The act as police and spy on their users "problem"? I don't know - have apartment buildings solved the domestic violence problem, that happens within them, shielded by their opaque walls?
See my other reply, watch the linked video it's not as black and white as you make it sound like and public non-encrypted rooms hosting tons of CSAM being replicated to any matrix server where any user joined them is a problem.
That's the opposite of a problem, isn't it? Have cops request the IPs and arrest those sharing the material - you've just caught a lot of criminals for almost zero effort.
Unless the "problem" isn't catching criminals, and you don't really care about CSAM, just maintaining matrix's reputation from mercenary journalists willing to conflate a protocol with its users for some clickbait title, or to give a government ammo to ban encryption.
You could watch the video to actually understand the issue instead of making wild assumptions about me.
Until very recently and still to a degree today, you couldn't host a matrix server that has public registration without someone registering, joining a CSAM room and having all that material replicate to your server.
This would be LESS of a problem if the content was actually encrypted and you as an Admin couldn't access it. But sure, it's not an issue just some bad journalism that's why Matrix just recently actually addressed it (thanks Arathorn for replying): https://matrix.org/blog/2025/02/building-a-safer-matrix/
But if you don't think it's a problem, i'm sure you are willing to link to your publicly open server and let people register, i'll write an e-mail to your local law enforcement to let them know you are knowingly hosting childporn on your server, i'm sure the courts will agree with your opionion
Yeah the post is new but we've been steadily ramping up investment in Trust & Safety the whole time I've been leading the Foundation :) Having added a couple moderators to the team late last year, our T&S team now has a little breathing room to do more proactive, strategic work to improve the situation. Previously, they were almost constantly on their back foot trying to keep up incident management.
IDK, have you? Has Apple, Google, Linux? Have we really solved it as a society until we have reached the end-game of Zero Trust Architecture; locked down all bootloaders to only run trusted firmware; locked down firmware to only boot trusted os; enforce attestation at service auth so only genuine devices with client-side "safety" rootkits are accepted?
If you actually watched the linked video you would see that random matrix servers were co-opted to spread CSAM on a massive scale due to what is essentially a design flaw and there was until very very recently not much done to make it possible for server admins to fight that. It's not as black and white as your comment makes it seem.