- cross-posted to:
- news
- foss@beehaw.org
- opensource@lemmy.ml
- cross-posted to:
- news
- foss@beehaw.org
- opensource@lemmy.ml
Synapse and Dendrite relicensed to AGPLv3
This is actually quite a controversial change mainly because of their switch to a CLA. This indirectly gives them the opportunity to switch the license to closed source whenever they feel like it in the future. Semi-controversially, they are also primarly making this AGPL change in order to begin selling dual-licensing to companies. The Matrix Foundation itself does not support this change from Element, though Element is within its rights to do so.
You can read some more thoughts on this from the pessimistic folks at HackerNews. My main takeaway is that I don’t trust Element because I don’t trust anyone. I’m sure they’re doing this in good faith but I don’t like the power they have at the moment. I hope this is what’s needed to begin focusing efforts on alternative homeserver implementations like Conduit.
Conduit is also licensed under Apache 2.0, so it could also be taken closed source at any point in time. The reason this wouldn’t impact Conduit as much is that there’re other contributors, whilst Synapse and Dendrite are almost exclusively developed by Element.
The CLA is necessary since Element funds the development of their servers by contracting with companies, governments and institutions which have special needs. Publishing those patches might be against their customers wishes.
The AGPL ensures no one else can make proprietary changes but Element because of their CLA. This makes it unattractive for companies and volunteers to contribute to Element’s servers, which isn’t a problem because those contributors didn’t exist in the first place.
As I understand it, the people who feel strongly about this change feel like their trust was betrayed by Element. The others are probably corporation’s like reddit who don’t want to contribute anyway but are now not able to profit off of Elements work.
My opinion is split. On the one hand I like the change to AGPL, since it forces forks to continue to be foss. On the other hand, Element continues to be allowed to license the code differently, so it doesn’t really change that the code could be closed off at any point in time.
The most important question is whether this change will benefit Element. Status quo is companies taking without giving back. Now corporations and volunteers won’t contribute code because of the CLA and AGPL. This means Element hopes those corporations will contract with Element to get access to differently licensed code for a monetary contribution.
I think reddit will just develop their own server, but maybe smaller companies (like in the health care sector) will pay Element.
Conduit is also licensed under Apache 2.0, so it could also be taken closed source at any point in time. The reason this wouldn’t impact Conduit as much is that there’re other contributors, whilst Synapse and Dendrite are almost exclusively developed by Element.
Right. The current perspective is based on the idea that if Synapse/Dendrite go closed-source right now, an open source version would be good as dead. Element is responsible for 95% of Synapse/Dendrite and I’m sure a community fork would have to play a lot of catch-up to figure out how to keep it going. If the community was more involved in Synapse/Dendrite implementation (and if Element let them) there would be less cause for alarm, as closing the source would just mean an immediate community fork and putting Element on ignore. Also to reiterate, The Matrix Foundation is not going along with Element on this move, and even if Element pulled something shady the Matrix Core Spec etc. would still remain open and under the Foundation’s control, so the max we have to lose is Synapse/Dendrite and all of Element’s developers.
As for the rest I agree and I do actually trust that Element is simply playing their only card here. These maneuvers are all required in order for Element to survive as a company at all, but they also unfortunately leave this backdoor open as a consequence. Matthew has pinky-promised over and over that they are only acting in good faith and that they would never use the backdoor, but it’s understandable that the presence of the backdoor is putting everyone at unease. Best case scenario we take this as a warning sign that if Element drops dead tomorrow then Matrix is also dead. If people want Matrix to not be practically owned by Element then we should diversify and prepare escape plans.
Companies need money to pay their employees. Who would’ve thunk they’d change the licensing to allow them to make money. -surprised pikachu face-
Hopefully this change actually helps Element to make money. It was always a problem how entangled Matrix and Element are, simply because Element finances most of Matrix. This seems to change now with the Matrix Foundation having an employee.
Let companies support element, we should be supporting alternatives.
I really, really hope this leads to development of data portability/server migration options. When I set my homeserver up, I chose Synapse as I didn’t know about the other servers. Now that I do, and would like to switch away because of Synapse’s performance problems and the new CLA stuff, I realize I and all my users are fully locked in, and would have to start from scratch (lose all chats, profiles, etc) to migrate.
Just give XMPP a shot… It’s what Matrix has been promising to be without ever actually delivering, was there a decade prior and still will be after the next.
Matrix’s purpose was to be a VC unicorn for is founders, it’s not tackling a new problem, it’s not bringing a novel or interesting solution, and everything that it does differently on a technical level seems to go against its goals and those of its users. Time to drop them was someandsome ago, but it’s never too late.
Is there a good way to handle e2e encryption on xmpp? I feel like that is one of the selling points of matrix. Iirc there was an OTR plugin for gaim/pidgin, but I have no idea what’s normal these days
XMPP’s E2EE is comparable to everything else out there (Signal, Matrix, WhatsApp, …) in that it uses Signal’s double-ratchet algorithm (guaranteeing perfect forward secrecy and al.). All maintained clients support it: https://omemo.top/
XMPP was there before Matrix and will be there after Matrix dies when the venture capitalists behind Element funding decide to move the money somewhere else.
, and this is just the beginning.
It’s bad omen to criticize an opensource project, I know, but in my eyes Matrix is a big technical and organizational failure, for not having succeeded in stabilizing the protocol after a whole decade of unsuccessful explorations, and for having its leadership consistently fail to define clear goals and steer the project towards them (just get it done and working well before trying to make it “peer to peer” or “in the metaverse”).If this is the electroshock that Matrix needs to reconsider its design and directions? good for them. If that kills them? Well too bad, but it’s not like they are the only cool kid in town.
Matrix is not an “open source project”. It’s a VC funded company.
This is pretty bad in terms of software freedom. However I see why they did it.
What needs to happen is that Matrix need to focus stability and user friendliness. Right now no major group or company wants it because its a mess
Right now no major group or company wants it
most people beyond the tech field [don’t] know what Matrix isWrong
- Matrix.org - Matrix and Riot confirmed as the basis for France’s Secure Instant Messenger app
- Matrix.org - Germany’s national healthcare system adopts Matrix!
Amongst others…