Skip to content
This repository has been archived by the owner on Jun 24, 2022. It is now read-only.

instant-messenger: add privacy concerns warning to Riot #1024

Merged
merged 1 commit into from
Jul 17, 2019
Merged

instant-messenger: add privacy concerns warning to Riot #1024

merged 1 commit into from
Jul 17, 2019

Conversation

Mikaela
Copy link
Contributor

@Mikaela Mikaela commented Jul 11, 2019

Closes: #1007
Closes: #1004
Closes: #1023 (supersedes)

See also: #840

@netlify
Copy link

netlify bot commented Jul 11, 2019

Deploy preview for privacytools-io ready!

Built with commit 5015c49

https://deploy-preview-1024--privacytools-io.netlify.com

Closes: #1007
Closes: #1004
Closes: #1023 (supersedes)

See also: #840
@@ -24,7 +24,7 @@ <h1 id="im" class="anchor"><a href="#im"><i class="fas fa-link anchor-icon"></i>
{% include cardv2.html
title="Riot.im"
image="/assets/img/tools/Riot.png"
description="Riot.im is a decentralized free-software chatting application based on the <a href\"https://matrix.org/\">Matrix</a> protocol, a recent open protocol for real-time communication offering E2E encryption. It can bridge other communications via others protocols such as IRC too. <span class=\"badge badge-warning\" data-toggle=\"tooltip\" title=\"The software is currently in beta and the mobile client states 'End-to-end encryption is in beta and may not be reliable. You should not yet trust it to secure data.'\">beta <i class=\"far fa-question-circle\"></i></span>"
description="Riot.im is a decentralized free-software chatting application based on the <a href\"https://matrix.org/\">Matrix</a> protocol, a recent open protocol for real-time communication offering E2E encryption. It can bridge other communications via others protocols such as IRC too. <a href=\"https://github.com/vector-im/riot-web/issues/6779\"><span class=\"badge badge-warning\" data-toggle=\"tooltip\" title=\"The end-to-end encryption is currently in beta and the mobile client states 'End-to-end encryption is in beta and may not be reliable. You should not yet trust it to secure data.'\">Experimental <i class=\"far fa-question-circle\"></i></a></span> <a href=\"https://gist.github.com/maxidorius/5736fd09c9194b7a6dc03b6b8d7220d0\"<span class=\"badge badge-danger\" data-toggle=\"tooltip\" title=\"Riot sends a lot of data to matrix.org and vector.im with default settings that aren't trivial to change, also with selfhosted homeservers\">Privacy concerns</span></a>"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What data does Riot send? They have opt-in analytics, is there any other issues?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did you click the link, https://gist.github.com/maxidorius/5736fd09c9194b7a6dc03b6b8d7220d0 ?

It has many components that Riot phones home to often, some are mentioned "in a small print" that you have to understand in login screen or settings (even if you cannot change them) or follow some rooms actively to understand and some aren't even mentioned anywhere such as the integration server Scalar.

Copy link
Contributor

@ggg27 ggg27 Jul 15, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, I did not see this URL.
Mistake on my end, didn't see the href for the button.

@ggg27
Copy link
Contributor

ggg27 commented Jul 16, 2019

You know, it might be better to instead of listing Riot list matrix.
You could them change the description to:

Matrix is a decentralized free-software protocol for real-time communication offering E2E encryption. It can bridge other communications via others protocols such as IRC too[1]. A full list of clients is listed here. We recommend using a free software client with E2E support like Riot or WeeChat.

[Matrix Logo]

Instead of a warning it might be better to have a notes tag:
<a href=\"https://gist.github.com/maxidorius/5736fd09c9194b7a6dc03b6b8d7220d0\"<span class=\"badge badge-danger\" data-toggle=\"tooltip\" title=\"Riot sends a lot of data to matrix.org and vector.im with default settings that aren't trivial to change, also with selfhosted homeservers\">Notes</span></a>

  • Just a thought

Btw, this whole comment is licensed under CC0.
Except for the 3rd party names such as Github, Riot, WeeChat, and Matrix.

@Mikaela
Copy link
Contributor Author

Mikaela commented Jul 16, 2019

You know, it might be better to instead of listing Riot list matrix.

This is being discussed in https://github.com/privacytoolsIO/privacytools.io/issues/1005.

WeeChat.

I have been using WeeChat for years and it's an IRC client, not a Matrix client. There is a third party scripts adding Matrix support, but it's complicated to install as it's not in the official weechat/scripts repository (or wasn't when I last heard) and it has depedencies that are not available in Debian Testing (or had a week or two ago). I also don't think I could get my family members to use WeeChat, so I think it gets closed out of PTIO.

I cannot think of a good client to replace Riot at this time, but I would be open to PRs adding them as worth mentioning.

@privacytoolsIO privacytoolsIO merged commit 6291bdb into privacytools:master Jul 17, 2019
@Mikaela Mikaela deleted the riot2 branch July 17, 2019 11:53
jonaharagon pushed a commit that referenced this pull request Aug 3, 2019
We previously added a warning on privacy concerns in #1024 after
Prism-break had delisted Riot and *Notes on privacy and data collection
of Matrix.org* was released revealing concerns even with self-hosted
homeservers.

Today Libre Monde has released another part on privacy investigation on
Matrix.org [1] revealing that they aren't GDPR compliant nor privacy
friendly and behave shadily such as by announcing removal of data as a
result of GDPR request. [2]

[1]:https://github.com/libremonde-org/paper-research-privacy-matrix.org/blob/master/part2/README.md
[2]:https://github.com/libremonde-org/paper-research-privacy-matrix.org/blob/master/part2/README.md#the-request

Closes #1048, closes #1050.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants