Matthew Hodgson: Power to the people: liberating online communication with Matrix.org

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello and Wellcome ok I'm too loud sorry for that at least you're awake um welcome to the next talk at EMF camp and with me on stage is Matthew to talk to you about our latest and best hope for secure federated communication please give a warm round of applause to Matthew thank you and hi everybody and can you hear me wonderful perfect brilliant thank you for coming along to hear a little bit about matrix I guess before I get too deep into it I should probably find out who knows what matrix is already and who doesn't chopin's for people who already won with matrix actually not that many people ok about ten eleven people so I'm afraid the next page is going to be really boring for you and that will have to go over some of the basics and to bring everybody else up to speed first of all I'm Matthew I'm the founder of matrix we started doing this about four years ago to build a whole new decentralized communications network for the Internet and the idea to be end-to-end encrypted and completely decentralized so that no single power can have any authority over the network so if you're talking to somebody using a different system on a different server the conversation is completely replicated over those two servers and this is the important thing that everybody needs to understand about matrix that IRC or XMPP or soap or whatever has not done that matrix is basically very similar to get it is a entirely decentralized system and if I fire a server on my Raspberry Pi and start talking to other people even if it might be I'd know AT&T or a government or something the copy of the conversations on my level node are mine and the data is replicated with cryptographic integrity over the other servers so there is no single point of control at all so I mean that's basically the spoiler main headline here of how we are liberating communication and giving power of it back to the people so in practice matrix it's an open network and we're doing secured decentralized real-time comms and that's for any kind of communication the typical thing we waste all our life doing is instant messaging interoperable chat but one can also use it for VoIP and you can use it for VR and AR communication you could use it for world data and geometry in VR and AR you can use it for IOT similar to the previous talk if you wanted to have a completely open fabric which you can publish and subscribe to so real-time any old data and in fact one of the early demos we did with matrix was to hook up a car and it's ODB two-port into matrix have it rattle around the network and then do visualizations and a totally different system built on top of it and so why are we doing this well it's a bit of a crazy moonshot to build a global decentralized encrypted comms network which is really as ambitious as the web except optimized for real-time communication because the web was always meant to be read right it was always meant to be as easy to publishers to consume and it will went a bit wrong back in the web 1.0 days and nowadays it's still pretty wrong and if I want to publish stuff on the web I have many different ways of doing it whether it's Facebook or FTP or Twitter or Masterton but there is no kind of common language and other than possibly dev and they have failed to go and publish data out there so with matrix we just want to say hey I've got a little bit of JSON data I want to publish it to somebody else in real time here is a simple HTTP API that is standardized for doing that I guess activity poppin Activity Stream have come along in the last couple of years in the similar space but we were coming at it almost from a simpler I'll show you the API you can judge how complicated it is by the way if anyone has any questions or thoughts please just interrupt because would be a lot more interesting than me just going bla bla bla bla bar for the next half an hour also if anybody wants to steer things in a particular direction like what about BAM or what about encryption or what about VR then again just yell at Alton's we can steer the talk is you might work wish or not I mean practically speaking matrix looks like this or doesn't look like this more accurately because this is where we are and today with all of these kind of silos like slack or telegram get a nice E network or even an application like github and the point of matrix is to be a glue that some connect small together a decentralized network of servers connected and a full mesh topology today at least and you have these blue bridges which take you through to other systems you have native clients living on the matrix lines and so you can use it in a bridging model so that somebody on freenode can go and talk through to somebody on a given slack by bridging it through matrix or web so native Lee you can just ignore the outside and have a native matrix client like riot talking to I know another native my matrix clients like see glass sitting on a nova server but the unusual thing here is as I said earlier that the conversations are replicated over all of the servers so there isn't any single server that can go down and take out the conversation there is only there isn't a single server which acts as a single point of failure instead it's just like cloning a get repository over all of the different nodes on the network made sense yeah perfect so just to ram it down again no single party owns the combos they're shared over everybody some people are probably saying how is this different direction PP why have you reinvented X and B P you're a horrible person you're going to hell anybody's thinking that no but one person is wondering why we're reinventing baby wondering why we might have reinvented XMPP and the answer from my perspective is that we haven't completely different philosophies and architectures in XMPP it is a strictly federated and protocol based around routing blobs of XML over a network and it does a very good job of it whereas matrix primary building block is conversation history it's not messages we're synchronizing the history of chatroom or whatever the data is across these servers so if anything it's more like CouchDB or Cassandra or one of these eventually consistent object databases the fact that you can do pub/sub with it is obviously fundamental but in the end or or it's a lot more like it that we're going and replicating the history around the place group conversation is the first-class citizen you do not get one-to-one messages and matrix you get rooms now for room there's two people in it then you call it a one-to-one conversation but there is no distinction between a DM and the PM or a group conversation otherwise at the protocol level also end-to-end encryption we designed from the outset it took us a few years to implement it and technically it's still in late Peter now but it's still there as the kind of fundamental assumption that sometime real soon now we will turn it on compulsory early for all private communication on matrix also we use HTTP and JSON is the baseline API you can use Ivor transports too if you're allergic to HTTP and you hate Jason you do not have to use it in matrix however the lowest common denominator stupid simple thing that we provide is a Web API so that to send a message is an HTTP put and to receive a message is an HTTP GET and that's it now it's inefficient but anybody can do it you can literally send messages and receive messages using KO and finally our big difference strikes and PP is that we're all about defragmentation and bridging we're not trying to build another ivory tower or another sleuth castle in the sky which is going to be the one true communication network instead we're completely pragmatic and just trying to bridge to everybody else provide some glue in between them and try to defragment these silos which exists today now I'm not going to bang on too much about the problems inherent in silos communication because I'm assuming I'm preaching to the choir and everybody agrees that it's a pretty bad thing that humanity has become hopelessly dependent on Facebook and whatsapp and Twitter as their ways of communicating so let's just take it as a given perhaps that is a good idea to empower people to control their own communication pick their communication provider the Oh to migrate between their communication providers and have a completely open standard open source and on proprietary non-incumbent model and for doing so and then it did anybody see the thing about better slack a few days ago one person two three four okay so some guy went and wrote a browser extension to make snack site class and he called it better slack and I forget the features but they were pretty cute and he had to reverse-engineer the minified slack source code in order to do fun stuff with it and he announced it on Hacker News and I got my 800 up votes and everybody thought it was the best thing ever and two days later slat legal go and shut him down completely for daring to reverse engineer their code and undermined the integrity of their products and bla bla bla bla bla bla bla I'm happy to say that he's now looking at matrix and riot but it was this classic example of the problems of working on a proprietary system where they suddenly enforce their terms and conditions on you and you're screwed even if you've done something really useful a really nice is I kind of wish had been building on an open-source platform and an open standard in the first place and now he is so architectural II a matrix you get home servers these guys feel and look a little bit like email servers you run them on your VPS you find a provider who can provide them to you and they contain your accounts into your conversation history the clients are very thin as I said it's just plain old HTTP talking back and forth here and it's a very asymmetric protocol the clients are really stupid and simple to write literally it's a co one-liner the server's on the other hand are having to do this eventually consistent object database replication thing to go and replicate the conversations all the way around the place so they turned out to be quite hard almost like a database implementation then you've got application services which like clients with super user access to the server so they can masquerade users they can masquerade rooms they can act as bridges they could access any kind of filtering or logging or whatever service and then finally we have identity servers which are kind of the odd one out because we haven't solved identity yet and matrix what we do is to identify people based on their email address or their phone number or anything else and then we map it through to their matrix ID which is intended to be opaque at the moment that lookup directory sits in these logically centralized services we're hoping somebody's going to fix the problem of decentralized identity and we'll just move over to using it when that exact happens but until then it's kind of the weak parts of the architecture and this is the fun bit in terms of where things are at today our main deliverable is the matrix spec which is a increasingly scary single big document and one of the things which we do differently to say XMPP or others is that we just have a spec it's not a bunch of extensions it's not a bunch of optional add-ons and chapters it's one big document that gives you everything that you could want to do it's got VoIP it's got end-to-end encryption it's got read receipts typing notifications all this sort of thing and the advantage of having all in one place is if you have a server and you say it speaks matrix not point 4 it does you don't get the fragmentation you don't get there I'm not sure where my clients implemented end-to-end encryption yeah except for if it's a compliant client we have a base line that defines precisely what you need to do to speak matrix historically this is being quite unloved shall we say because in practice trying to get the right toggle between doing reference implementations and then making sure the spec is really really good is a nightmare because at least doubles the amounts of work in order to also get consensus from the community that we're adding in a new feature into the spec and all of this kind of logistical thing but the good news is that in the last couple of months we've actually been working almost full time on the spec and it's got a lot better and so if you have ever had the misfortune of looking at the spec in the past and for well this is a bit shonky now you can look at it as of last night and see its stuff hopefully looking a lot better and I'll talk about it in a bit on the implementation science server sides we have a Python cervical and apps which was the original prototype and irritatingly it's still the main one out there it sucks in many ways it's a resource hog we haven't optimized as much as we would like but in practice it works well enough on the matrix Dogg's server we have about 30-40 files and concurrent users at any given point so it is possible to go and scale up to that sort of level and that's over a couple of million accounts and then we have dendrite which is the sexy next-gen server now dendrites written in go in their users for its own micro service architecture that goes and scales out completely horizontally it shamelessly rips off how Hangouts works inside and should in theory be amazing other than the fact that we've had to take people off it to focus on synapse because there are so many synapses out there and it's become quite mature and that we need to keep supporting it and it's been this classic second system syndrome a bit like Netscape versus Mozilla or whatever back in the day where eventually we will move over to dendrite and it's going to be incredible but we keep having keep being delayed by keeping the current stuff propped up that said synapse is usable and today it just uses more RAM than you would hope or expect we also have application services and bridges through to loads of different platforms whether it's slack or getter or telegram or whatsapp or iMessage or basically anything out there either we or the community of written a bridge and the purple stuff is the community the green stuff is the core team on the client sides we give completely separate stacks on Android iOS and JavaScript that lowest level is the Web API wrapper the next one up is the UX UI components and the one about that are applications and so is written on top of it and the team also writes the riah app which is a kind of flagship app because one of the things we think went wrong in the past is protocol open protocol is often don't have a flagship application my XMPP has never had until in some ways recently on Android you have conversations but before them especially cross-platform there hasn't been the obvious XMPP client everybody should be using so on matrix we wanted to build one and we called it riot and it sits on top the cool thing about having totally native snacks here is if you want to embed into Android or iOS or the web you've got many many different layers in which to go into it and you're not having to use react native if you're not having to reuse some kind of device abstraction thing the bad news is that for us we end up doing triple the work that we should do in any sane world because we have to maintain completely separate code bases over all three platforms enough talking let's actually look at it oh yes oh so a microphone is winging its way to you on angel wings my question yeah sorry to interrupt I didn't see anything about embedded platforms like microcontrollers and things is is that just because it's straight HTTP and you don't really have to or I don't know yes sir so on the server side it's not well-suited to embedded platforms because the service today a junkie the next one ones should be much better client-side you can absolutely use them on embedded platforms and in fact there's an ESP an 82 whatever that processor is based platform in matrix and it's like 20 lines of code because luckily it has an HTTP client that works let's face it most things have an HTTP client these days so it's not perfect because it's HTTP but it's certainly good enough to control Adafruit some LEDs I know a guy who has his entire house lit by matrix and that kind of thing but it's more of a proof of concept phase that's right can you see this this is my personal Bryant web sitting in one of our dev rooms limb synapse dev it's worth noting that matrix scales quite well I'm in like 1,400 different conversations here and if I go into a room like matrix H here that's got 1600 people in it at points the rooms have gone up to twenty thirty thousand people so relative to something like slack we're just in a whole different order of magnitudes of them scale and complexity we have things like read receipts hello world and typing notifications of course and if now I have enough Internet connectivity to send a message and hopefully you'll see the people's faces start to Tetris grids down the right hand side as they read my message why doesn't slack have read receipts like seriously this is basic stuff here and it's incredibly useful to have this rich presence effectively I'm saying precisely and what's going on what else can I show you in here Oh a good thing to do might be able to actually look at one of these messages so if you look at some folks they're saying hello stream you can always look at the you source and it shows you the underlying Jason and it's pretty simple typically would just be plain text in here he's also given HTML because I happen to know that he runs his own client which presumably isn't doing the optimization to only send plain text if there isn't any formatting and you get your timestamp you get the room that it's in and the type of message and this is completely extensible you can put any Jason you like as long as you name space it to a given type into the room so a slightly more interesting thing might be and those are an image or something reality caps asking to be heckled this is very sad oh there we go oh this is very better isn't it I hope everybody appreciates the inception that's going on here so if we look at this slide from the talk and view source on this then it's a lot more interesting we've got a URL of an image here using the mxc URI schema which is a decentralized content repository that we have in matrix it's very simple it's just a full mesh of HTTP hits so that I can quit so the people basically sync over HTTP the message the sorry the media of the message and it works well enough you have the metadata with the width and height and size and the mime type except perhaps something more interesting would be an end-to-end encrypted room if you go into something like megaohm test this room has got a hundred ninety three people in it and we use it for stress testing the end-to-end encryption because there are thousands of devices in the room typically we see about 10 to 15 devices per on average per user in matrix and if again look at one of these guys the source itself has got the ciphertext in it and you and this is encrypted using megohm which is a ratchet that is led on top of ohm which is a clone at the double ratchet that signal users so the way the encryption works is that you set up one-to-one ratchets between all of the participants in this room so in this case it's a full mesh over a thousand devices for the one-to-one rapture but then over that you share the key data for the group ratchet called megaohm so you only need to send one copy of the message it has one session and hopefully everybody has synchronized their keys such that they can decrypt that particular message so it's a kind of hybrid between signal and the slightly more pragmatic in-group ratchet based approach and I'm waffling and running out of time let me show you a different client let's zoom go and look and another one so well I've got one here called Necco which I built last night which is hopefully still going to work yep yep yep sure it will be enlarged like that okay so this is Necco starting from scratch that's the entire thing booting up on a test account with like hundreds of conversations going on it's written in QT by the community and led by a guy called mu Jack's in Greece and is a fully native QT app it has end-to-end encryption in it as of a few months ago and it's looks a lot like telegram as you can see and it's just really nice I mean obviously I use write because I work on write but it's an increasing number of people are now using this as a good native client also excitingly from my side is sea glass which is a new client and for Mac OS which actually uses the iOS SDK let me just fire up a copy here and I just have to build it no there we go and sea glass yeah it's built on top of the iOS SDK but otherwise completely native KOCO app GPL all open source of course it's just logging in as the same user we were looking at an echo it's not quite as fast to load as the f1 all of the logging flies burst come on come on come on or is it running in the background oh yeah there it is perfect so this is what c-class looks like actually it's kind of similar to an echo other than the fact it's not QT it's a you can confuse everybody and look at the neck oh room from C gloss or we can go and look at the sea glass room which might make more sense and you can see it's a completely native maqam app looks really sexy on Mojave well we'll have you plans maja Mojave Mojave I don't know the dark theme that you get on the new Mac OS but it's really fun to see these really good and clients coming to light this one also does end-to-end encryption and thanks to piggybacking on the iOS SDK that we built for riot all of these projects would love contributors so if you are a cutie hacker or a Mac OS hacker or whatever environment hacker go find a matrix clients of your choice and make it amazing meanwhile back on the slides I've demoed it to you what do you get all the stuff you would expect and the kitchen sink I don't think there's anything obvious missing apart from reactions which are coming real soon now and I think there was something else or edit editable messages both of them turn out to be harder than they should be I got a skip how it works was I'm running out of time the actual API looks like that if the font is large enough for people to read you're literally doing an HTTP POST if some JSON to a URL like that you if you're doing a web RTC cool then again it's a single HTTP hit to offer the media that you want to talk and you basically offer start the call office of media the other guy answers it and then you're in the call so if you've ever had the miss pleasure of doing sip or void by any other technology this is basically the simplest possible approach you can use you can put some MIDI on to it we did jamming over matrix it's not very good for the really low latency stuff like MIDI but we recorded the jamming sessions and two matrix and notated it which was Britta's lit like this you just got the bridge from the third party thing so people might know the xkcd where randall said I have a hard time keeping track of which transitions my friends use and we literally drew the bridges that exists for the existing things on this into matrix at the time and we give a node stack with the jeaious layer and the node in order to bridge through to IRC or slack or anything that lip purple can speak and so you end up having three nodes bridging the way or slack or like that really much and say slack not IRC you can even do it to things like IOT devices and this was a really fun demo until we broke the drone where you would take the proprietary API that the drone spoke and took its video feed and took its telemetry and its management it's actual fly-by-wire stuff and put it into matrix so you could take a completely generic matrix client do it video calls to the drone and then at that point he literally would type launch and up and down and left and right and the thing would fly around until it crashed into the audience what else do we have here end-to-end encryption I kind of glossed over that new stuff relatively our communities and widgets and so communities allow us to filter these massive sets of rooms down to the ones you care about so it's a bit like black teams or this called servers and now just looking at one room switcher to do with the core matrix team or and they wants to do with gsok who wants to do with gnome or whatever it might happen to be also which it's a really fun in that you can take any old for room trying to think of a good room to demo in so I'll just do one in matrix HQ so if you go into this you basically have an app store of bots and bridges and things that you can add in you know a fun widget might be something or it could be any HTML page it could be Spotify could be a YouTube it could be Griffen or etc jitsi is probably a good example but if I actually press that button there then it will go and embed a video conference as an HTML widget into the conversation and for better or worse everybody in matrix HQ will suddenly see both the conference pop up like that in if their client supports widgets and it's just a way of kind of coordinating iframes across the people but it's surprisingly useful let's see if anybody joins us I hope they don't it's surprisingly useful in terms of basically building a dashboarding system into any chat room so if it was an ops room imagine that you had like a farmer and he had I know some other dashboard in there oh there's somebody else there hello whoever you are you look as if you're in your room but hit this room based on the ceiling we can go and try to crash the jitsi and see what else it can do and I killed that now I've was my lab we'll probably ran out of battery that's an example of a widget and I'm very nearly out of time what else should I say community state sis oh yeah France has adopted matrix on a kind of state level and they've gotten enrollment outs across 15 of their ministries now they're aiming for 35 by September end of September they've written the right matrix client which is a very very cute kind of totally end-to-end encrypted approach for doing this and they've also done a lot of interesting stuff with antivirus and the other enterprises stuff you would expect if you were a government running on top of matrix if you happen to work for a government here and you want to not be using slack mr. GDS then please come and talk to me afterwards because we'd love to help you because it's a bit amusing that a uk-based project matrix has ended up being adopted by France but not the UK in terms of growth over the last couple of years users keep on going yay traffic keeps on going up other than the encrypted traffic which has grown a lot more slowly because the UX sucks we're doing everything we can to fix the UX at the moment and there's good stuff coming very shortly number of servers out there is actually now it's about five-and-a-half thousand so not quite as big as the web but hopefully we're getting there and the number keeps going up matrix 1.0 we've been in beaten up for four years we were trying to get stable release of all api's by the end of august as of 3 a.m. this morning we got all of them out apart from the Federation API so this is a massive massive one previously it was just the CS API as I said we've been doing lots of work on the spec you can see that we first wrote the spec back in 2015 then it kind of transit along and then in the last couple of months we've been right back at it to try to get it to a 1.0 the surface surface stuff is nearly done there's 26 issues left 9 in review lots of emphasis on security but at that point hopefully you all hear that matrix is alpha beta and we've finally completely launched Onew right on the horizon looking a lot less green a lot more lights Michael discord hopefully a lot better also on mobile looking like Maps lazy loading is going to reduce ram by a factor of 5 which is nice we need to get end-to-end out to be to need to do other things which are missing and we need help please run a matrix server please give us feedback follow us on Twitter and thank you very much [Applause] took perfect timing thank you very much we can do we can do a few questions because I want to test this new tool so hello amazing and some kind of flying microphone yeah closer to the mouth I was wondering about I was wondering about get and or get an issue tracking integration because I'm aware that I think gitlab are looking starting to look at activity pub for that and I was wondering whether what the yeah what the capabilities the matrix in that space were and web what's planned our capabilities kick ass when it comes to issue tracking integration so if I get into an internal room like this one everybody's getting excited about the spectra leases IDs now the excavation market have create hello world then it will go and login with my actual github credentials into a github and create my issue on the default project which happens to be right web as me as my actual thing and likewise you can go and webhook everything in from github to so we live by it and it's not just github it's got a bit bucket and all sorts of other things too if we keep if we keep it short or we can do two more and then we move it outside for further forwards have you got any news about the key verification UI change yes absolutely sorry completely skimmed over that slide but it was one of everything it was even the top thing of exiting and better friend to end encryption first of all you've got incremental key backups which the PRS have almost landed which makes it a lot harder to lose your keys then the new verification we've got QR codes and comparing mnemonics both of them a fully design fully specs we have a UX workshops on Monday to actually lock down what it looks like and then we're going to implement it before we go mad I'm sorry that it sucks for so long but we're going to fix it the short question part works already the short answer part we work on last question please yeah thank you very much for the talk um I was wondering if you could tell us your thoughts on machine to machine communication through Mitra we want somebody to do it we haven't been focused on it it could be used very much for that HTTP isn't great for it better transports will be amazing please do an mqtt transport or a coapt transport also it helps if you need the encryption because otherwise it might be simpler to just use mqtt but if you need Federation or encryption than users awesome thank you very much please give another warmer order for possible Matthew [Applause]
Info
Channel: Electromagnetic Field
Views: 17,015
Rating: 4.977591 out of 5
Keywords: EMF, Electromagnetic Field, Camp, Day 2, Stage A, emf2018 ov, emf2018 eng, Matthew Hodgson, emf2018
Id: 1TPICntbC5w
Channel Id: undefined
Length: 32min 20sec (1940 seconds)
Published: Fri Sep 07 2018
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.