Freedombone Blog

Freedom in the Cloud

The Dark Matrix

While listening to some 35C3 talks I've managed to get the Matrix and Riot apps for Freedombone working on onion addresses. I don't think there were any fundamental barriers preventing this from happening earlier, and so my previous statements about Matrix being tied to TLS and not compatible with Tor were probably just wrong. Since RiotWeb is composed of client side javascript if you're running it within a Tor compatible browser it doesn't care whether the domains being used are clearnet or onion ones.

I expect that federated onion homeservers, forming a "dark Matrix", will work but that there will be issues with federating onion and clearnet homeservers. This isn't unusual, and the same applies to fediverse instances.

Running on onion addresses does provide some security advantages, but also it means that you don't need to buy a clearnet domain, you don't need to forward any ports and so could be behind a hostile internet router and you don't need to care about obtaining TLS certificates. There was a talk on the first day of 35C3 about TLS1.3 which also described the many issues with TLS and what a dumpster fire it is. In a lot of ways using onion addresses is more convenient and with better security properties, so long as you don't mind the long random strings or QR codes.

Tags: freedombone, matrix