[brettwilcox]

I'm testing Element and Matrix at American Airlines.

There are big players with clout that take issue to instability such as this. How can I rely on my company using Element when it gets pulled? Not cool Google...

To the element team, reach out to me if you can't get the support you are looking for.

[markvdb]

This comment alone should be reason enough for the company behind Element to sue Google.

[walrus01]

Google may be able to control the Element app on the play store, but at least for the server side there's no way to do that with synapse (the official matrix protocol server side implementation), which is fully open source and distributed directly from the developers.

[brettwilcox]

They are also working on a Go version called Dendrite - https://github.com/matrix-org/dendrite

The Matrix team is doing a LOT of cool stuff. :)

[absorber]

Yes, but IMO the Matrix team should _really_ focus on Dendrite since Synapse is extremely resource hungry and prevents a lot of people (including me) from running their own servers.

[feanaro]

It's not that resource hungry anymore. Hovering stably around 500M RSS and 8% CPU for me right now. That's with ~25 users and a lot of federated, public rooms, some of them quite large.

[absorber]

What CPU are you running it on and how many cores are being used? Are you also in really large rooms like Techlore and Matrix HQ? Because I think I'm in all of the largest rooms (and a lot of the smaller ones)

[pimeys]

I'm running my instance with lots of bridges in a 3-core 4GB server, paying about eight euros a month for it. Synapse runs just fine, but I'll probably switch to the Rust impl when it's done.

If you want to go cheaper and have only 300-400 Mbps of bandwidth, I've heard lots of good things about this provider:

https://contabo.com/en/vps/

[feanaro]

Not those two (and I know those are especially large), but we are in many 5-10k rooms, including bridged Freenode rooms which are known to be some of the worst offenders.

Note that many significant improvements have landed very recently, for instance the chain cover stuff which significantly improves handling of rooms with frequent membership changes (such as the aforementioned bridged IRC rooms).

[remram]

8% CPU average actually sounds like a lot, unless your 25 users are chatting around the clock.

[feanaro]

The federation is chatting around the clock. Remember, joining a Matrix room means that your server needs to handle all of the room's traffic. And 25 users can easily be in a lot of large rooms. However, each room only needs to be handled once, so if more of my users join a room in which my server is already participating, the cost doesn't increase.

That said, this isn't an average but a spot value. It frequently falls below 8% (though typically stays above 5%). Note that this is a cheap and relatively weak VPS.

I'm not saying Matrix is terribly lightweight. I'm saying you can easily run a small personal instance on a cheap machine without any performance problems.

[ensignavenger]

How can you rely on the app/play store for any app? This suspension has nothing to do with element, it could have been any app.

[volta83]

Can't you just use a web app or any other matrix client if this happens?

If Google were to "ban" slack from their store, their browsers, etc. then you would be quite in trouble.

But with matrix, just pick a different client and move on.

[brettwilcox]

Yes, I'm doing a custom react client integration. AA has to prepare for black swan events from every angle and this is a perfect example of one.

When you have 100,000+ employees, it's not trivial to just switch up communication platforms.

[StavrosK]

If you need to prepare for Black Swan events, doesn't it make sense to have your own channel to distribute APKs to all devices? Why would you rely on the Play Store at all?

[beowulfey]

that’s a lot of tooling to build for a single application—plus not everyone is tech savvy and installing from non-standard locations requires more user support

[exikyut]

A 100K-sized company is going to have a BYOD or corporate device issuance program with tie-in to MDM, which effectively functions as a private appstore (the DPC (device policy controller) (itself an app) can silently install apps (as in, download APK from $anywhere, hand to PackageManager) without confirmation, etc).

MDM infra is big bu$ine$$, but DPCs are quite simple to write.

(Psst. They also let you read CPU usage on Android 7+ (sadly not per task, but at least with per-core granularity). The catch? Installing a DPC requires a factory reset. xD)

[e12e]

> A 100K-sized company is going to have a BYOD or corporate device issuance program

Some will, some might run a more open org, with a lot of rather independent contractors, focusing on providing services on standard platforms (email, chat, wiki, bugtracker etc).

[corty]

Not every device is under MDM in a big corp. Often you have people like external consultants bringing their own devices, who need to participate in (semi-)internal communications. You cannot just MDM those and you cannot just issue bigcorp devices to them, so you need something like the normal appstore to distribute the software. Maybe you even have BYOD for internal people, so MDM could be hairy from a GDPR/employee rights/liability standpoint. And maybe you even have customers and partners who you want to communicate with, whom you have to provide with a viable option of communicating. You can (maybe) separate those into an internal and an external communication tool. But then you just have two different tools, one of which will have the exact same problem about needing installation via commonly available appstores.

[vvillena]

It's easier to simply ensure that the apps you need are present in multiple stores.

[GlennS]

I take your meaning, but pedantically I think the idea of black swan is that you couldn't ever see it coming, so the only way to prepare for it is some sort of general robustness (which to be fair Matrix does have).

[volta83]

Let each user pick among any of the multiple clients available. Don't design your system / process to only support one client.

[brettwilcox]

It puts too much pressure on Helpdesk to provide the support needed when you don't have a common path.

[jancsika]

This reality should be yelled by a death metal band singer 24/7 at every FOSS developer.

[hutzlibu]

I laughed hard ... but actually no.

That should be yelled at every FOSS evangelist, those people who claim everywhere that no one needs Windows, because Linux has everything Windows has, just better, etc.

We FOSS developers are free to do what we want. Most of us develope mainly for pleasure, not to ease the workload of some corporate helpdesk.

[justaj]

There are debug version apks available here: https://buildkite.com/matrix-dot-org/element-android/builds/...

Click on "Assemble GPlay Debug version" (or "Assemble FDroid Debug version" if you don't have Google Play Services), then click on "Artifacts" and then choose your apk from there.

[dewey]

How is that a solution to the problem? Of course there's other ways to install software, just like you could build your own iOS app and sideload it with a certificate. If an app is gone from the store it's basically dead.

[justaj]

If I were to test the implementation of an app in my enterprise, then it would benefit me to cut down on the unnecessary dependencies. Being dependent on the Google Play Store has shown to be a liability in the past because there were moments where it became a single point of failure (as demonstrated in this thread)

[Arathorn]

Sorry for this :((

[tormeh]

There are alternative clients: https://matrix.org/clients/

FluffyChat would be the main contender.

[kevin_thibedeau]

Big players with clout can commission their own closed access app. The C levels just need to take a $0.5M hit among themselves.

[yorwba]

Reach out how? You have no public contact information in your HN profile.

[brettwilcox]

We've already had conversations and I reached out personally.

[eeZah7Ux]

That's why XMPP has been adopted for military and industrial use.

[acatsdream]

You can use FDroid though.

[qwertox]

How are you going to explain that to your manager?

[foolmeonce]

How does your manager explain to you that you must agree to TOS from Google to install apps necessary for your job?

In the explanation to a company I see nothing wrong. In the tendency to make employees agree to arbitrary ToSes, I see massive liability that should be dealt with using a massive class action lawsuit against some behemoth.

I actually think federated protocols are a get out of jail card for employers since making your job related to owning a car is reasonable, to owning a specific brand of car is not.

[cmorgan31]

Hello employee,

We have a new corporate policy that removes your access to anything related to O365 by Date. The only way to remediate this issue is to install InTune and the corresponding corporate security office's profile so it can enforce our policy on the device. If you qualify for our corporate device program, we will cover the cost of the device and data plan.

Sincerely, CTO

Honestly, it's very common at the largest public corporations and most corporate r&d groups in the US. It's not like we don't already do black box development or have strict vpn only enforcement rules. I wonder how risk assessment sees these kind of federated protocols because in theory you are right about it reducing liability if they run the system.

[xnyan]

You’re lucky if you work a place that even sends you an email when they make unilateral changes to the software that’s running on employer-owned hardware. Everywhere I’ve been has a management engine running with highest privileges that does whatever it wants, this used to be true only in industries like finance and healthcare but now it’s standard.

Maybe places like google are different, I would not know but I’d be surprised to learn that there’s any publicly traded company that does not exercise total control of their machines.