Notices by Element (element@mastodon.matrix.org)

Apple withdrawing ADP from its UK iCloud service was inevitable, and is a serious wake up call for the UK government.

While the UK government may have had good intentions, trying to undermine E2EE has backfired catastrophically.

No way Apple would capitulate and sabotage the privacy of its service globally.

As 70 years of geopolitical stability fractures, the UK is weakening the nation’s cyber defences through its flawed obsession with blanket surveillance.

https://www.independent.co.uk/news/uk/politics/apple-government-cybersecurity-data-protection-sky-news-b2702490.html

We've signed the open letter to the UK Home Secretary asking for withdrawal of the technical capability notice issued to Apple under the IPA.

We are once again asking the UK government to listen to the experts who continuously explain that there are no safe backdoors into encryption. End-to-end encryption protects fundamental rights and national security, and should not be undermined.

You can add your voice by signing this letter before the 20th of February.

https://www.globalencryption.org/2025/02/joint-letter-on-the-uk-governments-use-of-investigatory-powers-act-to-attack-end-to-end-encryption/

@boud @nemobis Interesting. @matrix tried to pitch for EDIC funding about a year ago, but it went nowhere - it looks EDIC is focused on funnelling money from EU->Govts rather than to projects. Meanwhile €5M/y is too big for NGI. Hadn't come across ERICs; will check. If we'd had baseline funding for Synapse dev we wouldn't be in this position.

@nemobis yup, and be vendor-locked to SpaceX in doing so: https://www.bloomberg.com/news/articles/2025-01-05/italy-plans-1-5-billion-spacex-telecom-security-services-deal.

Another solution here could be if governments decided to actually support FOSS by funding its maintenance & dev by subscribing to the paid product, rather than freeriding. ZenDiS in Germany is a great example of this. But unfortunately, they're almost unique in this, hence Synapse Pro.

@nemobis the funding gap we're try to plug for Synapse and associated Matrix dev is very roughly around $5M/y. So over 5 years, that'd be $25M.

🚨Nation-scale Matrix deployments will fail if built on the community version of Synapse.

The community version of Synapse is not designed or intended for use by commercial Matrix hosting providers to serve huge nation-scale deployments. Just as a suspension bridge has a weight limit and will collapse if you exceed it - the same goes for community Synapse.

Deployments supporting millions of users need Synapse Pro.

https://element.io/blog/scaling-to-millions-of-users-requires-synapse-pro/

@troed We'd also like everything to be open source. But the reality is that even with AGPL, we're still stuck in the pattern that enormous deployments use FOSS Synapse without contributing to its dev/maintenance costs.

Every time an opportunity that we're counting on to fund the team turns around and says "oh, FOSS Synapse is good enough, and we can use it for free, bye" we find ourselves needing to provide a very concrete reason not to freeride - hence Synapse Pro.

In banning WhatsApp, the Scottish government has a wonderful opportunity to introduce secure communications to transform trust, ways of working and productivity across the entire public sector.

https://element.io/blog/scotlands-brave-new-world-of-end-to-end-encrypted-workplace-messaging/

💥 Boom! Synapse Pro rewrites the economics of nation-scale Matrix deployments with high density multi-tenancy, high availability and elastic horizontal scaling.

Synapse Pro is the most cost-efficient Matrix backend available for large-scale use and saves nationwide deployments millions.

Available under a commercial license, Synapse Pro will also help fund and accelerate the continued open source development of Synapse for the benefit of all of Matrix.

https://element.io/blog/synapse-pro-slashes-costs-for-running-nation-scale-matrix-deployments/

Watch Försäkringskassan (Sweden's Social Insurance Agency) present at #MatrixConf on using Element as part of a sovereign and secure collaboration service (called SAFOS) for parts of Försäkringskassan and several other government agencies.

https://youtu.be/XLt70u0btsM

Security release day! Element Web v1.11.81 has landed on Element Web, Element Desktop, and Docker Hub. This version includes a security fix for a high severity vulnerability. Please upgrade! 🧵

For more information see https://github.com/element-hq/element-web/security/advisories/GHSA-3jm3-x98c-r34x and https://github.com/element-hq/element-desktop/security/advisories/GHSA-963w-49j9-gxj6

NOTE - The Matrix.org Foundation is disclosing two vulnerabilities in matrix-js-sdk and matrix-react-sdk today. These have been PATCHED ALREADY, since Element Web and Desktop version 1.11.70.

📢 After moving to AGPL for Synapse, we’re now finalising licence changes for related projects. We’re also switching the apps to (A)GPL.

The intention is to ensure system integrators and other proprietary forks of our software support its dev.

https://element.io/blog/sustainable-licensing-at-element-with-agpl/

See the blog for full details!

We're pleased to report that Matrix has performed well in the BSI audit, conducted by mgm security partners, under the CAOS initiative. The audit found only three low-severity issues.

We're proud of the results and grateful for the BSI's support of open-source security.

Let's keep building a safer, open web together!

https://element.io/blog/bsi-funds-security-analysis-of-matrix/

🇨🇭 Welcome to the party!! 🇨🇭

Innovation will start booming with Switzerland mandating government software to be open source.

Public money for public code, forever! 🤘

#OpenSource #Transparency #DigitalSovereignty

https://www.zdnet.com/article/switzerland-now-requires-all-government-software-to-be-open-source/

For a better understanding of what these new developments mean head over to @edri to read their critical summary: https://edri.org/our-work/be-scanned-or-get-banned/

📣 The new Chat Control proposal puts the security of everyone in the EU at risk in search of an non-existent magic tool.

It’s time to raise the alarm and make our voices heard https://element.io/blog/eus-chat-control-puts-security-and-privacy-at-risk/ 📣

Thrilled to announce our partnership with @bigbluebutton helping to expand the future of virtual classrooms in education with Matrix.

Together, we're breaking boundaries and redefining online learning.

Read more at https://element.io/blog/partnership-with-bigbluebutton-for-matrix-based-virtual-classrooms/

🇪🇺 🇪🇺 🇪🇺 To celebrate DMA Day we wrote up our thoughts on WhatsApp's third party interoperability offer, how it fits with Element and Matrix, and what the future may or may not hold!

https://element.io/blog/the-eu-digital-markets-act-is-here/