Post Ax5EMk2coApws73fBQ by GrapheneOS@grapheneos.social
 (DIR) More posts by GrapheneOS@grapheneos.social
 (DIR) Post #Ax4qpVBcifYsIYRquO by GrapheneOS@grapheneos.social
       2025-08-11T21:27:26Z
       
       0 likes, 0 repeats
       
       Today was the coordinated disclosure date for multiple Matrix chat protocol vulnerabilities:https://matrix.org/blog/2025/08/security-release/Our synapse server has been upgraded to 1.135.2 and now we'll need to upgrade our Matrix chat rooms. Many servers haven't yet upgraded and won't be able to join.
       
 (DIR) Post #Ax4qpVxTqjqIgyq4VE by GrapheneOS@grapheneos.social
       2025-08-11T21:29:41Z
       
       0 likes, 0 repeats
       
       Our plan is to create an entirely new set of Matrix rooms with room version 12 and begin migrating people over to those. Our existing rooms will be kept around for a while because we know many instances are going to take their time updating to the new server software releases.
       
 (DIR) Post #Ax4qpWYLdfKiXK5Vy4 by GrapheneOS@grapheneos.social
       2025-08-11T21:36:41Z
       
       0 likes, 0 repeats
       
       Our Matrix chat rooms have been repeatedly broken by these protocol bugs. Our General and Offtopic rooms have been replaced 4-5 times. The most recent occurrence was our GrapheneOS Space with over 25000 users breaking. This will all hopefully be in the past after today's fixes.
       
 (DIR) Post #Ax4qpX6Nb8YUEs0h0q by GrapheneOS@grapheneos.social
       2025-08-11T21:51:20Z
       
       0 likes, 0 repeats
       
       See https://grapheneos.org/contact#community-chat for more info. Our rooms are bridged across Matrix, Discord, Telegram and IRC. We started on IRC and intended to fully migrate to Matrix. We added Telegram due to the major issues with Matrix and then Discord which is now the most active platform.
       
 (DIR) Post #Ax4qpXelXI3pxW69bs by GrapheneOS@grapheneos.social
       2025-08-11T21:53:58Z
       
       0 likes, 0 repeats
       
       Federating with open registration Matrix servers leads to endless raids including people spamming CSAM and gore. Not federating makes it quite useless. A large portion of our Matrix community moved to Discord due to the CSAM spam across Matrix and we don't bridge media from it.
       
 (DIR) Post #Ax4qpYHPDcy9tMB0q0 by GrapheneOS@grapheneos.social
       2025-08-11T22:05:03Z
       
       0 likes, 0 repeats
       
       Discord has very good configurable server-side filtering and dramatically better mod tools. Matrix heavily enables abuse through federation and doesn't even support restricting inline media. Matrix also lacks channels within rooms so communities like ours rely on moderation bots.
       
 (DIR) Post #Ax4qpYxagmiI0Buhai by lightweight@mastodon.nzoss.nz
       2025-08-12T00:47:21Z
       
       0 likes, 0 repeats
       
       @GrapheneOS but Matrix is libre, and Discord isn't. As such, Matrix is infinitely preferable.
       
 (DIR) Post #Ax4rsA4plDCxeR6XPk by Myles124@mastodon.online
       2025-08-12T00:59:06Z
       
       0 likes, 0 repeats
       
       @lightweight @GrapheneOS I much prefer my sanity.
       
 (DIR) Post #Ax5EMk2coApws73fBQ by GrapheneOS@grapheneos.social
       2025-08-12T04:58:32Z
       
       1 likes, 1 repeats
       
       @Myles124 @lightweight As we noted above, many of our community members specifically moved to Discord from Matrix due to the major issues with CSAM on Matrix. The vast majority of people never want to see that a single time in their lives. Actively using large public Matrix rooms will lead to repeatedly being forced to see it. Matrix provides no way to even disable inline media for rooms. It's completely ridiculous. They know there's a huge problem with CSAM and have done essentially nothing.
       
 (DIR) Post #Ax5EMlmkKBK8HRe0i8 by lightweight@mastodon.nzoss.nz
       2025-08-12T05:11:05Z
       
       0 likes, 0 repeats
       
       @GrapheneOS @Myles124 I'm afraid I had to look up the acronym CSAM. Yeah, very unfortunate to hear it. I would be surprised if the Matrix dev community is not working on mechanisms to address the propagation of such material. That said, simply by being libre, Matrix is preferable to Discord for any open/libre community. Fwiw, I use Matrix daily, personally hosting a couple community instances, and have never experienced any of what you describe.
       
 (DIR) Post #Ax5FTJ7DPtNXLMtr1c by GrapheneOS@grapheneos.social
       2025-08-12T05:23:32Z
       
       0 likes, 0 repeats
       
       @lightweight @Myles124 > personally hosting a couple community instancesIf these are open registration, there's a high likelihood they've been used as part of raids including spamming CSAM. It's also almost certain you have media currently stored on the server which is CSAM. Reporting this to servers is rarely done because unless they're going to close registration, they'll keep being used as a source of abuse. Most abuse simply happens via matrix.org so banning servers is fairly pointless.
       
 (DIR) Post #Ax5Fhob5AIRJ2KmttI by lightweight@mastodon.nzoss.nz
       2025-08-12T05:26:12Z
       
       0 likes, 0 repeats
       
       @GrapheneOS @Myles124 they're not open registration.