When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Four years later, Element was born as the first UK-based encrypted communication and collaboration platform.
It’s in this context that Matrix 2.0 was launched.
Matthew Hodgson and Amandine Le Pape are the founders of UK-based end-to-end encrypted messenger and secure collaboration app Element
Other features include native OpenID Connect and native Group VoIP for maximum security.
A new encryption protocol deserved an app that could really help it shine, though.
That’s whyElement Xwas developed.
The interview has been edited for length and clarity.
Could you tell me a bit more about Element’s latest updates?
Historically, privacy preserving communication tools have not had the best usability.
In the early days, they were very much built by geeks like me, for geeks like me.
In the last 6 months, we’ve seen a steep change in that on the Element site.
I’m really excited that we’ve turned the corner on that.
The app is still in development and currently usable by existing Matrix users.
We’re just playing catch-up on the feature.
Which are the biggest challenges to the future of secure communication across businesses?
The biggest challenge is educating the world on the importance of encrypted communication.
That’s really surprising as we seemore and more data breacheshappening, including in larger organizations.
The potential embarrassment and chaos could be catastrophic.
Otherwise, the level of potential embarrassment when it gets breached and leaked is potentially catastrophic.
What do you think is the reason behind this lack of education?
They didn’t have chat systems.
They used email, they had phone calls, or they just met in person.
Then, suddenly they had no choice but towork remotely.
I think they had a choice.
Or, you just look to see what everyone else is doing.
Could Big Tech firms have done something differently to fix this issue?
With the biggest chat system being encrypted, everybody else felt competitive pressure to keep up.
Then, it would just be part of the ambient default for the industry.
But they didn’t.
So, the opposite has happened.
Meanwhile, the big guys are kind of vaguely trying to make it happen.
I think they are also concerned, perhaps, about liability.
Right now, they know precisely which data is on their service because it’s all unencrypted.
Also, there’s a risk of abuse because adding it in later is hard.
Auto capability is a really hard thing to stick on.
Are there some specific sectors, or even countries, that are worse than others?
The UK is really bad.
It’s weird, it’s worse than the US for whatever reason.
So the UK is particularly bad, and Germany is particularly good.
That’s when we started to work with them on rolling out Matrix for the military.
And nowBundesMessenger isthe Federal encrypted chat system.
So, even if the servers get breached, the history is not going to be compromised.
We also see good interest in France, Sweden, and almost all European countries.
What’s Element doing about it?
Are you trying to raise awareness across these bigger companies as well?
But you have to do something else if the server cannot see your data.
Either you have to do a very exoticfully homomorphic encryptionapproach, which is frankly still science-fiction.
Or, you search client-sideand that’s what we do.
In the past, that was a limitation.
How’s Element preparing for a post-quantum world?
What we’ve done is to build some protocol agility into Matrix from the outset.
But, by this point, everything has that modularity.
It’s slightly sad that they got there first, but competition is good.
Read more from them herehttps://t.co/vp1sX81tJ7October 20, 2023
And what about AI?
Do you think is it a threat for secure communication as well?
In a kind of naive approach, the way people are usingAItoday is incredibly privacy-violating.
I think Signal described it as a fundamentally privacy-antagonistic technology.
Just like Search, our solution to this is to run a client-side.
You do, however, need to download gigabytes of data for the model onto your phone.
You have to find a responsible place to exhaust that model.
That’s something that we’re actively working on.
This is the weakness of end-to-end encryption.
Then, we had the battle for PGP and end-to-end encryption.
It’s a risk.
I really hope the legislation will come in to ensure that spyware is not in any way legitimized.
A good example isApplewith their Lockdown modein iOS, which is deliberately built to harden things against NSO-style Pegasusmalwareattacks.
It’s not dissimilar to theOnline Safety Bill’s scanning capabilities, just coming from a different angle.
It acts as a precedent to show that you could start inserting potentially malicious technology.
From a legal precedent, as we all know, that’s incredibly dangerous.
