You can find all of them with some descriptions at:
Or by using shivering-isles.com as room directory.
Hello people, please upgrade your #Riot installations if not already done :)
1.6.3 provides a security fix. Time to run: flatpak update
If you use the #flatpak version.
Enjoy your time, and if you feel bored, may checkout one of the many channels I founded:
If you didn't notice: There is a 1.6.0 release of Riot on its way to Flathub :)
Riot 1.6.0 bring the new and shiny cross-signing features. Means you get TOFU now, can cross-sign your devices and users, which allows easy to transfer trust between all your matrix sessions.
Just make sure you use RiotX on Android in order to have all devices compatible :)
Seems like another blog article sneaked out:
It's a short tutorial about how to use @matrix room directories. As I recently learned on how to use the directory selection feature, it might also be worth reading for you ^^
Quick blog post I worked on a few days ago and finally got released:
So electron improved their security features with the recent version 5, but by doing this broke tons of applications because they either need User Namespaces or an SUID executeable (to launch proper isolated subprocesses).
#Signal Desktop noticed this problem and as well and "fixed" it in the worst way possible:
On the other hand #Riot Desktop did a proper fix, which enables an SUID bit on this binary: https://github.com/vector-im/riot-web/commit/56674ea70849b3a793fa7b862945163aa10b36b8
Riot v1.1.1 is on its way to your desktop 🎉
The Flatpak was updated. Just waiting for the build to finish and publishing to flathub.
When Gnome Software is configured properly on your system, you'll just get a notification that Riot was updated in Background as soon as it made it to your system 🚀
For everyone else: Run `flatpak update` tomorrow and it should wait for you to install 🙂
There are new keys for the official matrix repositories with the key ids:
Those come along with a new package that are build on fresh infrastructure. No details if they now sign packages offline, yet.
Since Matrix reset all logins recently, you may lost some of your E2EE keys. Those were erased when being forcefully logged out.
Those who used the Key Backup mechanism by Matrix.org can recover quite easily, those who didn't bother to set them up, might have a problem.
In #e2e:matrix.org we discussed that today and someone provided a detailed guide on how to recover using BTRFS:
Matrix.org just announced they are back once more:
Let's hope things stay up as they are. There are definitely some new challenges to tackle, which came up in their issue tracker:
Let's see if they got really rid of the attacker 🤞
Too early to be happy, seems like the attacker found their way in and is still around on Matrix's infrastructure.
The attack has proven themselves to have shell access on their synapse instance, which is definitely bad. It means that all user accounts are compromised and have to be reset.
There will go a lot of efforts into figuring out the details and fixing the vulnerability.
Meanwhile, send some love to the people behind matrix!
Matrix is coming back up! One of the first things happening was writing a new blog post about the incident which you can find here:
TL;DR: Some outdated software was discovered and cracked by an attack which then had access to various data points.
Important: Change your password ASAP (including NickServ when you used the IRC bridges)
Hint: The homeserver is not back up yet.
I'm a professional relationship therapist for programs and their users.
This is my personal microblog. It's filled with my fun, joy and silliness.