Morrolinux: Matrix vs. Chat Control – Why Decentralization Matters

When I talk about Matrix, I’m not introducing “yet another messaging app.” I’m talking about a communication protocol that solves a series of structural problems introduced in centralized platforms. The discussion is not abstract anymore. Between political pressure, regulatory proposals like Chat Control, and the consolidation of large communication providers, centralization has become a technical and social liability.

At Linux Day Palermo, one of the Linux Day Italia 2025 happenings, I focused on why Matrix was designed the way it is, how it works, and why decentralization is becoming essential for privacy and digital autonomy.

Centralized Systems Fail in Predictable Ways

All mainstream messaging platforms share the same model: a single provider owns the infrastructure, the servers, the logic, and the metadata.

This means:

• The company decides on policies for data retention, metadata, access, and interoperability.
• Updates can undermine user expectations.
• Outages or restrictions propagate instantly and globally.
• Legal demands affect all users simultaneously, because the system has a central switch.

Encryption alone cannot compensate for a centralized architecture. If the transport, server logic, or identity system is dependent on a single actor, the entire trust model relies on that actor.

Matrix: Protocol First, Platforms Second

Matrix approaches the problem from the opposite direction. It defines an open protocol for event-based, real-time communication. Messages, state updates, membership events, encryption keys: everything is represented as signed events replicated across servers.

The key properties are:

• Federation: Independent servers synchronise their services (rooms) without relying on a central authority.
• End-to-end encryption: A strong protocol based on Olm and Megolm has been designed for asynchronous multi-device conversations.
• Open implementations: Both clients and servers are open source; interoperability is not a promise but an obligation.
• Portable identity: Your account lives on a server you choose, not the provider’s silo.

Once you understand that Matrix is an event replication system rather than a “chat app,” its resilience and flexibility make a lot more sense.

Security Beyond Marketing Terms

End-to-end encryption in Matrix is enforced at the client. Server operators see only encrypted payloads. Device verification, cross-signing, and secure key backup reduce the typical weak points of multi-device messaging.

One important aspect I stressed during the talk is that encryption applies only within Matrix. When you bridge messages to external systems, you intentionally break the E2E guarantees. Bridges are excellent for interoperability but should not be treated as secure channels.

Federation in Practice

A federated system distributes room state across participating servers. Each server stores and verifies events using signatures. If a server goes offline, other servers retain the room history and state. This design removes single points of failure and provides a communication layer that is naturally resistant to censorship, outages, and unilateral policy shifts.

For many organisations (from governments to universities to individual hackerspaces) this is the real value: you can host your own instance, maintain your own policies, and still communicate globally.

Hosting Matrix Is Simpler Than People Think

Many assume running a home server is complex. For anyone with system administration experience, it’s straightforward: a Synapse instance deployed via containers, with proper port configuration and reverse proxy setup, is enough to enter the federation. Lightweight implementations are available for higher performance or smaller resource footprints.

This is where Matrix becomes practical. You can start with a public server, migrate later if you have the technical skills, or host a small instance for a community. The protocol scales in both directions.

Common Questions From Palermo

Several technical questions came up during the session:

“What about WhatsApp’s encryption?”
Its cryptographic layer is solid, but the system is still centralized: a security vulnerability found in WhatsApp has exposed the information of literally billions of people. You cannot inspect the server architecture or influence policy.

“Do bridges expose more attack surface?”
Yes. A bridge must read messages to translate them. Use them for convenience, not for high-security use cases.

The general conclusion is that decentralization shifts the threat model. It doesn’t eliminate risk, but it redistributes control back to users and organisations.

Why Matrix Feels Like the Right Direction

Matrix is not the only decentralised communication technology, but it is one of the most mature and usable today. It aligns with open source values: transparency, portability, user agency, and collaborative development instead of platform dependency.

If you want to experiment, start simply: create an account, join Element or another client, and explore a few rooms. When you feel comfortable, try hosting your own home server. The moment you see that your communication no longer depends on a single provider, the value becomes concrete.

Decentralisation is no longer a niche ideal. It is quickly becoming the only sustainable architecture for secure, long-term communication. Matrix demonstrates how that principle can work in practice: today, not someday.

Watch the original video in Italian that inspired this article: Matrix vs ChatControl | Morrolinux ‪@FreeCircle‬ | Linux Day Palermo 2025.