Room membership and various other room state events are not currently end-to-end encrypted, which means a nosy admin on a participating homeserver could peek at them. (They’re still not visible on the wire, though, nor on homeservers whose users haven’t been invited.)
I don’t know if Signal is actually much better, since I haven’t looked at their protocol. They hyped their Sealed Sender feature as a solution to some of this, but it can’t really protect from nosy server admins who are able to alter the code, and they fundamentally cannot hide network-level meta-data like who is talking with whom. There’s a brief and pretty accessible description of why in the video accompanying this paper.
I don’t have a list of Matrix events that remain unencrypted in encrypted rooms. You could read the spec to find them if you’re motivated enough to slog through it, but be warned that network protocol specs tend to be long and boring. :) Unfortunately, the few easy-to-digest blog posts about it that I’ve encountered have been both alarmist and inaccurate on important points (one widely circulated one was so bad that the author even retracted it), so not very useful for getting an objective view of the issue.
However, the maintainers have publicly acknowledged the issue as something they want to fix, both in online forums and in bug reports like this one:
I’ve used Matrix since the app was called Riot.im and there was no encryption
I didn’t realize once encryption was added, that there were still metadata leaks as compared to Signal
Could you give me some information on what metadata is unencrypted, or point me towards documentation about that?
Room membership and various other room state events are not currently end-to-end encrypted, which means a nosy admin on a participating homeserver could peek at them. (They’re still not visible on the wire, though, nor on homeservers whose users haven’t been invited.)
I don’t know if Signal is actually much better, since I haven’t looked at their protocol. They hyped their Sealed Sender feature as a solution to some of this, but it can’t really protect from nosy server admins who are able to alter the code, and they fundamentally cannot hide network-level meta-data like who is talking with whom. There’s a brief and pretty accessible description of why in the video accompanying this paper.
I don’t have a list of Matrix events that remain unencrypted in encrypted rooms. You could read the spec to find them if you’re motivated enough to slog through it, but be warned that network protocol specs tend to be long and boring. :) Unfortunately, the few easy-to-digest blog posts about it that I’ve encountered have been both alarmist and inaccurate on important points (one widely circulated one was so bad that the author even retracted it), so not very useful for getting an objective view of the issue.
However, the maintainers have publicly acknowledged the issue as something they want to fix, both in online forums and in bug reports like this one:
https://github.com/element-hq/element-meta/issues/1214