m4d4m on Nostr: Today I updated my Matrix server because of a fix to mitigate a signing-key ...

Today I updated my Matrix server because of a fix to mitigate a signing-key compromise in Element Server Suite (ESS) by ignoring the affected key by default.
For my rooms, this means a migration, and after that everyone sees: "This room has been replaced and is no longer active."
The only quick, meaningful explanation of why this message is displayed is to be found here:

https://forum.torproject.org/t/tor-project-matrix-room-upgrades-coming-next-week/20536.

It's funny; the average user has no idea, everyone just clicking on it.

In effect, this also means old messages can't really be deleted anymore. That's only possible in the currently active room.
Also, if the room is private, users cannot migrate on their own. An admin must invite them one by one.
Manually, there is no script.

In general, I realized a few more things:
Communities are in the documentation but aren't used anymore; there are Spaces instead.
And Spaces don't have any (non-technical, user-facing) documentation on Matrix . org.
Rooms can't be migrated between Spaces and standalone rooms easily anyway.
(At least in Element, I couldn't figure it out, maybe it's client-dependent for now.)

Not to mention: the biggest hurdle is still identity (MXID) in Matrix, which is DNS-dependent. DNS is a scam, a chokepoint of rented addresses.
Resilient, DNSSEC provides nice protection against response tampering, but that's it.

@username:sub.domain.xyz. That's all. If the server where you create the account isn't hosted well, you're cooked the moment the identity is created.
Stolen, seized, or expired domains. Or just the fact that, along the DNS chain of command, there's usually a SPOF, with a single person holding the credentials.

This is something Nostr definitely handles better.

quoting
nevent1q…peda

Signal may not be perfect.

But every single time I use anything different, it remind me how clean the UI/UX is.
And I hope they won't change anything about it at all.

For example, started few months unused Matrix client, the Element:

+++ does work with VPN, alias email service, no questions asked, no phone verification

- there is left bar menu, opening one submenu, with Home and rest of whatever call it, rooms?
- this Home opening sub-menu People/Rooms/System Alers chats
- some rooms are only visible under Home, while some in left menu, idk why
- there is a division between rooms and space - can't understand difference
- Almost 3/4 of rooms have now the message: This room has been replaced and is no longer active. But why, some large upgrade?
- if I do not visit every room and migrate myself into new one, I'm basically with no info about it's dead end situation
- rooms chat are clumsy, full of info like: changed their profile picture 4 times, changed their name, and left. Umm, cool and what?
- more spam and unrelated service info, especially if there is Discord/TG/IRC<>Matrix bridge connection
- so messages look like shit: RoomBridge 'Actual message'
- hard to react on this
- hard to meaningfully search the content
- servers suck, if it fck up itself, entire room is corrupted
- moderation on this mess is almost impossible
- clients suck as well - monoculture now, Element only afaik 'usable'
- have no info what is shared where and what rules are applied to such connections
- some bridges are one way, some rooms have apparently mixed modes
- so many rooms have 'End-to-end encryption isn't enabled'
- it even can't be enabled because of: 'Enabling encryption may prevent many bots and bridges from working correctly.' (Ok, this does make sense.)
- if I leave old rooms, some remain in notifications, stuck forever and I can't get rid of them

Feels like Element won't starting for few more months on my machine yet again.

SimpleX still is quite promising.