What is the Matrix?

Introduction

The world is full of messengers and it feels like most people use WhatsApp, Telegram or Signal. These are joined by more community-driven projects such as Discord, Slack or Microsoft Teams. They all have their individual advantages and disadvantages and if you take a look at the usual security sites (kuketz or privacy-manual) you will quickly realize:

There is not THE one messenger that everyone thinks is great and is recommended for use.

One is easy to use, the other is highly secure, but not suitable for friends and family. The aim of the whole thing here is not to operate an anonymous platform that is resistant to access by the authorities, but rather that we can all communicate with each other securely and confidently, while remaining in control of our data and without all our data being exploited commercially. At the same time, we must not forget the people who don't have any in-depth IT knowledge and believe that encryption in WhatsApp is cryptographic voodoo magic.

We will briefly discuss the individual advantages and disadvantages here, but we can summarise them as follows:

Email: Distributed, old and complicated, but anyone can reach anyone. Data protection complicated.
Messenger: Centralized, simple, but only for internal use, data protection often questionable, metadata is commercialized.
Matrix: Distributed and relatively simple, anyone can reach anyone, bridge to other IM services available, privacy friendly.
Conclusion: Matrix combines the advantages of messengers and email.

If you don't care about further explanations and just want to try it out, then this way!

Let's take a look at classic email first

Email is a marvellous example of how distributed communication works and how anyone (who wants to) can operate their own email server. In short, all you need is your own domain so that anyone in the world can set up and reach any other address. This was also the recipe for the success of email and still is today.

The message flow with email is as follows:

- SENDER A writes an email to RECIPIENT B via email client using their own EMAILSERVER A 
- EMAILSERVER A asks MX entry the DNS of the target domain for EMAILSERVER B: Which EMAILSERVER is responsible for DOMAINNAME?
- Answer from the DNS who EMAILSERVER B is and should be used.
- EMAILSERVER A sends its email to EMAILSERVER B via SMTP.
- RECIPIENT B can collect/receive its emails from EMAILSERVER B via POP3 or IMAP.

Nowadays, however, fewer and fewer people or organisations operate their own email server (for NAME@WISHDOMAIN) and instead use a free service (e.g. NAME@gmail.com), which creates an undesirable centralization and dependency. email is increasingly only used in a professional environment. Young people do not use it at all or only rarely. Nevertheless, email is still a secure bank and key service on the Internet. Email is becoming increasingly important alongside SMS, especially for two-factor authentication.

Advantages and disadvantages of email

Advantages:

Anyone can use it
The protocol is open and distributed
There is no restriction on the email program used
Industry standard

Disadvantages:

No encryption of the actual message. Only with extra extension SMIME (paid certificates) or PGP (complicated).
Sent messages (e.g. by mistake) cannot be corrected.
Setting up the email client (email server for receiving and sending) is a (too high) technical barrier for many people.
Unclear and unsuitable for groups and larger discussions. We all know and hate the typical flood of emails.
Attachments enlarge messages disproportionately (by a factor of 1.6).
Formatting of messages is arbitrary and inefficient (HTML vs. TXT vs. RTF).
High volume of spam and gateway for malicious code.
Fending this off makes your own hosting very expensive these days.

Then the typical instant messaging services (IM)

Email is not suitable for simple, short and fast messages such as Whatsapp, Telegram, Signal and the like. IM services are extremely fast and easy to set up for the user. As a rule, an email address or mobile phone number is required as a user name. Authentication takes place via SMS/two-factor, sometimes even without user action. This is why most people communicate via one of these IM services. When it comes to groups and social media-type functions, email is completely out. When it comes to groups, messengers quickly reach their limits (class chat comes to mind).

A good overview of the services can be found here: www.messenger-matrix.de

The messaging process for messengers is as follows:

- SENDER A writes a message to RECIPIENT B via their app.
- The app sends the message to IM service X. 
- This is followed by internal processing within the IM service X network.
- IM service X sends the message to RECIPIENT B's app.

Advantages and disadvantages of messengers

Although each IM service has its own special features and requirements, the following advantages and disadvantages apply to most of the top 5:

Advantages:

Very easy to set up for the user
High user acceptance
Most messages are end-to-end encrypted
Accidental or incorrect messages can often be deleted afterwards.

Disadvantages:

Closed protocols: One app, one service.
Messages are stored on the mobile phone. If this is defective and there is no backup: data loss. Exception: Telegram.
Communication only within the service.
No own hosting possible and the protocols used are not public.
Data protection risks (address book is stored on IM service X server), back doors for authorities.
Metadata is commercially exploited for advertising purposes.
If service X fails, millions of people are directly affected at the same time.

Combining the advantages of email and messenger

Matrix is an open-source protocol that can be used by anyone. It is distributed in the same way as email, but is particularly suited to the modern possibilities of communication and accessibility. Be it authorisations, rooms (groups), end-to-end encryption or trust settings between devices. This makes it interesting for authorities and organisations, for example, which can use it to offer their employees their own separate IM services.

gematik: TI-Messenger is based on the Matrix protocol
Bundeswehr to use Matrix as messenger in future
France moves into the Matrix
How the Bwmessenger will change authorities

If you don't want to run your own Matrix server, you can register with a free Matrix service (as with email): matrix.org or mozilla.org. A list of other known home servers can be found here.

The Matrix message flow is as follows:

- SENDER A writes a message to RECIPIENT B via its Matrix client.
- MATRIXSERVER A reads the ‘server’ file located on the web page DOMAINNAME: Which MATRIXSERVER is responsible for DOMAINNAME?
- MATRIXSERVER A sends its message to MATRIXSERVER B via MATRIX.
- MATRIXSERVER B sends the message to the matrix client of RECIPIENT B.

We now have the MATRIXSERVER for the addresses @USER:DOMAINNAME. Without this, we would only have the addresses @USER:MATRIXSERVER, which is not recommended. Result:
A MATRIXSERVER can be hosted anywhere (also e.g. at home) and keeps the short DOMAINNAMEN as part of the user name.

Advantages and disadvantages of Matrix

Advantages:

Anyone can use it, even with their own hosting/server
The protocol is open and distributed.
Data protection friendly. What is not desired can be deactivated. Can also be used without a telephone number or email.
There is no restriction on the client used. It is available for practically all systems. Even for CLI.
Easy to set up for the user.
Messages are end-to-end encrypted by default.
Accidental or incorrect messages can be deleted afterwards.
Particularly suitable for groups and larger discussions.
Attachments, i.e. files and images, can be sent very easily.
Formatting of messages is standardised.
Communication primarily only within the service, but can be extended to other IM services with ‘bridges’

Disadvantages:

(Still) low user acceptance. There are currently approx. 40 million Matrix users.
Despite the distributed system, the availability of the service depends on the capabilities of your own or the server operator.
Although Matrix is end-to-end encrypted, it is not a protocol for perfect anonymity.
This is because the protocol still generates metadata that could be analysed by the server operator.
Audio / video possible, but requires some extra effort on the server.

Metadata

A brief word about metadata: The messages are encrypted, but the metadata is not (because it is federated and distributed). Matrix is not a high-security messenger in the sense of complete anonymity, but rather a balancing act between email and e.g. Signal. The convenience of multi-devices as with Telegram (without having to rely on your mobile phone), but on your own server under your own control. When communicating between server A and B, the metadata is only generated on the two servers. The path in between is encrypted via HTTPS.

Joining

OK, convinced, how can I join in? There are several ways to communicate with the Matrix protocol.

Log in to the Matrix.org server

The simplest way is to test via the normal Matrix.org server (with a @USERNAME:matrix.org address).

The registration and login then takes place
- Install and open the app (Apple/Android) or
- Open the Element website open (Element is the house and yard web client of Matrix)
- Register an account (an e-mail address is required for confirmation)
- Log in with the selected user name and password.

Operate a Matrix server yourself

The supreme discipline is of course to operate your own Matrix server with FreeBSD.
This means that you now have complete control and can use your own individual address, e.g. @NAME:OWNDOMAIN

Use is then as follows:
- Install the app (Apple/Android) or
- Open the Element website open (Element is the home and yard web client from Matrix).
- Log in with the selected user name and password.

First Steps

For the first steps and what can be done with a matrix address, I have dedicated a separate article.