I just merged the changes for the renaming. We might change the app-id somewhere down the line. You'll be informed if and when it happens. For now, enjoy your Element client which is coming within the next few hours to your desktop 🎉

Show thread

I have news:

We might don't rename the flathub repository. The Element developers pointed out that they don't plan to change the app-id, which means on our side, we just do a regular update and modify some meta-data.

What bothers me about that is that you'll use `flatpak install im.riot.Riot` to install Element… Rather strange but 🤷

Show thread

Just for those who wonder: Riot was renamed to Element today: element.io/blog/welcome-to-ele

Flathub will provide the application under new name, I just have to talk to the right people to get the renaming/new repository done.


By the way, I maintain a bunch of communities on Matrix for various topics. Such as , () |s, self-hosting and an open community chat where people can just exchange.

You can find all of them with some descriptions at:


Or by using shivering-isles.com as room directory.

Hello people, please upgrade your installations if not already done :)

1.6.3 provides a security fix. Time to run: flatpak update

If you use the version.

Enjoy your time, and if you feel bored, may checkout one of the many channels I founded:

If you didn't notice: There is a 1.6.0 release of Riot on its way to Flathub :)

Riot 1.6.0 bring the new and shiny cross-signing features. Means you get TOFU now, can cross-sign your devices and users, which allows easy to transfer trust between all your matrix sessions.

Just make sure you use RiotX on Android in order to have all devices compatible :)

Preparing Riot.im 1.6.0 build in Flatpak…

Due to the new search feature for encrypted history, I'm currently building TCL as tclsh is needed to build sqlcipher, which is needed for this feature.

We are getting there!

There is a security update for Riot out. Please updates your clients as soon as possible.


The newest version is already on Flathub, therefore `flatpak update` should get you safe again.

Seems like another blog article sneaked out:


It's a short tutorial about how to use @matrix room directories. As I recently learned on how to use the directory selection feature, it might also be worth reading for you ^^

Quick blog post I worked on a few days ago and finally got released:


TL;DR: Due to 's current architecture for using TOFU would be to dangerous. But with Cross-signing up coming, things will get better.

Just pushed the newest version of to you 🙂

Expect the delivery within the next 24 hours. 📦


So electron improved their security features with the recent version 5, but by doing this broke tons of applications because they either need User Namespaces or an SUID executeable (to launch proper isolated subprocesses).

Desktop noticed this problem and as well and "fixed" it in the worst way possible:


On the other hand Desktop did a proper fix, which enables an SUID bit on this binary: github.com/vector-im/riot-web/

By the way, there was an update for Riot yesterday.

When you use Gnome Software and have automatic updates for flatpaks activated, it's very likely you have it already installed.

Otherwise, go for it :)

For CLI users: `flatpak update` will do the job.

Riot v1.1.1 is on its way to your desktop 🎉

The Flatpak was updated. Just waiting for the build to finish and publishing to flathub.

When Gnome Software is configured properly on your system, you'll just get a notification that Riot was updated in Background as soon as it made it to your system 🚀

For everyone else: Run `flatpak update` tomorrow and it should wait for you to install 🙂

By the way, the Riot 1.1.0 flatpak is on its way 🎉

Just wait for the repository metadata to be updates and things will arrive on your workstation :)

There are new keys for the official matrix repositories with the key ids:
CF45A512DE2DA058 (synapse)
D7B0B66941D01538 (riot)

Those come along with a new package that are build on fresh infrastructure. No details if they now sign packages offline, yet.



Show thread

Updated my OpenPGP-signed Riot verification keys, now that I run an own homeserver.


Just if you want to verify me without me being around :)

Since Matrix reset all logins recently, you may lost some of your E2EE keys. Those were erased when being forcefully logged out.

Those who used the Key Backup mechanism by Matrix.org can recover quite easily, those who didn't bother to set them up, might have a problem.

In :matrix.org we discussed that today and someone provided a detailed guide on how to recover using BTRFS:


Show thread

After Matrix has restored its major services, they noticed that the GPG keys used for signing packages where compromised.

The key IDs are:

AD0592FE47F0DF61 (synapse)
E019645248E8F4A1 (Riot/Web)

Please make sure to no longer use those keys.

Show thread

Matrix.org just announced they are back once more:


Let's hope things stay up as they are. There are definitely some new challenges to tackle, which came up in their issue tracker:


Let's see if they got really rid of the attacker 🤞

Show thread
Show more