Gregory's Server@rysiek @m I'm judging it as a "blog" because of the style of language and the disclaimer at the beginning. I'm not saying Matrix is perfect, but considering that (at least Germany) is actively contributing to it, I expect that they also have experienced security researchers looking at the codebase. To use your argument, why go through all that effort if they could have just used WebEx and Teams? Arguing that the devs and auditors are all incompetent is a bit far fetched, don't you think?
|
2 comments
 |
@ArcaneAlchemist I am not arguing that "devs and auditors are all incompetent", please kindly refrain from putting words in my mouth.
People miss things all the time. The fact that A Large Organization or State is using a given tool does not necessarily mean they audited it. And even if they have, it doesn't mean there are no security issues.
I linked to a specific piece of information on specific security issues found by a good security researcher. Do what you will with that info. 🤷♀️
@m