What I’m looking for ultimately is a universal chat type app like Beeper that can handle Signal and SMS, however, reading this about it gives me pause. It would be nice if I could get all my peeps on matrix, but since it was so hard to get them on to Signal, I think the best I can hope for is something than can handle matrix, signal, and sms. Which brings me back to the title, how exactly do Matrix bridges work and are they secure?
EDIT: SMS is insecure by its very nature, yes?
There are many different types of bridges, but the most seamless one is a type of Man In The Middle (MITM). You give the bridge full access to your other services, which allows them to copy everything to Matrix and vice versa. Naturally, this circumvents E2EE as the bridge needs to access and manipulate the content somehow (E2EE only exists up to the bridge, not the whole way to your client). The bridge can theoretically do anything, as it is a MITM. However, because most bridges are open source and you can host them yourself, the risk that unauthorised parties can gain access to the data is fairly low. If it’s hosted by a third party, you have to trust them that they won’t abuse their power.
I just want to clarify that most bridges can be set up to have E2EE between the Matrix client and the bridge (regardless of whether the bridge supports encrypted chats on the bridged service because not all do, e.g. Facebook), but it is true that the bridge itself has to decrypt and translate between Matrix and the 3rd party chat service, so as you mentioned trusting who hosts bridges or doing it yourself is really important.
…as long as you keep them up to date and follow some basic security practices. There is nothing stopping you from self-hosting an outdated vulnerable version exposed to the public.
Third parties are a risk of unauthorized access, but may be more likely to follow security practices in order to avoid getting fined (according to the legislation of wherever they’re hosted).
Oh boy. I think I’m really out of my depth here. I just downloaded Element and was fiddling with it a bit and found it to be kind of confusing. Maybe I oughta just stick with Signal despite centralization and signalcoin. Would be nice to be able to get SMS on the desktop tho, so I don’t have to go hunting for my phone everytime I have to do 2FA (which, admittedly, is not that often). In any event, thanks to @wxboss@lemmy.sdf.org & @GlowingLantern@feddit.de.
What did you find confusing about Element? The most confusing part for most people is the federation but since you’re on Lemmy, I assume that’s not the case for you.
I’m gettin’ old, and it’s an “old dog new tricks” type thing. However, I’ve still got it installed and probably just need to fiddle around with it some more. Getting Mrs. Hedge and my peeps to switch is going to be tough tho, hence me asking about the Signal bridge . . . Are “rooms” the same as “groups”?
There are a few more settings you can tweak than your standard messenger (e.g. message bubbles or timeline), but the day-to-day interaction should be fairly similar. Chat rooms allow you to chat with any number of participants. Matrix doesn’t really differentiate between “direct” chats and group chats, as you can always add more participants later. Spaces are a way to organise rooms, like a folder.
Why do you want them to switch from Signal? Federation? Other than that Signal’s great. Idk specifically about Signal bridge but I’m in a room with Telegram and IRC bridged and both bridges work pretty well. The room was bridged to XMPP as well but XMPP bridge was weird (resent random messages sometimes) so we removed it. Give it a try though and if possible tell me how it works? I’m curious :p
Automatically forwarding the SMS to the desktop, could turn that 2FA into 1FA.
How can I do that? KDE Connect is one option I’m looking at