Remix clone Hacker News

new | show | ask | jobs Github

▲

kibwen 2 days ago

The status quo appears to involve handing over your account password to your chosen client. That's worse than this.

▲

wkat4242 2 days ago | parent | next [-]

If you don't trust your matrix client, why use it at all?

It's also a bit disheartening to see Matrix putting all that "Log in with Google", Apple, Facebook etc so prominently on their login page. The whole idea of decentralised services was getting out of those walled gardens.

	▲	johnmaguire 2 days ago \| parent [-]
		Yeah, I would argue it's less about removing trust from the client (which will ultimately get an auth token in addition to secrets and plaintext messages) and more about allowing for centralized authentication and authorization policies.

▲

cvwright 2 days ago | parent | prev [-]

But you already trust your client with all the private keys and message plaintexts for your account.

I struggle to see why I should trust it with those things but not the account password.

	▲	tcfhgj a day ago \| parent \| next [-]
		Not necessarily, you could give restricted access to a client
	▲	lucyjojo a day ago \| parent \| prev [-]
		my google account has way more power over me than whatever i ever wrote in matrix in my life (ever, ever)