[FAKEDETECTOR]

It seems like you want to suggest that Matrix is not secure - as others pointed out already the bug that was reported about has nothing to do with matrix and was fixed quickly.

Also you do not seem to understand that bugs and resulting security problems are something that happen every day - and get fixed quickly, usually, after discovery. This is what they mean when domain experts say things like "security is a process".

Also here we see a perfect example of why you want to use open source software for all governmental software: after a bug was found your admins can see the code changes and understand, if the bug still exists or not. Even more, only with open source software your admins and developers can read the code and search for bugs, too! This is what makes open source software a very good idea!

You are welcome to the world of free and open software, and after some reading about the basic principles I am sure you will understand why open source software is used by so many companies and organizations around the world.

BTW re the website you pointed to: I see a very annoying, totally absurd cookie dialog that makes me click at least five times and still does not give me a choice to not accept cookies at all. Please do not link to that website until they wake up and stop insulting visitors with this UI nightmare and learned that nobody needs to set cookies to publish content. Also this is not a website a pro developer would ever read or point to - always prefer to point to the primary source of information.

[DocTomoe]

The goal was to provide a secure whatsapp alternative for he French administration.

They failed the "secure" part - nothing else matters, and that does not mean that rolling your own should be discouraged - it means that these things are hard, and chances are your pet project will be less secure than established systems.

> Please do not link to that website until they wake up and stop insulting visitors with this UI nightmare

Had I known that this happend for your UA, I would not have - worked like a charm on my side.

Thank the French for that, who are the main reason behind the EU legislation about Cookies.

> Also this is not a website a pro developer would ever read or point to

Gatekeeping, are we? "Pro developers" don't waste time searching for some obscure original source for a meaningless online discussion - they pick the first result of their favorite search engine.

[FAKEDETECTOR]

> Thank the French for that, who are the main reason behind the EU legislation about Cookies.

This again is wrong. The problem originated by publishers who track users and disrespect their privacy for many years.

The regulation that happened after a very long time of people urging governments to do something about that, makes this initial problem better visible.

Still it is important to understand: no cookies are needed at all for publishing content.

[justaj]

The cookie situation has been exacerbated exactly because of the cookie law. Previously I could just block cookies client-side (like any sane user avoiding cookies would) and every site worked just fine. However, after the cookie regulation, numerous sites just straight up started to block access _unless_ you accept their cookies.

Cookie regulation is one of the best examples of how governments meddling into tech has backfired.

It would have been a much better idea to launch a public awareness campaign about cookies and their client-side blocking, or even provide patches to open source browsers to have a better UX for blocking cookies by default. The only regulation that should have been passed (if any), would have been to allow access (to static content) despite blocking of cookies client-side.

[FAKEDETECTOR]

This is wrong information.

Publishers can show a cookie-free site to all visitors and offer a cookie opt-in for some kind of added value, e.g. "more information for membership".

There is no governmental force pushing anybody to produce a website that diplays a "cookie dialog" even before you see what that site is about or if you like it. You are producing a false and absurd story of "governments meddling into tech produces cookie dialogs".

[justaj]

What I was getting at was that while yes, publishers can show a cookie-free site, many of them stopped doing exactly that. This started happening around the time the cookie regulation was implemented.

Had the regulation at least forbade this behavior, we most likely wouldn't be in this situation.

However, thinking back, I guess it's fair to say that publishers might have implemented this blocking behavior if the governments would only have done a public awareness campaign. In this case, only a minimum set of regulations (ban force acceptance of cookies for static content) would suffice as well.