mirror of
https://github.com/mikaela/mikaela.github.io/
synced 2024-11-17 09:29:25 +01:00
195 lines
9.5 KiB
Markdown
195 lines
9.5 KiB
Markdown
---
|
|
layout: post
|
|
title:
|
|
"Matrix abuse protection model for community maintainers: security by
|
|
obscurity"
|
|
category: [english]
|
|
tags: [matrix]
|
|
lang: en
|
|
robots: noai
|
|
---
|
|
|
|
_I am administrator or moderator in multiple communities in Matrix, the most
|
|
sizable being 23 rooms + two spaces. I don't have my own homeserver or Mjolnir.
|
|
And I am tired._
|
|
|
|
If I was using Discord, I would make a guild, make roles within it and then
|
|
right click people and assign them roles and they would be able to manage all
|
|
channels those roles let them. Time estimate less than 15 minutes.
|
|
|
|
Sadly I am not using Discord, I am using Matrix. This means that while burnt out
|
|
it feels like no one has thought of the case where a community with more than a
|
|
couple of rooms wants to use Matrix.
|
|
|
|
<!-- editorconfig-checker-disable -->
|
|
<!-- prettier-ignore-start -->
|
|
|
|
<!-- START doctoc generated TOC please keep comment here to allow auto update -->
|
|
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
|
|
<em lang="fi">Automaattinen sisällysluettelo</em> / <em lang="en">Automatically generated Table of Contents</em>
|
|
|
|
- [Setup](#setup)
|
|
- [Bus factor](#bus-factor)
|
|
- [Abuse finds you!](#abuse-finds-you)
|
|
- [Icing on the cake](#icing-on-the-cake)
|
|
- [Aminda, are you ok, has this happened to you?](#aminda-are-you-ok-has-this-happened-to-you)
|
|
- [What is this community with 23 rooms and two spaces?](#what-is-this-community-with-23-rooms-and-two-spaces)
|
|
- [Afterword](#afterword)
|
|
|
|
<!-- END doctoc generated TOC please keep comment here to allow auto update -->
|
|
|
|
<!-- prettier-ignore-end -->
|
|
<!-- editorconfig-checker-enable -->
|
|
|
|
## Setup
|
|
|
|
I am tired, so excuse me for not involving complete documentation and just
|
|
smaller steps:
|
|
|
|
1. Use https://develop.element.io/ (or have a config.json allowing you to use
|
|
labs)
|
|
2. Create a space.
|
|
3. Through developer mode `/upgraderoom {{ site.matrixLatestRoomVersion }}`. 2.
|
|
**_WARNING_** You should check
|
|
[the Matrix spec](https://spec.matrix.org/latest/rooms/) for the latest
|
|
stable room version. Or maybe the
|
|
[unstable spec](https://spec.matrix.org/unstable/rooms/)? Or maybe you should
|
|
just
|
|
[search GitHub](https://github.com/matrix-org/matrix-spec-proposals/issues?q=room%20version)? 3.
|
|
**_WARNING! Always before executing `/upgraderoom` check that everyone in
|
|
your room has a recent Matrix server that supports your target room version,
|
|
otherwise you may lock some of your users out._** For example
|
|
`/invite @version:maunium.net` and once it joins, say
|
|
`!servers upgrade {{site.matrixLatestRoomVersion}}` to get a list of servers
|
|
that don't support room version {{site.matrixLatestRoomVersion}} yet.
|
|
4. Clear cache and reload so the old space maybe disappears.
|
|
5. See also
|
|
[Element-web#19208: Allow upgrading spaces](https://github.com/vector-im/element-web/issues/19208)
|
|
6. Now that there is a space, right click it to create a new room under it and
|
|
select that it can only be joined by space members. You will hopefully end up
|
|
with room version 9 (the default at time of writing is 6 and has even worse
|
|
situation with abuse pretention).
|
|
7. Go to room settings and set the room to public join assuming it's supposed to
|
|
be public (14 of this worst case scenario are)
|
|
8. Repeat steps 5-7 for all rooms you need, you can hopefully figure out how to
|
|
handle a private space (9 rooms in this case).
|
|
|
|
### Bus factor
|
|
|
|
As we are a serious organisation using Matrix here, even if we have no money or
|
|
people or homeserver or Mjolnir, what happens if you somehow become unable to
|
|
access your account or are asleep or something when you are needed? You add more
|
|
people with power and also register yourself on multiple homeservers, so if your
|
|
main account goes down, you have power somewhere else.
|
|
|
|
Let's say you have 20 rooms (you get it a bit more easy than I do), I think you
|
|
have three methods to promote your other accounts:
|
|
|
|
**_WARNING: administrator status cannot be removed by others._**
|
|
|
|
- A. Using the graphical user interface, invite the other administrators to the
|
|
room and click the buttons to make them administrators. I am too tired to
|
|
check how to do this, but it's a graphical user interface, good luck! Remember
|
|
you will do this twenty times, once for every room/administrator.
|
|
- B. You can type `/invite @user:example.org` and then
|
|
`/op @user:example.org 100` and copy-paste it all the time!
|
|
- C. My favourite, you can have a pre-formatted power-level event in json in a
|
|
git repository from which you can copy-paste it to all rooms, first
|
|
`/devtools`, then "room state", "m.room.power_levels", "edit" and you can
|
|
paste your new administrators there and press "send"! This is the only mass
|
|
option you have, and you will have to do this in each twenty rooms.
|
|
|
|
Remember you will have to do this every time you add a new moderator (or they
|
|
will be unable to act in the room when they are needed)!
|
|
|
|
We also have a matterbridge (which has it's own configuration for every room,
|
|
but offtopic here) which has administrator / power level 100 in every room, so
|
|
if I am not available the administrator team can login as it and take care of
|
|
the situation.
|
|
|
|
## Abuse finds you!
|
|
|
|
Congratulations, if abuse has found you, the security through obscurity model
|
|
has failed and now you get to deal with it! That is very simple, you just check
|
|
the abuser MXID, and paste `/ban @yourorgisbad:evil.example.invalid` to all
|
|
twenty rooms.
|
|
|
|
Did you find out that you have a lot of abuse from a single server and Matrix
|
|
doesn't support wildcards in bans? No problem,
|
|
[Matrix has your back with "Moderation in Matrix!"](https://web.archive.org/web/20211205204104/https://matrix.org/docs/guides/moderation/),
|
|
you simply use `/devtools` and ban the entire server by sending a completely new
|
|
event `m.room.server_acl`, luckily you are a professional `/devtools` user at
|
|
this point so having to do this 20 times is nothing to you.
|
|
|
|
_2022-01-10 addition:_ this becomes worse as Matrix Synapse alongside
|
|
[the Matrix protocol itself will authorise everything done by servers that don't honour the `m.room.server_acl` event](https://github.com/matrix-org/matrix-spec/issues/928)
|
|
so as per the guide, you will have to acl those servers too (or the ACL might as
|
|
well not exist).
|
|
|
|
### Icing on the cake
|
|
|
|
Could this get any better? Yes, the abuse could happen when you are sleeping or
|
|
otherwise out of the picture, so your fellow ICT team member (who has no
|
|
interest in touching this mess with a long stick) has to step in for you and
|
|
resolve the issue.
|
|
|
|
It's a stress situation for them, will the ICT team be able to find the shared
|
|
password for the Matrix administrator account you hopefully have and speedlearn
|
|
to be a `/devtools` professional or able to handle even easier forms of spamming
|
|
or flooding without you present? My money is on the spammer. Good luck,
|
|
high-five for the next team meeting where you wonder what happened, how to
|
|
prevent it from happening again and will you even support Matrix in the future?
|
|
|
|
I hope someone thanked you for ever having your organization there, I know that
|
|
I have only gotten complaints about matterbridge looking ugly and not using
|
|
matrix-appservice-irc, \<redacted-for-similar-trouble\>,
|
|
matrix-whatever-discord, etc.
|
|
|
|
## Aminda, are you ok, has this happened to you?
|
|
|
|
Thank you for asking, I am not ok, I have a burnout and xmas is poor time for me
|
|
in general, and this whole issue is ridiculous, someone could have thought of it
|
|
since 2014, everything I am saying is public knowledge, but no one cares.
|
|
|
|
It's whoever is running Matrix without hosting their own homeserver and Mjölnir
|
|
(which brings all reasonable management for organizations) who is at fault (me).
|
|
I wonder how much would a Mjolnir help if abuse was sophiscated enough to DDoS
|
|
it off the internet before beginning.
|
|
|
|
## What is this community with 23 rooms and two spaces?
|
|
|
|
It's [Pirate Party of Finland](https://piraattipuolue.fi/en). I cannot say
|
|
whether it's us or Matrix that is obscure enough to have avoided the nightmare I
|
|
painted in this blog post, but as I am the only administrator at Matrix, I have
|
|
locked it down so the rest of the ICT team can continue not touching Matrix or
|
|
practicing `/devtools` first without a stressful situation.
|
|
|
|
[Our main space](matrix:r/space.piraatit.fi:matrix.org?action=join) requires
|
|
knocking before it can be joined. Don't ask me what Matrix clients support
|
|
knocking, it's part of
|
|
[Matrix spec version 1.1](https://spec.matrix.org/v1.1/rooms/v7/#authorization-rules),
|
|
don't even ask me what Matrix servers support it.
|
|
|
|
Our public rooms within that space require being a member of that space.
|
|
|
|
Our more sensitive rooms that desire working peace from spammers are in a
|
|
subspace, which again require belonging to it, and which requires knocking too.
|
|
We have similar system in place at Discord where we just grant people a role
|
|
once they have talked a bit and shown themselves to not be malicious and this is
|
|
the best <s>we</s> I can do at Matrix.
|
|
|
|
The above looks a bit weird as I was going to put the actual json events there,
|
|
but I am too tired to bother with that.
|
|
|
|
## Afterword
|
|
|
|
If I am wrong at anything I said, please contact me instantly either in
|
|
[my discussion channels](/discuss),
|
|
[the GitHub issue for this post](https://github.com/Mikaela/mikaela.github.io/issues/268)
|
|
or mention `@Mikaela` in any GitHub.com/GitLab.com issue (I am not reading my
|
|
email actively though) as if I am wrong and there is a reasonable Discord-style
|
|
interface for this without additional money, you are improving my life greatly
|
|
as I am not just going to stop using Matrix.
|
|
|
|
- [Obligatory changelog link](https://github.com/Mikaela/mikaela.github.io/commits/master/blog/_posts/2021-12-05-matrix-community-abuse-security-by-obscurity.md)
|