Skip to main content

"we fund Matrix dev by selling encrypted messaging to governments, which includes police: if you don’t like that then please feel free to use a different app" May 9th, 2023 -@element

Element really just told us if we don't like their direction of selling services to cops we should use another app. This is seriously the direction they settled on.

reshared this

I just tooted about my use of XMPP & Snikket...
@alcinnz The same XMPP that's famously used by US military?
@ar I'd say there's a difference: Matrix as an organization is specifically courting cops.

If XMPP's devs didn't prod the US military to use their tech, then I don't hold this fact against them. That way lies madness!
@alcinnz Ok, so which xmpp server software do you (want to) use, if you want to draw that line?
@ar I don't believe Prosody or Snikket has crossed that line, but honestly I haven't checked.
@ar btw if I opposed software which someone is selling to the US military, there's WindRiver Linux...
Well now we know why they changed their name from Riot to Element. Can't have the app be revolutionary themed if your actual audience is the fucking cops
A lot of their revenue has been government contracts for years, hasn't it?
So not shocking they'd go along with police involvement.
Nextcloud also gets a large amount of its funding by selling support to governments, schools, and military. Another way to look at this is that governments are funding highly secure FOSS that we all can use.
"It's open source, so anyone can use it", is different from, "We support local governments who use it", which is again different from, "We went to a police conference to advertise our services".
OK, so let's have 'em all give our tax money to Microsoft. 🤦🏽‍♂️
@downey A major reason for encrypted communications is to keep out police and state security, who have a strong interest in subverting the integrity of encryption. Anyone developing a secure communication tool would be conscious of this. To actively seek to market to police is an implicit betrayal of everyone who supported and relied on the project.

And just in general, you don't collaborate with police.

wakest reshared this.

Are you aware that government employees regularly participate in infosec events? And that >40% of the Tor Project's annual revenue comes from governments?
@downey It's a huge problem with the infosec community, and it's why I'd only recommend the use of Tor very conditionally.
@foolishowl @downey
always same, technology is bought by capital to protect capital via police state and miliary, inbuild ethics for the people needed
@foolishowl @downey If you're gonna discriminate encrypted free/open messaging tools by "has been used by state" or "its developers have helped the state use it", your list of "good" IMs is going to be a lot shorter than you want to imagine.
@ar @downey Basically Signal. Probably.

Another issue with Matrix is how it's de facto centralized under the control of Element, the company.
@foolishowl @downey Signal doesn't support any kind of federation (at least with the official app, and the only official server), even though they (used to) claim that it's possible to enable it in the protocol, so it is actually centralized.

And relies on phone numbers as user IDs, which is, like, wtf?
I didn't say it was flawless. Just that it doesn't work with states.

This entry was edited (4 months ago)
@ar @foolishowl @downey The list of good IMs is tiny, I think it would only exclude Matrix unless the XMPP users are hiding something right now
This entry was edited (4 months ago)
@luna @foolishowl @downey ejabberd is/was used by various military forces is the west, so :blobcatshrug:
@ar @luna @foolishowl @downey there is a lot more server choices other then just eljabbered tho and thats not the case with Matrix there is pretty much a single point of control in the network. Matrix/Element also controls all the links and most of the groups are home servered on
Don't worry. Everybody will flee to Discord.
Yeah, I definitely feel VERY free to use a different app and also to let anybody who uses their app know this aspect. I dont see how it is remotely ethical to do business with law enforcement industrial complex, the whole point is that the massive amounts of money in it are fundamentally corrupting.
wasn't it the direction from the beginning on? Chasing the shiny VC money no matter what?

Content warning: yelling (not at you OP)

Content warning: yelling (not at you OP)

Content warning: yelling (not at you OP)

Content warning: Yelling (not at you OP)

@theruran @alcinnz Do you have any knowledge as to where the bulk of funding is coming from for those who are supporting the XMPP ecosystem? @tigase whats your funding model look like?
Whelp, guess what just got uninstalled!
Something else about Element I've never seen much comment on but always really bothered me is this - why is it ok that the mobile app for a supposedly privacy-centric messenger is collecting all this telemetry?
Screenshot of the privacy report for the Element Messenger app from the iOS App Store, showing lots of invasive telemetry collection
@theruran @alcinnz @tigase XMPP servers are cheap and easy to set up. The core software has been around for decades. Several proprietary chat services started as XMPP, then defederated, most famously Facebook Messenger and Google Chat. That's probably where most of the initial funding came from.

Adrian Cochrane reshared this.

I don't know what "Element" is. I am enjoying that this is the first quote-post I've seen on Mastodon.
As far as I can tell, the XMPP project themselves do not have much more of an internet presence than what I'm managing on the side.

So I believe right now their funding is very meagre, relying on the sort of opensource contributions which have brought others so far!
This entry was edited (4 months ago)
TBH I am very torn on this.

1. Even a non-profit has fund itself somehow. Public funding and government contracts make sense.

2. The alternative for non-US military and/or police would likely be to use one of the big messengers (e.g. WhatsApp) or buy from a company that does "security by obscurity".

In my opinion: Police/military will use some kind of messenger anyway. I would prefer if they used one with less backdoors and more security.

Of course it could happen that police and Matrix get all warm and cuddly with each other. This is definitely a thing that makes Matrix less trustworthy.
@wakame @˗ˏˋ wakest ˎˊ˗ @Element Like others have said:
Accepting police like any other customer: Ok, fine.
Actively reaching out: Bad optics, risk for compromise.
It's hard to find a tech company whose C-Suite won't jump into bed with anyone with cash. I'm looking forward to when we've moved on to whatever is after this phase of capitalism.
no back door required if you are shipping the data out the front door on purpose.
... motherfucker

Okay, gonna phase element out of my ESL volunteer work I guess
If talking about being in line with fedi culture, I'd say ( deserves an honorable mention for implementing secure messaging over the existing email network.
like @jalcine said... a horrible hill to die on.
@foolishowl @theruran @alcinnz @tigase in terms of ongoing provider costs, the server side is so lightweight as to barely register.

I provide XMPP messaging for Chinwag users automatically alongside their Fedi service and it's barely a blip in the stats compared to something like Mastodon.
Just read the article. If I understood correctly, they seem to mean that they're selling services to help maintain servers, like live chat and such, and NOT that they're selling individual messages to governments.

A very poor choice of words there. I couldn't pick a worse set even if I tried.
@theruran @alcinnz @tigase

Sorry to pop everyone's bubble but XMPP is also widely used in police and military applications. People need to be a bit more realistic about the dual-use nature of internet and computing tools.

It's a bad look to be advertising your cooperation with cops and fully mis-reading your audience here. Also, I do not condone it. However, to the audience: what did you expect? Secure communications is first and foremost a defense industry need.

If use and engagement with police and defense is your standard for whether or not to use a particular set of tools, then do I have some bad news regarding all of open source for you!
Police/Military/Government is the only major source of funding for encryption tools and encrypted messengers

Be it Element, Conversations or GPG. No one else is willing to pay enough

Refusing to sell would harm the free software project, but would do nothing against the police using matrix. It's free software after all and they can use it without any support contract. And some governments do exactly that

This is a situation where you can't win either way. Fuck capitalism 🤬
so which is it in the end? I see contradicting retoots. Do @element sell chat logs, or chatting devices to governments / police ...? It's indeed quite not the same.
oh my god that's the actual quote wtf
@theruran @alcinnz software licence ( and technical support (

Tigase is almost completely FOSS/AGPL (save for advanced clustering) and can be deployed and used as such.
its a good reminder to work out better community funded and accountable models.

"Open source" isn't a funding model.
That's both horribly worded (I understand what they meant, though) and hilarious. Matrix's UX is so bad (probably because I tries to mix IIRC back compat with E2E encryption) I can't imagine an org actually paying for it. But now that I think of it none of the other enterprise chat apps (Slack, Teams, Webex, etc.) have E2E
@rra @theruran @tigase I find it unfair to judge devs by who are using our software, we might need to accept uses we disagree with to do the most good. (I don't disagree with private software, as long as those who use your software gets the Four Freedoms).

I think it is totally fair to judge us by who we're engaging with!

Personally (privileged) I can't get all that worked up about 1312, but I see the counterarguments missing the mark.
@theruran @alcinnz @tigase Most XMPP software is developed by individuals like @daniel without millions of VC funding. And they still manage to release modern features (Conversations and @dino released native A/V calls before #Element did) all while complying to current internet standards (instead of inventing yet another incompatible messaging protcol) and building on native UI libraries (instead of Electron bloatware). #XMPP truly was the right answer to instant messaging all along.

Brie Mmm reshared this.

I prefer #xmpp but I don't get why this causes so much flap on the fediverse. Matrix is selling their messaging as a business model and also sell it to the police, so what?
I know what the police is. There might be bad cops but in general they are doing an important job.
@liaizon @element
Are any servers "de-federating" because of this?
@cel I would imagine there would be if more people knew this happened. I think my post is the biggest blip this has made as far as I can tell
Do you have something against public services using FLOSS software? AND financing a EU company for developping it ? What about the French Gendarmerie using Linux for Years? Would you criticize a company that would maintain and develop linux distribution for them?
Usually the alternative is to use a service from the GAFAM, so I think what Element does is more than OK.
@crashglasshouses @foolishowl @downey Not really? With XMPP and Matrix your messages are stored and forwarded on your server, and on the other side's server, but since Tox, by design (at least at the time) had no concept of servers/proxies, there wasn't anyone to store "in flight" messages for you.
@ar @foolishowl @downey welp. that's the same problem XMPP has, and to some degree, Matrix as well. blargedy blarg.
@crashglasshouses @foolishowl @downey Last time I tried Tox, moving the same account between devices wasn't a thing, and message didn't get delivered if sender and recipient weren't simultaneously online at the same time. I get why it behaved like that, but it just pushed it beyond the edge of usability for me.
@crashglasshouses @ar @foolishowl @downey thats a client issue thats quite easy to fix with just showing a profile picture in the corner of the client app. some apps support this already
@ar @foolishowl @downey i was talking about moving accounts between devices. Matrix isn't as bad, but XMPP makes it difficult to tell which session you're using if you have multiple.
@crashglasshouses @ar @downey Gajim for instance. It's one of the reasons I prefer it to Dino.IM
@rra @theruran @alcinnz @tigase IMO there is a huge difference in having the police use your software and the police being part of the funding of the main software provider for a protocol. The former is obviously something you have no control over. While the latter can cause reliance on the police and give them influence/power over the direction the protocol can move towards.

#xmpp #jabber #matrix
@stevenroose @rra @theruran @tigase If you go out of your way it's possible to control whether the police/military use your software, but often that'd prevent a lot of good from being done too!