Long article about how people find Matrix and Mastodon difficult, and if we can expect people to actually think about what they're trying accomplish and if they can take care of their own online security. Part rant, part serious question and very opinionated, comments welcome.
Are most people simpletons?
Yes, I know #
Matrix is more complicated than, say, #
Signal or #
WhatsApp. The latter two have one standard client, and (almost?) everything works without giving it a second thought. I've never used #
iMessage but I assume that too "just works", as #
Apple likes to say.
Same goes for #
Mastodon vs. #
Twitter, where #
Threads is kind of a dumbed-down version of the real Mastodon.
With Matrix you sometimes need to think a bit about what you're doing, exactly like on the greater #
Fediverse such as Mastodon: you have to understand where you are and where you're going. It requires a bit more effort than clicking around in a walled garden like Twitter or #
Facebook, where users are pampered, shielded off from the underlying technique and guided to do what the platform wants them to do. Those platforms try to be as simpleton-proof as humanly possible. Nothing wrong with that per se, mind you.
But if such a totally effort-free, mindless use is the expected standard for everything, mankind may be in a race to the bottom. If even a small effort to understand how something works is a big no-no, what does that say about the average man's curiosity or mental capabilities? Is the average man really such a simpleton, only interested in a quick, effortless #
dopamine shot?
Not for everybody
So I understand that, at this moment, using Matrix or Mastodon isn't for everybody. I like to see it as the difference between a modern electric car, where you only have two pedals, a steering wheel and an on/off switch, and a really old, classic car that requires a bit of knowledge and feeling to drive. Screw up the choke in cold weather, and it won't start. Try to start a Ford model T the wrong way and you can break both your wrists.
And yes, I know building this stuff and fiddling with it has been my hobby, my passion and even my job for decades. Most people aren't really interested in it, they can't be bothered having to think about what they use or how it could/should be used. To me that attitude feels like laziness, but I know that's too easy. That's only what it looks like through my eyes.
Just like in the world of cars, some people just want to get from A to B and are not the least bit interested in how the machine they use works. They panic and call it a crap car if something breaks, even though they should have seen the warning lights on the dashboard and acted upon that. Or checked the oil or tyre pressure...
Education counts
As "the ICT guy" it's my job to help people use the good stuff, like Mastodon or Matrix. Educate them as to why they should be very wary using those closed commercial platforms that are so slick and easy to use. How they're being used and abused as payment for a "free" product. Free as in "without immediate financial cost", mind you.
I believe in free as "free speech", not "free beer". So I run a plethora of services that meet my definition of "free", and I try to get as many people to use those services too. Not necessarily the ones I host, but at least the free alternatives to the closed, often poisonous commercial crap that everybody and his mother uses.
So if I want the people I care about to use Matrix (preferably instead of WhatsApp, but let's take one step at a time), it's my job to make sure they can. I've hosted my own homeserver for years, and I've built and maintained several more as part of my job, so I should be able to offer them something that's as easy to use as possible. Even with the quirks it has (and Matrix has a few).
If a non-techie has problems understanding why he gets error messages like
could not decrypt message, it's my job to explain to him why that happens and how he can solve that, if he can. That can be tricky, and sometimes I can't.
I've always told my users, over and over and over again, that they should keep their security code safe. Tried to explain in laymen's terms what that code represents, and how it will lock you out of all your encrypted messages if you lose it.
That's different from WhatsApp, where #
Suckerberg controls not only the servers, but also your client. So if you screw up, he can always fix it for you. Including your lost key...
Matrix isn't like that, it's not a hotel where the manager has a master key, it's like your own home where only you have the key. Lose it, and you lock yourself out, there's no manager or landlord that can open the door for you, or give you a spare key.
I can understand how non-technies can forget that, or don't realize that warning is real. Or not realize what it would mean to lose all your encrypted communication. That's why I keep pointing at that, ad nauseam.
Reasonable expectations, or not?
So what can I expect from my users? There are quite a few non-techies among them, but also a few ICT professionals. The vast majority of my users are above-average intelligent, I would say. Can I expect them to handle passwords and security codes with care? I like to think I can. There's one that I don't deem capable of such a thing, and she's proved that several times already. But the rest?
One of my users failed to keep his security code secure, and in an attempt to help him recover from that, it turned out he also didn't remember his password. He doesn't use a password safe, he "trusts his memory"... Which also means the passwords he creates are easy to remember and reused for more than one login.
He tried to login via Matrix's webinterface, even though I've pointed him and all my other users to my own #
Element Web over and over again: remembering that or bookmarking it was apparently too much of a hassle, so "google element" was what he relied on.
This user, however, is one of those few professional ICT people. He's worked for an ISP for a quarter of a century, but apparently basic account hygiene is unknown to him...
How to go forward?
If we can't trust an ICT guy to remember a few very, very basic things, how can we ever expect the larger audience to work with Matrix (or Mastodon, or #
Nextcloud or any non billionaire owned platform)? If even people who work in the ICT and have done all kinds of stuff on the Internet since the nineties can't do it, how can the unsuspecting millennials who only know #
TikTok, WhatApp, #
Instagram and #
Google ever use something like this?
Trying to make Matrix as easy to use as, for example, WhatsApp is a pipe dream. Users will have to keep their own security code safe, and they'll have to remember which server they use. There's no getting around that.
Maybe we could create some sort of autoconfiguration, like server configuration in #
email clients, or proxy discovery in web browsers, but that too will only go so far.
How to inspire people?
How do we get people to actually give a sh*t about the software they use? And I mean, enough to make a minor effort to understand what they're using, and why. How do you convince people to stop and think about what they're using now, and evaluate if that's really what they want? How do you put a mind into the mindless?
Yes, I'd love to see the whole world switch to @
The Matrix.org Foundation , @
Mastodon , @
Nextcloud 📱☁️💻, decent e-mail providers like @
Tuta and other platforms that don't try to lock you in and suck you dry. And I'm trying, but I may overestimate the engagement, curiosity and self-reflection of people...
QRator
