to change, also with selfhosted homeservers\">Privacy concerns</span></a>" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What data does Riot send? They have opt-in analytics, is there any other issues?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did you click the link, https://gist.github.com/maxidorius/5736fd09c9194b7a6dc03b6b8d7220d0 ?
It has many components that Riot phones home to often, some are mentioned "in a small print" that you have to understand in login screen or settings (even if you cannot change them) or follow some rooms actively to understand and some aren't even mentioned anywhere such as the integration server Scalar.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, I did not see this URL.
Mistake on my end, didn't see the href
for the button.
You know, it might be better to instead of listing Riot list matrix.
Instead of a warning it might be better to have a notes tag:
Btw, this whole comment is licensed under CC0. |
This is being discussed in https://github.com/privacytoolsIO/privacytools.io/issues/1005.
I have been using WeeChat for years and it's an IRC client, not a Matrix client. There is a third party scripts adding Matrix support, but it's complicated to install as it's not in the official weechat/scripts repository (or wasn't when I last heard) and it has depedencies that are not available in Debian Testing (or had a week or two ago). I also don't think I could get my family members to use WeeChat, so I think it gets closed out of PTIO. I cannot think of a good client to replace Riot at this time, but I would be open to PRs adding them as worth mentioning. |
We previously added a warning on privacy concerns in #1024 after Prism-break had delisted Riot and *Notes on privacy and data collection of Matrix.org* was released revealing concerns even with self-hosted homeservers. Today Libre Monde has released another part on privacy investigation on Matrix.org [1] revealing that they aren't GDPR compliant nor privacy friendly and behave shadily such as by announcing removal of data as a result of GDPR request. [2] [1]:https://github.com/libremonde-org/paper-research-privacy-matrix.org/blob/master/part2/README.md [2]:https://github.com/libremonde-org/paper-research-privacy-matrix.org/blob/master/part2/README.md#the-request Closes #1048, closes #1050.
Closes: #1007
Closes: #1004
Closes: #1023 (supersedes)
See also: #840