Element has chosen to pursue future development of Synapse, Dendrite and associated server-side projects under the terms of AGPLv3.

Synapse and Dendrite relicensed to AGPLv3

Yote.zip
link
fedilink
English
111Y

This is actually quite a controversial change mainly because of their switch to a CLA. This indirectly gives them the opportunity to switch the license to closed source whenever they feel like it in the future. Semi-controversially, they are also primarly making this AGPL change in order to begin selling dual-licensing to companies. The Matrix Foundation itself does not support this change from Element, though Element is within its rights to do so.

You can read some more thoughts on this from the pessimistic folks at HackerNews. My main takeaway is that I don’t trust Element because I don’t trust anyone. I’m sure they’re doing this in good faith but I don’t like the power they have at the moment. I hope this is what’s needed to begin focusing efforts on alternative homeserver implementations like Conduit.

Chewy
link
fedilink
English
31Y

Conduit is also licensed under Apache 2.0, so it could also be taken closed source at any point in time. The reason this wouldn’t impact Conduit as much is that there’re other contributors, whilst Synapse and Dendrite are almost exclusively developed by Element.

The CLA is necessary since Element funds the development of their servers by contracting with companies, governments and institutions which have special needs. Publishing those patches might be against their customers wishes.

The AGPL ensures no one else can make proprietary changes but Element because of their CLA. This makes it unattractive for companies and volunteers to contribute to Element’s servers, which isn’t a problem because those contributors didn’t exist in the first place.

As I understand it, the people who feel strongly about this change feel like their trust was betrayed by Element. The others are probably corporation’s like reddit who don’t want to contribute anyway but are now not able to profit off of Elements work.

My opinion is split. On the one hand I like the change to AGPL, since it forces forks to continue to be foss. On the other hand, Element continues to be allowed to license the code differently, so it doesn’t really change that the code could be closed off at any point in time.

The most important question is whether this change will benefit Element. Status quo is companies taking without giving back. Now corporations and volunteers won’t contribute code because of the CLA and AGPL. This means Element hopes those corporations will contract with Element to get access to differently licensed code for a monetary contribution.

I think reddit will just develop their own server, but maybe smaller companies (like in the health care sector) will pay Element.

Yote.zip
link
fedilink
English
5
edit-2
1Y

Conduit is also licensed under Apache 2.0, so it could also be taken closed source at any point in time. The reason this wouldn’t impact Conduit as much is that there’re other contributors, whilst Synapse and Dendrite are almost exclusively developed by Element.

Right. The current perspective is based on the idea that if Synapse/Dendrite go closed-source right now, an open source version would be good as dead. Element is responsible for 95% of Synapse/Dendrite and I’m sure a community fork would have to play a lot of catch-up to figure out how to keep it going. If the community was more involved in Synapse/Dendrite implementation (and if Element let them) there would be less cause for alarm, as closing the source would just mean an immediate community fork and putting Element on ignore. Also to reiterate, The Matrix Foundation is not going along with Element on this move, and even if Element pulled something shady the Matrix Core Spec etc. would still remain open and under the Foundation’s control, so the max we have to lose is Synapse/Dendrite and all of Element’s developers.

As for the rest I agree and I do actually trust that Element is simply playing their only card here. These maneuvers are all required in order for Element to survive as a company at all, but they also unfortunately leave this backdoor open as a consequence. Matthew has pinky-promised over and over that they are only acting in good faith and that they would never use the backdoor, but it’s understandable that the presence of the backdoor is putting everyone at unease. Best case scenario we take this as a warning sign that if Element drops dead tomorrow then Matrix is also dead. If people want Matrix to not be practically owned by Element then we should diversify and prepare escape plans.

chiisana
link
fedilink
English
11Y

Companies need money to pay their employees. Who would’ve thunk they’d change the licensing to allow them to make money. -surprised pikachu face-

Chewy
link
fedilink
English
21Y

Hopefully this change actually helps Element to make money. It was always a problem how entangled Matrix and Element are, simply because Element finances most of Matrix. This seems to change now with the Matrix Foundation having an employee.

@warmaster@lemmy.world
link
fedilink
English
21Y

Let companies support element, we should be supporting alternatives.

XMPP was there before Matrix and will be there after Matrix dies when the venture capitalists behind Element funding decide to move the money somewhere else.

@mat@linux.community
link
fedilink
English
31Y

I really, really hope this leads to development of data portability/server migration options. When I set my homeserver up, I chose Synapse as I didn’t know about the other servers. Now that I do, and would like to switch away because of Synapse’s performance problems and the new CLA stuff, I realize I and all my users are fully locked in, and would have to start from scratch (lose all chats, profiles, etc) to migrate.

Just give XMPP a shot… It’s what Matrix has been promising to be without ever actually delivering, was there a decade prior and still will be after the next.

Matrix’s purpose was to be a VC unicorn for is founders, it’s not tackling a new problem, it’s not bringing a novel or interesting solution, and everything that it does differently on a technical level seems to go against its goals and those of its users. Time to drop them was someandsome ago, but it’s never too late.

@johntash@eviltoast.org
link
fedilink
English
41Y

Is there a good way to handle e2e encryption on xmpp? I feel like that is one of the selling points of matrix. Iirc there was an OTR plugin for gaim/pidgin, but I have no idea what’s normal these days

XMPP’s E2EE is comparable to everything else out there (Signal, Matrix, WhatsApp, …) in that it uses Signal’s double-ratchet algorithm (guaranteeing perfect forward secrecy and al.). All maintained clients support it: https://omemo.top/

My hope for XMPP is that new and better clients emerge than the ones that already exist. Matrix has this same problem as well.

Of course I wouldn’t complain if more and more clients popped up, but IMO what matters is that the ones we currently have remain well maintained over time, in the hands of people who know what they are doing, and that there is one such client per platform, which is effectively the case today.

If you have ideas on how to improve current clients, I’m sure people would take your remarks and contributions kindly (for instance, there’s a zoo of pretty clients that forked from Conversations on Android, Dino tries to be a minimalistic client for the simple needs and is getting an official Windows build soon, etc)

Matrix finances are running dry, and this is just the beginning.
It’s bad omen to criticize an opensource project, I know, but in my eyes Matrix is a big technical and organizational failure, for not having succeeded in stabilizing the protocol after a whole decade of unsuccessful explorations, and for having its leadership consistently fail to define clear goals and steer the project towards them (just get it done and working well before trying to make it “peer to peer” or “in the metaverse”).

If this is the electroshock that Matrix needs to reconsider its design and directions? good for them. If that kills them? Well too bad, but it’s not like they are the only cool kid in town.

Matrix is not an “open source project”. It’s a VC funded company.

Possibly linux
link
fedilink
English
11Y

This is pretty bad in terms of software freedom. However I see why they did it.

What needs to happen is that Matrix need to focus stability and user friendliness. Right now no major group or company wants it because its a mess

@vegetaaaaaaa@lemmy.world
creator
link
fedilink
English
4
edit-2
1Y

Right now no major group or company wants it
most people beyond the tech field [don’t] know what Matrix is

Wrong

Amongst others…

Why you think this is bad for software freedom?

Possibly linux
link
fedilink
English
11Y

It allows for proprietary use of a FOSS. Its true that almost all of the contributions are from element but that doesn’t make it right.

Element is in trouble and they are trying to stay afloat

@deur@feddit.nl
link
fedilink
English
11Y

deleted by creator

Quite the opposite. Synapse was licenced under Apache licence, which allowed everybody to make proprietary fork.

Now only Element can do proprietary fork, as they are the copyright owners and owner of the work can relicence the software as they want.

The CLA that Element require to contribute changes to their Synapse version is the controversial thing. Because if you contribute, the lines of code you made are your copyright, so if Element takes at least one community contribution the would be locked to AGPL. What CLA does is that you sign off those rights.

‘Matrix-based’ is now specified as a requirement in massive public and private sector tenders

I’m pretty sure that most people beyond the tech field know what Matrix is. At least not by name

Create a post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

  1. Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

  • 1 user online
  • 187 users / day
  • 433 users / week
  • 1.05K users / month
  • 3.77K users / 6 months
  • 1 subscriber
  • 3.9K Posts
  • 79.1K Comments
  • Modlog