Bridges Security Update

31.07.2023 11:40 — Bridges, SecurityIntegrations Team, Matrix Security Team

Today we are announcing security updates for several of our bridges.

In addition we have released matrix-appservice-bridge 9.0.1 (and backported to 8.1.2) which patches GHSA-vc7j-h8xg-fv5x.

All mentioned bridges are affected by a vulnerability in the provisioning interfaces of these bridges. If you are unable to upgrade, please disable provisioning for now (which should be documented in the relevant bridge sample config).

Continue reading…

This Week in Matrix 2023-07-28

28.07.2023 18:00 — This Week in MatrixThib

Matrix Live

Dept of Spec 📜

Andrew Morgan (anoa) says

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://spec.matrix.org/proposals.

MSC Status

New MSCs:

MSCs in Final Comment Period:

Accepted MSCs:

  • No MSCs were accepted this week.

Closed MSCs:

  • No MSCs were closed/rejected this week.

Spec Updates

We've been quite busy at IETF 117 this last week discussing MLS and MIMI in several contexts, meetings, and sessions. Overall things have moved pretty fast in the last week, but the short summary is we're working with MIMI to get (Linearized) Matrix used as the new-found "signalling layer". This layer delegates membership of the room to the crypto layer when the crypto layer (namely MLS) supports being used as such, and is responsible for enforcing all policies. Policies in the context of MIMI are things like join rules, history visibility, and power levels, but with an added twist: we're looking at supporting Role-Based Access Control (RBAC) in combination with power levels in MIMI, which should also bring RBAC to Matrix in the form of a currently-unwritten MSC.

All told, we've got several new documents to write and MSCs to draft, but we'll get there in time. The MIMI working group is expecting solutions in place by about September, so watch this space for more news as we progress. An architecture draft is also in progress on the MIMI side to further explain what all of these new layers mean. In the meantime, if you have questions then please visit the matrix-spec room on Matrix!

We're also looking for more Matrix 1.9 candidates. Currently we have just custom emoji and anything to do with MIMI on the agenda - if you'd like to add more, let us know in the Office of the Matrix Spec Core Team room on Matrix.

Random MSC of the Week

The random MSC of the week is... MSC3062: Bot verification!

This MSC describes a method for verifying (cross-signing) the devices of a bot user, and how verification of that sort could be done. Obviously it wouldn't make much sense to verify emoji with a bot. Instead, this MSC suggests that the bot provide a URL to present to the user. If the URL appears trustworthy (those who would control this URL should also be in charge of this bot), then the user can choose to continue the verification.

The user's Matrix client would then make a request to the URL with details of the verification. If the server responds successfully, some cryptographic magic happens, and your client will consider the bot verified!

This is essentially tying a bot's verification with control of a domain's DNS, which I think is a smart way to do things. But you do need to watch out for those pesky UTF-8 control characters when asking the user to verify the URL!

Continue reading…

Postponing the Libera.Chat deportalling

28.07.2023 14:00 — Bridges, SecurityThib

We have recently announced that we will be honouring Libera Chat’s request to turn off portalled rooms on the Libera.Chat bridge maintained by the Matrix.org Foundation. The changes were originally scheduled to be effective on 31st July. In the meantime, we posted instructions for people to turn their portalled rooms into plumbed ones so the bridge keeps working for them.

Some stability issues on the bridge have prevented people from turning their portalled rooms into plumbed ones. We have been actively working on resolving those issues since the first reports and the situation is gradually improving. However, at this point, we do not believe the plumbed mode can be considered sufficiently stable yet.

Continue reading…

This Week in Matrix 2023-07-21

21.07.2023 00:00 — This Week in MatrixHubert Chathi

Dept of Spec 📜

Andrew Morgan (anoa) says

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://spec.matrix.org/proposals.

MSC Status

New MSCs:

MSCs in Final Comment Period:

  • No MSCs are in FCP.

Accepted MSCs:

Closed MSCs:

  • No MSCs were closed/rejected this week.

Spec Updates

This week we have been preparing for IETF117, Matrix 1.8, Matrix 1.9, and Messaging Layer Security (MLS) for Matrix. Most of our work on globally interoperable communications is ongoing through the More Instant Messaging Interoperability (MIMI) working group at the IETF, and will be making significant strides in the coming days as we head to the IETF117 hackathon and meetup.

Over the last few months we've been working on a version of Linearized Matrix which supports the simplicity of linear event history while being fully compatible with today's Matrix network, and while we think that the 03 draft we wrote up accomplishes a lot of this, there's further work to be done to make it cleaner and easier to use. We've also been writing implementations of it to prove the semantics (and find areas which need improvement), starting with our cleanroom eigen-server TypeScript implementation and interoperating it with a branch of Synapse. During IETF117 we expect more implementations to sprout and have their interoperability tested - watch this space for updates on how that goes.

Aside from IETF117, we're continuing to look at the previously-selected Matrix 1.8 MSCs for release in mid-late August 2023. This might be slow over the next couple of weeks while half of us are at IETF117, but expect more forward progress when we get back. Matrix 1.9 is scheduled to be released sometime in November 2023, and a few months ago we said we were aiming to plan ahead for releases a bit more deliberately. Starting this week, we're accepting submissions for ideas and specific MSCs which need our attention in Matrix 1.9. If you have an MSC (current or future) which will need Spec Core Team (SCT) attention between August 2023 and November 2023, let us know in the SCT Office room. Once Matrix 1.8 is released (exact date TBD) we will have limited availability to add things to the Matrix 1.9 target - please raise your MSCs & themes as soon as possible. The current set of MSCs up for consideration can be found on the SCT Intake Board.

If you've made it this far in our weekly update, congratulations, and thank you. We expect things will rapidly start to happen with IETF117 kicking off tomorrow (July 22, 2023), and we will do our best to keep folks updated. Next week's TWIM in particular will have a post-IETF117 debrief for your reading enjoyment :)

As always, if you have any questions or concerns about what we're working on, visit the SCT Office and let us know. We can't promise a prompt reply (particularly during IETF117), but we will take a look when we can.

Random MSC of the Week

The random MSC of the week is... MSC3105: Previewing UIA flows!

This MSC addresses a shortcoming in the current User-Interactive Authentication (UIA) mechanism where attempting to deduce the required authentication flows for an action will result in that action being carried out if it turns out no flows were required. This makes it tricky for a client to present a "are you sure you want to do X?" as a final step in completing an action that requires authentication.

The proposals aims to allow an OPTIONS pre-flight HTTP request to the same endpoint in order to retrieve the flows necessary, without actually carrying out the action. The proposal does note that using OPTIONS for this case is a bit non-standard though, and some clients may treat the typical 401 error code returned during User-Interactive Auth as a fatal error.

While this does address a flaw in the UIA system, it's worth noting that many other flaws exist! Matrix is planning to move over to an OpenID Connect-based authentication system in the not too distant future, which will likely have far fewer edge cases than our traditional, home-grown one. You can visit https://areweoidcyet.com/ for more information and to track the current progress on that front.

Continue reading…

A giant leap forwards for encryption with MLS

18.07.2023 14:00 — EncryptionMatthew Hodgson, Hubert Chathi

Hi all,

Given our commitment to open standards and interoperability, we’re delighted to see MLS be ratified by the IETF as RFC9420.

MLS is a new encryption standard defined by the IETF, the standards body that maintains much of what makes the internet work. In the same way that Transport Layer Security (TLS, another IETF standard) defines the way to provide encryption between users and servers, or between two different servers, MLS provides a standard way for users of a messaging service to communicate securely without servers being able to eavesdrop on their conversations.

Continue reading…

This Week in Matrix 2023-07-14

14.07.2023 00:00 — This Week in MatrixHubert Chathi

Matrix Live

Dept of Spec 📜

Andrew Morgan (anoa) announces

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://spec.matrix.org/proposals.

MSC Status

New MSCs:

MSCs in Final Comment Period:

Accepted MSCs:

  • No MSCs were accepted this week.

Closed MSCs:

  • No MSCs were closed/rejected this week.

Spec Updates

Not a lot to say this week. The Spec Core Team is humming along with review, while we also wait for progress of various MSCs from their authors. The full list of what's in flight can be found in this week's Tuesday ping in the Office of the Spec Core Team room.

IETF and MIMI work is still continuing on in the background. Look out for a TWIM in the near future for an update to progress on that front!

Random MSC of the Week

The random MSC of the week is... MSC3192: Batch state endpoint!

This MSC defines an endpoint to send lots of state (max 50 at once) into a room in one go. This sounds useful for all sorts of tasks, and it's a wonder that it hasn't come up before.

If that sounds like an endpoint you'd like to go, give feedback on the MSC linked above!

Continue reading…

This Week in Matrix 2023-07-07

07.07.2023 19:00 — This Week in MatrixThib

Matrix Live

Dept of Spec 📜

Andrew Morgan (anoa) announces

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://spec.matrix.org/proposals.

MSC Status

New MSCs:

MSCs in Final Comment Period:

  • No MSCs are in FCP.

Accepted MSCs:

Closed MSCs:

Spec Updates

Work to use Matrix as the standard for interoperable messaging at the IETF is continuing in full stride. At IETF 117 (July 22nd - 28th, 2023) we'll be talking about the precise requirements of an interoperable protocol, and encouraging Matrix be that protocol. Linearized Matrix is our proposal for the room model, with more updates expected in the coming days ahead of the submission deadline, meanwhile yours truly is working on using MSC1767 Extensible Events for a content format. Watch this space for updates leading up to IETF 117 🙂

We're also well on track to test interoperability of different Linearized Matrix implementations at the Hackathon - get in touch with us via the #sct-office:matrix.org if you're working on such an implementation so we can coordinate details. It's not too late to get started either; Linearized Matrix itself is relatively simple to implement compared to the full capability of Matrix, by design.

Random MSC of the Week

The random MSC of the week is... MSC3903: X25519 Elliptic-curve Diffie-Hellman ephemeral for establishing secure channel between two Matrix clients!

This MSC provides a means of establishing a trusted, secure communications channel across a potentially untrusted network. Subsequent MSCs could then use this channel to transfer details such as login tokens or key backup credentials in the context of setting up a new Matrix device. MSC3906 is one proposal that takes advantage of this.

This is just one piece of work building on the tree of MSCs supporting the shift of authentication in Matrix from home-brewed to OIDC. See https://areweoidcyet.com/ for more details on that effort.

Continue reading…

Making Sure The Libera.Chat Bridge Keeps Working

07.07.2023 18:45 — BridgesThib

Libera Chat recently announced their decision to opt-out of portalled rooms from the Libera.Chat bridge instance hosted by the Matrix.org Foundation (a decision we regret but respect). This means that for the bridge to keep working, all of your portalled rooms need to be turned into plumbed rooms before July 31st. All of this might be a bit obscure, so let’s walk together through these concepts and give you the tools to make sure the bridge keeps working for you.

Continue reading…

Deportalling from Libera Chat

04.07.2023 16:00 — BridgesNeil Johnson

On Monday 3rd July, the Libera.Chat IRC network shared that they would no longer accept portalled rooms over the Matrix.org <> Libera.Chat bridge. This change will come into effect between 25th July and 31st July.

We respect the decision but also recognise that this will be disruptive for matrix.org users accessing IRC over the bridge.

Practically speaking, if you currently use matrix.org as a bouncer into Libera.Chat this will no longer be possible unless the admin of every room you inhabit is willing to reconfigure the room for plumbing.

This post explains the situation as seen from the matrix.org side, what it means for matrix.org users and what to do next.

Continue reading…

What happened with archive.matrix.org

04.07.2023 14:24 — GeneralMatthew Hodgson, Thib

We launched the Matrix Public Archive publicly on June 2nd, 2023. We decided to take it down on Sunday, June 25th out of precaution after a member of OFTC staff warned us that the archive made the content of two OFTC IRC channels bridged to Matrix available on the Internet.

After investigating the issue, we determined that the Matrix Public Archive's behaviour was expected for these channels, given an IRC chanop had explicitly configured the Matrix side of the rooms to be world-readable.

Let's talk about how room visibility works in vanilla Matrix, how it works with bridges, and what are the next steps.

Continue reading…