It looks like you're having connection troubles. Reconnect now.
01/04/2019 19:51:55
35c3-talk-9400 Latest text of pad 35c3-talk-9400 Saved Jan 4, 2019 |
Hallo Du!
Bevor du loslegst den Talk zu transkribieren, sieh dir bitte noch einmal unseren Style Guide an: https://wiki.c3subtitles.de/de:styleguide. Solltest du Fragen haben, dann kannst du uns gerne direkt fragen oder unter https://webirc.hackint.org/#irc://hackint.org/#subtitles erreichen.
Bitte vergiss nicht deinen Fortschritt im Fortschrittsbalken auf der Seite des Talks einzutragen.
Vielen Dank für dein Engagement!
Hey you!
Prior to transcribing, please look at your style guide: https://wiki.c3subtitles.de/en:styleguide. If you have some questions you can either ask us personally or write us at https://webirc.hackint.org/#irc://hackint.org/#subtitles.
Please don't forget to mark your progress in the progress bar at the talk's website.
Thank you very much for your commitment!
========================================================================
I'm very happy to be able to announce you to welcome you far next talk matrix the current status and you today by Ben parson sake's to the Internet as a means of communication have ever evolved in the last year very quickly in the last year. We started with mailboxes. Some of you might remember. Then there was the IOC and jabber and now we have a whole bunch of messengers installed on our smartphones. Each of them has their own advantages and disadvantages. Today Ben will tell us about Marek's an open standard and he will tell us why he saw the need for a standard and he will tell us how they implemented it. So please welcome back. It was a big round of applause spent stators UUs Hi everybody welcome. So I'm going to tell you about Matrixx and before we talk too much about this I just wan to get a quick show of hands. QI tell me who is heard of matrix before. Wow that is probably everybody who has used metrics Yeah slightly less and who has used metrics and they've never heard of it. Okay so I don't think it's anybody but in fact it's not as bizarre as it seems because the state of the bridges today means that you could be using. You could be using metrics without knowing it. And I'll talk about more about that in the future. I'm going to go quite fast then over what exactly is Matrix because I think I think most of you already will understand this very well. So it's an open standard for interoperable decentralized real time communication. What do we mean by these things. It's interoperable. It's an open standard which means that you can connect different parts to it. You can connect different modules you can connect to other outside services including proprietary services that wouldn't otherwise make it easy to do so. We do this because we're transmitting open standards. We're transmitting Jason over HTP. It's decentralized. It's not peer to peer. You connect to a single server that server connects to a federation of other servers. You don't connect to your friend
's server it's real time. It's not like email. It's a it's a push and it's an on demand service we provide standard HTP API for publishing and subscribing in real time which means it can be used to power instant messaging VoIP web RTC signalling iot communication and anything else that would have been good to transmit over Jason over HTP distributed architecture. So we've touched on this a little bit. You will only with your client connect to a single server at a time. These servers will then communicate between themselves. You will not connect to other servers. The advantage of this which will see now is that in a world where there's fragmentation of instant messaging you've got many different services they're all incompatible with each other you've got friends on telegram some friends some nerd friends onI.R.S. and you've got people all over the place on different services. How do you connect them with Matrixx because of the architecture design a home server sends Matrixx messages between it but a bridge which can go between a home server and an an outside service. With this you can you can send Matrixx messages and a user on the other end doesn't even need to know that there's there's anything happening very secure and privacy focused no single party owns your conversations. The log of all the history is shared between all participants one each participating home server. So I'm not going to get into a lot of detail with this but end to end encryption is essential in a distributed environment. What this means is that the encryption is performed on the sending client and decryption is performed on the receiving client. No server in the process sees the unencrypted data during transit. We have a new double Ratchet's implementation called OMX. This was assessed and 2016 and the results are public and they're very interesting for people familiar with cryptography. End to end encryption presents a new challenge. We must turn on by default. This is the next step. We nee
d to be able to cross sign device keys. This means that if you have multiple devices you have a separate key for each conversation for each device. This turns into a lot of keys and we must improve the UXO for this. This is something that we'll talk about later and it's been improved over the last year. So I know you all know it. I'm going to go really quickly through through exactly how it's used. Sending a message is really this simple. So you send a single Jason object over a rest API and it contains the correct room where you will be sending the message rooms are analogous to channels inI.R.S. and if you compare the previous line to this you can see that sending structured days structured data is very easy because the message content itself is simply a Jason object which we will be sending over over a rest. That means that if you need to send fields or predefined data you can send it over matrix with no changes to the protocol so the server's server API. This is the mechanism by which the servers synchronize data between themselves. This is the essence of Federation really is keeping these servers in in synchronization. They can also what we do what we call backfill which means that they take historical data and fill in the missing gaps in their own history logs and they can do identity processes. Application Services very interesting. They enable bridges and other similar tools. The API is similar to the client server API but it has privileged access on the server. This means that you can have a user it's like a virtual user. It's coming from another location. Maybe it's coming from telegram but to the Matrix user it looks like a real user. So 2018 was bezerk. It was a very very busy year for the Matrix ecosystem. I hope you've been following along but will go through some details now. The goals from the beginning were to finish the first version of the specification. This is what we call our zero revision zero and it will represent a baseline for what the spec
ification looks like. We'll talk more about this but there's been huge progress on this this year as part of this. Getting the reference implementations to look exactly like the published specification is is an essential goal and we'll talk about that too. And then we can do a huge marketing push. Once all these things are done we can say yes this is v1.0 This is a version which we think is that is a stable baseline and we'd like you to start building on top of it. Many things happened. The adoption rate for this year has been tremendous. It's been larger than we expected on a global scale. You it's not. It's yeah it's large as a result. Time has been has been spent on improving the performance of the of the sort of most popular home server which is Matrixx dot org and many improvements have been made to the performance there. There's no longer delays in sending messages and such host server hosting this is a new product coming from new vector from the company behind metrics. This is modular modular it is. We've been calling it matrix as a SAS but I wonder if that's mass or mass SAS. So some internal users we have Web Foundation are using it as their main communications platform and there are there are other people to be announced right now the server size starts fairly large so we need to make that smaller and custom DNS is coming. Actually migration path through existing home servers is already being tested so that is available on Modula. I am if you are running a home server on a domain and you'd like to to have somebody else host it then this is an ideal thing bridges. What a topic this is this is there are so many bridges. Part of the problem with the eco system today is that there are a hundred different ways of communicating. And while this is wonderful having some consistency is really helpful so this is a sort of zoomed in diagram from what we what we saw earlier. Notice how structurally the bridge looks in the diagram like a home server it could. It preten
ds to be this in order to be able to communicate back to the other servers. No James is a very popular Stac for this of course there's no reason for it to be no Jair no reason it has to be no gesse but it is the most popular baseline for the stack. So I see I see that probably the most popular bridge in terms of the users of Matrix I see was a hugely popular platform before performance issues in the past are I I'd like to say in the past it right now I'll see performance bridging two metrics to org is extremely fast. We have somebody working full time on bridges and an huge amount of his time has been spent this year improving this performance stability. No more Massari Gines and a new feature replies supported natively on the metric side live purple. So this is a brand new library started from scratch this year created to support protocols available through labor. Course the number of records through purple is itself a lot. So this enables a whole new world of bridging help discourage new maintainer many many fixes before formants discord is we're seeing a lot of people who want to use Matrixx who are currently using discord. We're finding that it's a major place where people are moving away from their current product. And yeah we've seen a big uptick in usage of the bridge this year. It's now a version of point three slack. Slack has been again updated well written rewritten with a new version that uses event bridging this is using Slack's own APIs and if you're hosting this on right I am then it is a single click it is just a case of adding your room bridging is instant and and message passing is instantaneous. Gitter I don't have the specifics but huge amounts of performance improvements this year. Ex MP This is the big one of the weekend so this is a real thing now. Ex MPP is being bridged live there is a live SNP mark running at will you've got the address there. We have. This has been developed pretty much at the assembly where we've been sat for the last thr
ee days and yeah huge thanks for X MP Fev ex MP P folk for getting involved and giving advice on the set of of the server and please please come and chat to us. If you're using X MPP and are interested in bridging this I know that that's been a huge thing thank you still more. There there are many there are many bridges some of the notable ones that people are getting a lot of benefit from whatsapp. Brand new this year using their API Mastodon bridging and Stillmore. I'd love to list a lot more but there are there are many I'd recommend checking out Matrixx the org or coming up to us at the assembly Foundation. This is a brand new community interest company set up in the UK this is designed to separate concerns between the consultancy work which is being done by the creators of metrics and the ownership and stewardship of the matrix protocol. This would set up this year and it's still in progress in certain things. So the transfer of property and the articles of association. I think has articles of association are done or certainly progressed. Intellectual property is in the process of being transferred. I know that this was a huge topic for some for some people. Yeah and I hope that it puts to rest any any concerns about the the conflict of interest in stewardship of the metrics protocol specification so this is sort of the big one. This is the elephant in the room it takes up so much time to write a specification in public for something which is going to be used for many different use cases and implemented by people who have have all kinds of ideas about how things should work. Specht progress. This was a known Bocking that for the adoption. We have a single home server. This is a matrix. This is sign ups but what we'd like to see is an ecosystem of more home servers in the same way that we experience an ecosystem of clients today. There are there are other home service in production including dendrite but we'd like to see more more from the community and we would
think that once we have a version of this available then we should see more Federation API. So this is the server server API. It's expected in January but client server API very stable lots of clients in use. Lots of work already being done on this application server API so this is for brought some bridges also already ready and I think this link will take you to the public project where weird we are watching the watching all the issues related to the spec slowly move from the left of the screen to the right of the screen as more more progress gets done. It's just a terrific amount of work and actually this is this is even an old image that I haven't updated progress on cine apps or time so sign is the reference implementation of matrix. It is written in Python and it represents 99 plus percent of active ham servers. It gets regular incremental performance and security improvements and this is over the last year led to a big increase in performance on metrics dawg. There's no longer problems with message sending times it's much less resource hungry than it ever has been and the installation and maintenance is improved. Lots of work has been done by the community in providing Dokka and ansible methodology is to install. There's never been a better time to install sign ups even. Of course I would say that it's also now available in Python 3. This is the default installation method. So yeah that in itself has given big improvements. Right. Right. I'm sure you know right is the most popular client it also serves as a reference implementation for what the client server API can do. However the current design is not always attractive. We get a lot of complaints about the ex in particular people who seem fixated with the problems with the colours. Apparently they're not right. This will be improved people this year. So people have very strong opinions about about messaging software and one one thing that we kept coming back to was people like the design of slack. It's func
tional. It's simple people like that. Let's just pay attention to what they're doing it seems to be it seems to be a good Unix. So right what right will be the flagship right is and will be the flagship glossy client. It will represent the most complete implementation of the of the client API and other clients will be available to taste. Big progress with this redesign on the web. If you check out right I am slash experimental or if you're deploying your own right. Just check out the experimental branch. This is a dangerous thing to be doing on your own server. Check out an experimental branch but this is available now and it's very stable. Looks great. Looks much better. Looks much more clean much more accessible for a less technical users. People who want just something that's going to be streamlined and work and improvements on Android end. IOW as well yeah. You keep signing this is this is this is a real problem because as we all have heard before if you have great end to end encryption that's good but you need to be able to do that for multiple devices. Riot enables this. But if you have to move keys between devices and you're expecting people to compare long hex streams users will eventually get used to just clicking okay to everything which does more harm than good. We will improve the X on this and you should look for this in Riot's soon I don't have a slide of this but you should see the results of this research. Right. Brand new Android STK. So this is going to be written in Coplin. No more Java. It's a reimplementation of Riet using the S-T new STK. Some of you may have seen the AP Kayes floating around. I've been using it and it is super fast so fast to do everything. Especially sinking the project from this year. So new work with the French government so Dinn sic I I took out the meaning of the abbreviation because it was a slide on its own it's a very long phrase and I don't speak any French but they are deploying a private Federation of Matrix ham ser
vers. What we found in terms of scaled rollout for this product is decentralized organizations they like decentralization in their in their software in their in their software architecture. What we find is that different departments have different ideas about how things should be configured. Different ideas different departments don't necessarily get along with each other. Talk to each other so government and academia really get the benefit of a decentralized architecture in these times. They can have different settings for everything. Even security a antivirus severity. So they've developed their own Forker right now available on these gavelled now available to them. IOW Android and Web they are Leive and we are expecting them to rollout faster next year. Client ecosystem explosion. So I think it's fair to say that it's been a very good year for the client ecosystem there's been a huge number of new clients built. We've also seen feature completeness improving on a lot of different clients. So yeah there's just yeah it's fantastic. How many people want to get involved and want to make new clients. In particular you know you get the competition between our who's using cute who's using GSK who's using a web thing who doesn't want to be using an electron almost everybody. So there's there's a there's a lot of different ideas about how clients should be implemented and as much as it's important to get the extra right. Right. It's also important to remember that people want their own clients they want to be able to do their own things. So turning on it's written in cuty looks like a cuty app. However the creator is also the creator of luky matrix client which supports many projects including spectral which is great. This is the kind of thing that an open source ecosystem can power. We take the library from a previous client and use it to power a much better looking new client. This enables the developers of spectral to focus on things that matter to them which is you X
and it works great. SIEGEL us native Mac OS clients so it's really important sometimes to have to give people a native client for their platform. Maybe Mac OS not the most popular for this crowd but it is it's really important to have all the features available to people who want them. It's also got eata into support which is quite early in the development process for them fractal whatever the cuty guys have the to K guys have to have. So if you're using Gnome then there's a g to k reste client huge fantastic community I mean I've said rapidly evolving Strutt community it's really really friendly these guys they're meeting they go and how advance. They're making really fast progress. They're even having some really interesting ideas about how the future of messaging client design should be. And they're also providing a new library for end to end encryption which is pure rest. So this is going to be going to be really helpful. They are also going to be deployed on the new purism phone which I gather is this year's product. Yeah that's if you've preordered that then you'll you'll get a copy of fractal running on there and you'll have a matrix client going mux. It's always useful to have a command line application. So if you're doing logging or even if you just want to sit and have just the command line open or for any other reason it's super helpful to have a have a terminal client. I also love with go just how easy deployment is. Just go get go. And you're running with one command superpowerful fluffy chat. So this again strong communities there's two clients for Ubuntu touch which is which is impressive for the for the relative size of the ecosystem. Our fluffy chat is is it great looking and productive environment. There they are in the process of implementing etui right now as well. Still are Oh my goodness there's a lot so Komei using Java effects. Of course there's an inevitable emacs client matrix client yell. It's going to be their own simple matrix and new fr
om scratch client in andred this is using no libraries from right. This is using purely a matrix API wrapper written in Java. So this is really exciting to see competition in that market. I only found out this week about us Giller scalar which is a new web app now. Yeah and there's more stuff to the mature stuff. What else we Guk Summer of Code Google sponsored one Google incredible amount of sponsorship but they sponsor two students working with the core team one added E3 bindings for the python STK which means that anything any client side application which is built off the back of Python is going to get the benefit of those those once they're integrated. Another brought dendrite back to well what brought D'Andrea back and is is now on track for for real software development. So we should see Dand rights progress in 2019. If you don't know dendrite is a new server written in go it's the next generation home server to go alongside sign apps. The gnome products them Gnome project had two students working on fractal as I say Franscell just phenomenal progress in 2018 lazy loading sinking initially can be difficult and it can be expensive because you're downloading a terrific amount of room state to go to go setup your initial state to the list of members if it's more than a few thousand or that that can be potentially huge. This can easily be solved pagination of of the of the member list. And yeah what we've seen is an initial RAM usage in riots around 6 x which makes it makes massive improvements for anybody using a large account. State resolution state resolution is phenomenally complicated as a mathematical topic and I don't even pretend to get into it. However there is a new algorithm designed to test to solve previous problems with this view of the state should be consistent across all servers. It's a simple thing to say but it's the fundamental part of Federation which many many projects will struggle with. If the if there's a fork the state has to be resolved
from two conflicting points of view. This is exactly what the new state resolution algorithms are designed to do. What's next. There's a lot's been done. Most of this will still be continuing but what else have we got. Danja rates. This is the go server aggregations to be added to the spec. This will allow reactions as you see in things like I checked only one message I guess. Face it Massinger does it as well editable messages so aggregations are everything in matrix is a is an ongoing list of events aggregations will allow you to refer back to previous events and make it edits to them threading. So this is something again people want the features that slack and other proprietary products provide. Threading can can enable this decentralized to nomadic identity. If you've got multiple accounts on different home servers you need to be able to merge those and device crustily device and can't come soon and soon enough. Oh what's next. So thank you Fuster so now we come as a Q and A. So there was a lot of input but we have a chance to even ask more questions for everything which is missing the flight. If you ask a question please come to our mikes this is a first people are already there. For those in the mikes too important information equestrianism generally one sentence long has a question mark in the end. Second if you speak into a mike speak closely to it not like that we won't hear you like you didn't hear me now. And for everybody who wants to leave because they have to go somewhere please do this really really quietly. Thank you very much. So we'll start with Michael from number two here in the middle. Hello thanks you very much for the talk. I have one question for the authentication of the servers. If you choose one public server authenticate this and for some reason this server vanishes. So I can't read it anymore. No one can talk to me is the idea that I admired a different public server and authenticate the third party. Yeah so I mean this would be this wo
uld be part of decentralise identity. What you're describing right now. It would be like losing your email address. It would be quite fundamental. The problem that we face in order to solve this is we must first have a way of linking to Matrixx accounts or possibly third party ideas from other sources. In a way that is reliably agreed agreed about across the entire Federation. So it is something that is in mind. It is not something that has been Specht I should say that we have a new proport spec proposal process which is something that's been been developed this summer so I recommend that if you have ideas and need for that particular use case then making a new proposal even if it's just a request for doing that. That would be the way to do it in mind but I don't think it's been been specked out yet. Okay the next question we take from is the Internet. Oh yeah they already a lot of questions many about the cryptography. There's one quits which is talking about broaching so basically how's breeching working for example. If you have encryption then you have a bridge too. I don't see any compromise. So at any point without with bridging if you are let's let I see at the point where you where you send out the data to be to be received by the RC server. No it would be. It would not be yes within the network. It is end to end encrypted. Outside of that then there are no it's that. I hope that's clear next Chryson macro for number four. Thanks for all the talk. Where can we find information about the state resolution algorithm. So I recommend they probably the fastest and easiest way is to go back to the blog. There has been some discussions about it on the blog. If not we should be linking it from the doctor page but please find me because if you can't find it on the blog on Matrixx dot org then then we should link to it better. Thank you Michael for number three. Yeah thank you very much. Do you plan on improving your research of proxies or especially tor both right bec
ause at the moment there are a lot of problems. For example there is no UI for proxy configuration you have to boot parameters on the command line and I tried on both doesn't work. Please click on that and also write up the mess when you do all VOIP calls of all proxies. Do you plan on improving that. So so in general the short answer is we plan improving a lot of the configuration of rights because as you say most of it is command line switches at the very beginning. I am sorry to say that I don't have visibility on exactly the features specific features of write I recommend during the right dev Chow too to talk about that I'm sorry for not having my information but in short it's configuration options are something which would need to get more attention. Next question from Michael from number. So this year I have heard that the ADF has been working on the whole messaging layer security working group thing and they've heard that the Matrix team is pretty heavily involved with that. Could you speak to that at all. AR I'm not sure what's been done with that. It's a fun working group they're doing a lot of Federation stuff with a bunch of different messaging systems and it's this is related to activity and so on. It's a lot of that kind of stuff. But yeah I'm sorry I've heard Medders people were involved in it somehow but not to my knowledge come after it. I'm sorry for not having more information on that. Okay we have another question from the Internet. This one user asks What's the best way to get into Matrixx for mix users currently the best way to get into Matrixx for emacs users currently is to use Matrixx client. The Emacs community is rabid and excitable and gave me a crash course in using emacs. When I when I needed to figure out how their client implementation worked so friendly guys but rather religious AK Ragen from number two I've been using gateway worth haggling and a notice the speed improvements that didn't seem to get much Sprouter but Hagglund is shut
ting down their gateway at the end of the year and they're also saying that we should not use the main Matrixx gateway and have some I think three specific reasons. I wonder if it sounds from Rennard like maybe you've heard of this movie to addressed some of the reasons why it's coming so so so I don't know about the three but the two reasons that I understood were performance in general which I think was spoken to and it has improved but I know that the frustrations that they had were very real. The other concern that they have is something which has now Vince is is beginning to be Specht but it was not at the time when they had their complaints and that relates to customizable message retention. One of the features of metrics is that the whole history of forever is potentially stalled. This is something that they were not happy about. It's a fundamental part of the specification however it can be changed so that we can add customizable per message or per room or per customer level retention policies. Of course this is difficult over federation because you have to trust what is being done on the next server but if you are if you are able to do that then then you can have custom custom retention policies. So yeah I would love to see it back back breaking with metrics. Microphone number what you seem to be happy about having a huge close it is the make please you're having a big ecosystem of clients. Will it be possible for clients to implement features that only work with specific clients. Is it something you want to have. Or so yeah this is an interesting one so the question was we were very pleased at the number of new clients and the number of new things that are coming out. I think I think your point really is that they're all essentially they're all essentially chat clients. They will have that functionality would we be happy to see use of custom fields in order to enable different client ideas. Absolutely. So there's there's actually a few examples of that out
there already so we have people who've made blog engines built on metrics using custom fields people who've used they've made like slides. So you type into a matrix room and it produces a slideshow from this. Yeah absolutely. You could do different things with different clients. It's just a view on to a room client. At its simplest. So yeah having custom fields is a big part of it being able to send structured data gets half the value. So yeah make friend number two I think you. How has the governance structure for the new matrix dorg Foundation and how do you ensure like a variety of businesses and there that are not the originating team. Great. So I mean one of the simplest way to do this is to get people who are not in the community and are not part of the team into the into the governance structure so there is a board of what they're calling guardians. This is people who pledge to to protect the spec and to keep it free of commercial interests and make sure that it's a neutral communications protocol. In terms of the specifics of the legal stuff I strongly recommend checking out the substantial blog posts that have been posted about this because they should clarify. Yeah a lot of specific points. If you had other specifics then maybe I could speak to it but it's a lot of legal detail that is quite well covered in my opinion. Microphone number 3. Since I am currently in the process of developing I was client I very much would love to hear more details about how you plan to improve the encryption you X because currently that variable. We were struggling ourselves. Okay yeah it's a huge challenge. Yeah yeah that's great that you're developing a new IOW client. That's really cool. I'd love to know kind of what what API is from Apple you'll be using for that because I know that they focus a lot more on s than on Mac OS which has been a problem for for the sea glass team. Yeah so one of the things is is comparing images or comparing shorter strings. The other option
would be to have incremental backup of keys but we haven't actually release any designs around that yet so please contact me and just tell me more about your IWK would be really useful. We could talk person. Yeah think so what's there. Thank you. Okay we have time perhaps for one or two more questions so make up for a number of things combinatoric. We talked a lot about. Do you know there's other of beauticians running over metrics. Yeah I mean so so there are sample bridges for all kinds of different things including some microcontrollers. I've also built a yet to be released sort of demo for for Mozilla's Internet of Things gateway. So yeah there are there are different different things out there. As they say there's software for making blog posts. There's software for Mastodon bridging is not strictly. It's not strictly chat I suppose. So yeah I'm not sure how many examples there are but there's no there's nothing stopping anybody who needs to transmit structured Jason using it for anything else. Messaging is just the most obvious thing. Okay time's up. I'm sorry for those who still have questions. You can just come up afterwards and perhaps talk to him in person. And yeah so let's finish this was a big round of applause for Van.
