this post was submitted on 17 Aug 2023
70 points (98.6% liked)

Linux

48365 readers
1419 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

My laptop is getting old and i can't have Element eat up half of my RAM. There are many more clients out there but which one is good? aka "the best? ;-)

My requirements: lightweight, encryption 100% supported, active development/community. runs neatly 24/7 in the background.

Should also support the latest features, let me customize when to get notifications: priorities / muted chatrooms. And ideally also look clean and run on the Pinephone. But that's optional.

I don't care which desktop environment or cli.

What do you use?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 1 year ago (2 children)

Interesting. Thanks for the info. I turned off the listening notification. Hopefully this is the one you meant. I hadn't thought about settings for the device itself.

I don't entirely understand the verification notice and all. I don't understand the context of verification. I generally avoid making any external internet connections (finger printing) between my phone and other hardware. They are on separate VPNs and firewalls. I get the message about no verification every time I open element. I don't know what it is trying to verify exactly. I imagine it is a copy of the keys and hashes, but like, I don't want to connect social across devices and I am given no options or context details. I don't mind backing up or storing keys, but I'm not installing the software on my workstation or punching holes in that firewall.

[–] [email protected] 3 points 1 year ago

Anyone with access to your homeserver can change your password and log into your account. That's why by default, when someone logs into account, their session is unverified and doesn't have access to encryption keys. To verify it and sync encryption keys, you have to mark it as trusted from another device you own (which sends the encryption keys from the old device), or if it's the first session it becomes the only trusted device (and generates new encryption keys).

Note that the homeserver owner can always reset all of your sessions and encryption keys, then log in as the first session. They won't be able to read your past encrypted messages obviously, but they will be able to impersonate you. To prevent that, you can additionally perform the same verification process for the devices of those you chat with - that way they will also know which devices you marked as trusted.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

Yeah. That's the correct one. You can also do that with other apps that rely on a background connection to some server. I also don't use google and their cloud messaging. So that's the way around it.

Regarding the verification: It's an additional layer of security for you. To make sure all the devices logged in into your account actually belong to you. Otherwise someone with access to your computer or password (or matrix-server(?)) could in theory read your messages. To prevent that, they make you verify it's actually you who registered that additional device. I think Element has an option to not sync encryption keys with unverified devices. So you could end up with malfunctioning encryption. But in case it's working fine for you, you can skip the verification. You're just missing out on the extra security this way.