The Matrix Conference Has an Exciting Lineup

01.08.2024 12:00 — ConferenceThib

We imagined The Matrix Conference as a gathering place for hackers, project managers, digital sovereignty leaders, and innovators. I’m proud to announce that we definitely succeeded in building a schedule covering that range of topics!

We received more than 60 high-quality proposals and ended up building 5 tracks over the course of 2 “core” conference days. The tracks cover everything from sovereignty and collaboration in the public sector to digital rights, Matrix internals, the social impact of Matrix, and Matrix as the foundation for products.

Continue reading…

This Week in Matrix 2024-07-26

26.07.2024 19:30 — This Week in MatrixThib

Matrix Live

Dept of Status of Matrix 🌡️

Thib (m.org) announces

The Matrix Conference 2024 now has a schedule!!

With more than 60 very high quality proposals, it's been difficult to select talks that would make it to the conference. We are thrilled to announce the schedule of the conference, and we're looking forward to listen to that fantastic line up tell us about the future of Matrix, Matrix in the public sector, Matrix in the wild, or the social impact of Matrix!

Check out the full schedule at https://2024.matrix.org/schedule/

If you're an organisation and want to get some visibility in the Matrix ecosystem, we have a few sponsorship packages left at https://2024.matrix.org/sponsor/.

Don't forget to book your ticket to attend. Head to https://2024.matrix.org/register/ and tell us whether you want merch or not in addition to your ticket!

Continue reading…

This Week in Matrix 2024-07-19

19.07.2024 19:00 — This Week in MatrixThib

Matrix Live

Dept of Spec 📜

Andrew Morgan (anoa) {he/him} says

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://spec.matrix.org/proposals

MSC Status

New MSCs:

MSCs in Final Comment Period:

  • No MSCs are in FCP.

Accepted MSCs:

  • No MSCs were accepted this week.

Closed MSCs:

Spec Updates

We have just one MSC this week from the Tuesday pings. Get it below.

  • MSC4163: Make ACLs apply to EDUs (merge)
    • There is one outstanding concern on this MSC for improved clarity, however the author appears to have already addressed this point. Looks like it's only a matter of time before FCP beigns on this one.
    • Requires 1 more tick from the SCT (Started the week needing 6)

Once again, thank you to everyone who is writing PRs against matrix-spec, especially Johennes and Kladki who combined have had lots of PRs (and MSCs!) created and merged recently. Cheers!

Continue reading…

The European Union must keep funding free software

17.07.2024 19:00 — Advocacy, Policy, EUJosh Simmons

The Matrix.org Foundation is joining other organisations in calling on the European Commission to sustain its funding for the Next Generation Internet.

We thank the petites singularités association for their leadership in starting this open letter, and are grateful to OW2 for the English translation.

Join us by publishing the letter on your own website and add yourself to this table.

Open letter to the European Commission

Since 2020, Next Generation Internet (NGI) programmes, part of European Commission's Horizon programme, fund free software in Europe using a cascade funding mechanism (see for example NLnet's calls). This year, according to the Horizon Europe working draft detailing funding programmes for 2025, we notice that Next Generation Internet is not mentioned any more as part of Cluster 4.

Continue reading…

This Week in Matrix 2024-07-12

12.07.2024 19:30 — This Week in MatrixMTRNord

Matrix Live

Dept of Spec 📜

Andrew Morgan (anoa) {he/him} says

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://spec.matrix.org/proposals.

MSC Status

New MSCs:

MSCs in Final Comment Period:

Accepted MSCs:

Closed MSCs:

  • No MSCs were closed/rejected this week.

Spec Updates

Lots of new MSCs this week - thank you to everyone proposing new ideas or clarifications to the spec!

We have just one MSC this week from the Tuesday pings. Get it below.

  • MSC3572: Relation aggregation cleanup (disposition: close)
    • Since this MSC was written, it has been shown that having (unstable) prefixes in the unsigned field of events is useful. Hence the general consensus from the SCT has been to close this MSC as it stands.
    • Needs 1 checkmark from the SCT (started the week needing 2).

Continue reading…

This Week in Matrix 2024-07-05

05.07.2024 19:30 — This Week in MatrixThib

Matrix Live

Dept of Status of Matrix 🌡️

Thib (m.org) announces

The enthusiasm around The Matrix Conference is simply mind-boggling! In less than 2 weeks, the project leads of state-sponsored deployments, key digital rights activists and the Matrix community at large sent us more than 60 high-quality proposals 🤯

We're really excited to help the key players in the ecosystem meet in Berlin, and I can't wait to see the fantastic talks people are working on. While the team works on producing a proper schedule for it, organisations that want to increase their brand awareness in the Matrix Ecosystem can still sponsor the conference. Let your marketing department know, pass them our sponsorship brochure!

Continue reading…

This Week in Matrix 2024-06-28

28.06.2024 19:30 — This Week in MatrixThib

Matrix Live S09E32 - QR Code Login & Translations

This week at Element, Benoit walks us through how he checks that the translations are consistent in Element, and Hugh tells us everything about the awesome QR Code Login in Matrix Auth Service!

Dept of Servers 🏢

Synapse (website)

Synapse is a Matrix homeserver implementation developed by Element

Till announces

This week we released Synapse v1.110.0rc2, which contains experimental support for account suspension, report room API, more native Sliding Sync functionality and more.

Check out the release notes for more details! Also, if you can, please test v1.110.rc2 in non-critical environments.

(Note: I've linked to rc1 release notes, since all the changes are in rc1, which unfortunately was only partially released due to a packaging issue. rc2 fixes this.)

Continue reading…

Sunsetting unauthenticated media

26.06.2024 14:31 — Trust & Safety, matrix.org homeserverTravis Ralston

Hello everyone,

The Trust & Safety team has been working hard to get MSC3916 in the hands of users, and we’re nearly there with Matrix 1.11 being released last week. This fixes a long-standing design flaw in Matrix where media (images, avatars, files, etc) can be accessed without authentication if the URL is known. Matrix 1.11 fixes this by requiring authentication on these URLs, removing the ability for users to treat homeservers as CDNs for hosting arbitrary Matrix content for arbitrary users.

Rolling this feature out to the entire public federation is a bit tricky, particularly when considering the user safety and privacy benefits which Matrix 1.11 brings. Developers are encouraged to support authenticated media quickly to give server admins the ability to freeze unauthenticated media access on their servers. Media uploaded or cached before the freeze will remain accessible on the unauthenticated endpoints, but any media uploaded or cached after the freeze will only be available through the authenticated endpoints.

This freeze reduces the amount of breakage users will see. We’re aware of links being shared outside the context of a room already, and breaking those would be pretty disappointing for those users. We also don’t want to encourage that capability going forwards due to the space it takes up and the anonymous nature of the requests. Users who keep their clients updated should see no impact when their servers implement their freeze, but may find themselves unable to copy/paste media URLs to their friends.

Matrix 1.11 recommends that all servers evaluate their local ecosystem to determine when would be best to implement the freeze, and that the freeze should happen before Matrix 1.12 is released in August 2024. For the matrix.org homeserver, we anticipate most of our users to have updated clients in July, putting our freeze date in August.

Developers, and those curious, are encouraged to review the Matrix 1.11 blog post for details on the changes they’ll need to make in July to have near-zero matrix.org user impact, and for information about the recommended freeze approach.

Timeline for matrix.org homeserver

To assist developers and other server admins in testing their implementations, we will be updating the beta.matrix.org homeserver to enact the freeze as soon as code is available for that. We expect this to happen in July 2024. The matrix.org (non-beta) homeserver’s freeze will be started on August 28th, 2024 September 4th, 2024 during normal UK business hours.

Update August 14, 2024: Most of the ecosystem has already updated to support authenticated media with only a few bug fixes pending release. To give a little bit more buffer for these bug fixes to roll out, we've moved our scheduled date to September 4th, 2024.

All media uploaded and cached prior to the freeze will remain accessible on the unauthenticated endpoints and authenticated endpoints. Media uploaded and cached after the freeze will only be available through the authenticated endpoints, not the unauthenticated ones.

Developer support

The team is making themselves available in the #matrix-client-developers:matrix.org and #matrix-homeserver-developers:matrix.org rooms on Matrix to help support developers in implementing this feature. Client, server, and bridge authors are welcome to visit those rooms to get help in figuring out what needs to happen to support authenticated media. Further resources are also available in the Matrix 1.11 blog post.

For questions about the rollout itself, the freeze date, or the (beta.)matrix.org homeserver, please visit #foundation-office:matrix.org on Matrix.

We look forward to seeing the ecosystem working towards a safer, authenticated, experience for users.

Thank you,

Travis Ralston & the whole Matrix.org Foundation team

This Week in Matrix 2024-06-21

21.06.2024 19:00 — This Week in MatrixThib

Matrix Live

Dept of Status of Matrix 🌡️

Thib (m.org) announces

Heads up that The Matrix Conference Call for Proposals is open until Wednesday 26 June, 10am Anywhere on Earth (23:59 CEST)!

Make some room in your schedule today, in the weekend or early next week to send your best proposals. We're interested in various types of talks: why your Matrix project is exciting, the (technical or non-technical) problems it solves, how Matrix fits in your organisation or community, exciting topics you want to tackle but need to find partners for, and more.

Whether you want to submit a short or long talk, or a workshop idea, head to http://2024.matrix.org to get all the conference details, or https://cfp.matrix.org to submit a proposal!

Continue reading…

Matrix v1.11 release

20.06.2024 16:52 — Releases, SpecTravis Ralston

Hey all,

We’ve just released the milestone Matrix 1.11 update for the protocol. It’s been almost exactly 3 months since the last release, Matrix 1.10, keeping us on track for our once-a-quarter release schedule.

There are 9 MSCs released in Matrix 1.11 today, but there’s one specific MSC we’d like to draw your attention to: MSC3916 - Authenticated Media. Until today, Matrix had a design flaw which allows a user to access media unauthenticated if they knew the URL. This has been used to share files in social media posts, link images outside of chats, and generally imply that a homeserver is a CDN for the internet. Some of these use cases are legitimate, though many are not. This is fixed with MSC3916.

This post covers MSC3916 and its implementation guidelines in more detail, but the full changelog for Matrix 1.11 is available at the end, as always.

Continue reading…