Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Not sure when you had your experience, but they improved on e2ee a lot and as long as you backup your recovery key you should never see "unable to decrypt message" warnings.


> Not sure when you had your experience, but they improved on e2ee a lot

As I said last fall, so maybe October 2020.

I got the impression that the big improvement happened early 2020 and maybe the Web client I used first did not support it.

But if they say that the system has been running since 2014 and the improvement that makes it usable came in 2020 I would not yet call it a mature and proven system.

> you should never see "unable to decrypt message" warnings

Warning is an understatement here :) I could not at all decrypt the new messages other people were sending me and I had to communicate with them by an independent channel. One of them was an experienced Matrix evangelist running his own servers and he could not solve the problem and not tell what I might have done wrong.


I guess part of the problem was that I started with a Web client and later moved to my own element client installation.

The element client looked easier to use, although it still remained unclear to me what exactly is the secret key, what is stored locally inside the client (and not available once I switch clients or machines), what is in the server and what I have as a backup.

If I with some practical cryptography experience cannot understand the usage in 1 hour (and I was searching around for more than an hour in various sources) it's not ready for widespread use by people who have no idea what they are doing.


I keep advocating for a solution where the passphrase is not separate from the password (like what ProtonMail did). Otherwise it’s untenable for most users.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: