blog/mppn: correct closing of s tag

sed with self-destructing messages. A typo fix found it's way into this
commit too alongside leaked older encrypted messages and changelog
update.

Resolves: #269
Resolves: #250

blog/_posts/2021-08-03-matrix-perfect-privacy-not.md

@@ -75,13 +75,12 @@ forever.
 Matrix does support [history retention if you are advanced enough to enable it](https://brendan.abolivier.bzh/matrix-retention-policies/),
 this assumes [your homeserver explicitly enables it as it's not default](https://github.com/matrix-org/synapse/blob/ba5287f5e8be150551824493b3ad685dde00a543/docs/sample_config.yaml#L481-L484)
 and as your room is hosted on every homeserver that has users in your room,
-have a single homeserver that hasn't explicitly enabled it and the room
+have a single homeserver that hasn't explicitly enabled it, or doesn't otherwise support it, and the room
-history never goes away. (If I am wrong, [please contact me](/discuss) as
+history never goes away. Executing `/upgraderoom {{site.matrixLatestRoomVersion}}` or any other version [will also remove the event](https://github.com/matrix-org/synapse/issues/11279).
-I have one private room where history goes away after 7 days, but another with the
-same configuration (nowadays 31 days though), which I can scroll as far back
-as I want.)
 
-*Technical note: sorry about calling reference homeserver implementation issue
+In case there isn't enough confusion, retention shouldn't be confused with actual [self-destructing/disappearing messages](https://github.com/vector-im/element-meta/issues/82).
+
+*Technical note: sorry about calling <s>reference</s> homeserver implementation by the matrix.org team issue
  as a Matrix protocol issue.*
 
 You may say that this requires you to trust the homeserver admin anyway and
@@ -93,7 +92,7 @@ Speaking of removals, once you remove a message [it will be stored in the databa
 and if you changed the homeserver address in your copied link, it would still
 keep on working. Is this something you expect from a private protocol? I don't, or I didn't before getting familiar with Matrix. There is also an [alternative proposal about this](https://github.com/matrix-org/matrix-doc/pull/2228).
 
-*By the way Synapse is still a reference homeserver implementation and not
+*By the way Synapse is still a <s>reference</s> homeserver implementation by the matrix.org and not
  Matrix protocol itself, so sorry about that for anyone technical reading this.*
 
 Do you use different names in different contexts? Like your Full Name in
@@ -111,11 +110,17 @@ unless it just moves the issue to a different level.</s> Which got [cancelled or
 2021-08-27: I don't know how serious issue this may be for you, but any emoji/
 [reactions made on end-to-end-encrypted messages aren't encrypted](https://github.com/matrix-org/matrix-doc/issues/2678).
 It's fun in [E2EE test rooms](matrix:r/megolm:matrix.org?action=join) when you cannot read the other party, but
-regardless see their reactions on your emssages.
+regardless see their reactions on your messages.
+
+2022-01-10: In E2EE features, when you are invited to E2EE rooms, you generally
+cannot see the previously encrypted messages. However when those are encrypted,
+viewing [message source will reveal the older messages in body and formatted_body](https://github.com/matrix-org/matrix-doc/issues/1654)
+which [have been under deprecating plans since 2020-09-19, maybe in the future...](https://github.com/matrix-org/matrix-doc/pull/2781)
 
 I think that was my biggest complaints on Matrix (or Synapse itself), that
 don't involve other protocols and I have personally experienced. My notes
-for this blog post include [Matrix not having real contacts list](https://github.com/matrix-org/matrix-doc/pull/2228),
+for this blog post include [Elements not having real contacts list](https://github.com/vector-im/element-web/issues/4488),
+or in other words [Matrix not having canonical direct messages](https://github.com/matrix-org/matrix-doc/pull/2199),
 but they didn't occur to me and I guess it has been doing fine enough without
 implementing those.
 
@@ -154,3 +159,11 @@ or you can find me from a lot of the linked issues and there is also [issue trac
     test room and this list item.
   * 2021-09-09: It's brought to my attention that URL previews exist on Element
     iOS! It's 23.15 in Finland so I only strikethrough this issue.
+  * 2022-01-10: I am told that [Synapse is not a reference homeserver implementation since 2021-10-06](https://github.com/matrix-org/synapse/pull/10971#event-5418418970)
+    so I have strikethrouged that and changed it to "by the matrix.org team".
+    * Typing this it looks like this blogpost predates the demote of Synapse, but
+      I wish to stay up-to-date with this post.
+    * I am also noting that `m.room.retention` doesn't persist across room upgrades
+      and linking to the Element-meta issue on self-destructing/disappearing messages
+      to not be confused with retention.
+    * Oh and reply fallbacks leaking previously encrypted messages too.

blog/_posts/2021-11-23-leaving-privacyguides.md

@@ -15,7 +15,7 @@ I was less available online. During that time, on 2021-11-18 9.30 UTC+2
 a pull request was force-merged by a team member listing three new projects
 and removing two.
 
-* https://github.com/privacyguides/privacyguides.org/pull/274
+* [privacyguides/privacyguides.org#274](https://github.com/privacyguides/privacyguides.org/pull/274)
 
 This was mentioned in the team room and reviews were asked during one hour
 period before the force-merge, but no one was online to review before it was
@@ -138,7 +138,7 @@ I already wrote too much about encrypted DNS...
 
 If you look into Privacy Guides instant messaging platforms, at the time
 of writing it will suggest you to use Element. That means nothing,
-[there are three different apps called as Element on three different platforms, the only thing in common is the name and if you are looking for privacy, you should look into it deeper or look entirely elsewhere, but that is my previous blog post]({% post_url blog/2021-11-23-leaving-privacyguides %}). TL;DR is that (at the time of writing)
+[there are three different apps called as Element on three different platforms, the only thing in common is the name and if you are looking for privacy, you should look into it deeper or look entirely elsewhere, but that is my previous blog post]({% post_url blog/2021-08-03-matrix-perfect-privacy-not %}). TL;DR is that (at the time of writing)
 your room specific display names may leak and media files are never actually
 removed. If that is fine for you, great. If your issue is just with
 room specific display names, I would suggest a Matrix client that allows

blog/_posts/2021-12-05-matrix-community-abuse-security-by-obscurity.md

@@ -28,19 +28,20 @@ smaller steps:
    1. ***WARNING*** The room version number here is configured in Jekyll site
       variable, not one specific to this post.
    2. ***WARNING*** You should check [the Matrix spec](https://spec.matrix.org/latest/rooms/)
-      for the latest stable room version.
+      for the latest stable room version. Or maybe the [unstable spec](https://spec.matrix.org/unstable/rooms/)?
+      Or maybe you should just [search GitHub](https://github.com/matrix-org/matrix-doc/issues?q=room%20version)?
+      I have no idea how that works as the time of writing both are missing room versions 8 and 9.
    3. ***WARNING*** Traditionally homeservers by other parties than Matrix.org
       (read Synapse) lag behind on supported room versions and you may break
       your room for people using those. At the time of adding this note (2021-12-14), the
-      spec v1.1 is a month and couple of days old (2021-09-11) and room version
+      spec v1.1 is a month and couple of days old (2021-09-11) and [room version 7 is not implemented by Conduit](https://gitlab.com/famedly/conduit/-/issues/161).
-      7 is not implemented by Conduit.
        1. Yes, at the time of writing this post I am recommending version 9,
           while the aforementioned variable is {{ site.matrixLatestRoomVersion }},
           as that is what Element encourages and features such as restricted rooms
           require and as this post hints, Matrix is even more impossible to manage
           without those.
 4. Clear cache and reload so the old space maybe disappears.
-5. See also https://github.com/vector-im/element-web/issues/19208
+5. See also [Element-web#19208: Allow upgrading spaces](https://github.com/vector-im/element-web/issues/19208)
 6. Now that there is a space, right click it to create a new room under it and
    select that it can only be joined by space members. You will hopefully end up
    with room version 9 (the default at time of writing is 6 and has even worse
@@ -73,7 +74,7 @@ you have three methods to promote your other accounts:
   a git repository from which you can copy-paste it to all rooms, first `/devtools`,
   then "room state", "m.room.power_levels", "edit" and you can paste your new
   administrators there and press "send"! This is the only mass option you have,
-  and you will have to do this once every twenty rooms.
+  and you will have to do this in each twenty rooms.
 
 Remember you will have to do this every time you add a new moderator (or they
 will be unable to act in the room when they are needed)!
@@ -96,6 +97,11 @@ you simply use `/devtools` and ban the entire server by sending a completely new
 `m.room.server_acl`, luckily you are a professional `/devtools` user at this point
 so having to do this 20 times is nothing to you.
 
+*2022-01-10 addition:* this becomes worse as Matrix Synapse alongside [the Matrix protocol itself will authorise everything done by servers that don't honour the `m.room.server_acl` event](https://github.com/matrix-org/matrix-doc/issues/3506)
+so as per the guide, you will have to acl those servers too (or the ACL might as well not exist). Sadly at the time
+of writing that also includes [Conduit, so all Conduits must be ACLed too](https://gitlab.com/famedly/conduit/-/issues/67),
+even if they weren't malicious. A minor comfort is that [Conduit doesn't currently support room versions 7, 8 and 9](https://gitlab.com/famedly/conduit/-/issues/161).
+
 ### Icing on the cake
 
 Could this get any better? Yes, the abuse could happen when you are sleeping