Serious vulnerabilities in Matrix’s end-to-end encryption have been patched

 In Biz & IT, element, encryption, matrix, Messenger
0

Serious vulnerabilities in Matrix’s end-to-end encryption have been patched

Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Serious vulnerabilities in Matrix’s end-to-end encryption have been patched

Enlarge (credit: matrix.org)

Developers of the open source Matrix messenger protocol released an update on Wednesday to fix critical end-to-end encryption vulnerabilities that subvert the confidentiality and authentication guarantees that have been key to the platform’s meteoric rise.

Matrix is a sprawling ecosystem of open source and proprietary chat and collaboration clients and servers that are fully interoperable. The best-known app in this family is Element, a chat client for Windows, macOS, iOS, and Android, but there’s a dizzying array of other members as well.

(credit: Hodgson)

Matrix roughly aims to do for real-time communication what the SMTP standard does for email, which is to provide a federated protocol allowing user clients connected to different servers to exchange messages with each other. Unlike SMTP, however, Matrix offers robust end-to-end encryption, or E2EE, designed to ensure that messages can’t be spoofed and that only the senders and receivers of messages can read the contents.

Read 21 remaining paragraphs | Comments

Previously overlooked flaws allow malicious homeservers to decrypt and spoof messages.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt
We interviewed Linux OS through an AI bot to discover its secretsAI, Biz & IT, Character.AI, chatbot, Features, gpt-3, GPT-J, interview, Linux, LLM, machine learning
Cloudflare’s CAPTCHA replacement lacks crosswalks, checkboxes, GoogleBiz & IT, captcha, cloudflare, google, reCAPTCHA, Security, Tech, web development