Can you recommend a lightweight matrix chat client to me? - eviltoast

My laptop is getting old and i can’t have Element eat up half of my RAM. There are many more clients out there but which one is good? aka "the best? ;-)

My requirements: lightweight, encryption 100% supported, active development/community. runs neatly 24/7 in the background.

Should also support the latest features, let me customize when to get notifications: priorities / muted chatrooms. And ideally also look clean and run on the Pinephone. But that’s optional.

I don’t care which desktop environment or cli.

What do you use?

  • rufus@discuss.tchncs.deOP
    link
    fedilink
    arrow-up
    4
    ·
    edit-2
    1 year ago

    I think the way to handle this is to long-press on that notification and turn it off. This way the notification is there in theory so your app doesn’t get killed in the background and you don’t get a notification shown either. I did that with all the persistent notifications from several apps (including Element) and my phone looks clean. But don’t disable all the notification categories. Just the persistent background one so that you’ll still get notified of messages and so on.

    • j4k3@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Interesting. Thanks for the info. I turned off the listening notification. Hopefully this is the one you meant. I hadn’t thought about settings for the device itself.

      I don’t entirely understand the verification notice and all. I don’t understand the context of verification. I generally avoid making any external internet connections (finger printing) between my phone and other hardware. They are on separate VPNs and firewalls. I get the message about no verification every time I open element. I don’t know what it is trying to verify exactly. I imagine it is a copy of the keys and hashes, but like, I don’t want to connect social across devices and I am given no options or context details. I don’t mind backing up or storing keys, but I’m not installing the software on my workstation or punching holes in that firewall.

      • chayleaf@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        Anyone with access to your homeserver can change your password and log into your account. That’s why by default, when someone logs into account, their session is unverified and doesn’t have access to encryption keys. To verify it and sync encryption keys, you have to mark it as trusted from another device you own (which sends the encryption keys from the old device), or if it’s the first session it becomes the only trusted device (and generates new encryption keys).

        Note that the homeserver owner can always reset all of your sessions and encryption keys, then log in as the first session. They won’t be able to read your past encrypted messages obviously, but they will be able to impersonate you. To prevent that, you can additionally perform the same verification process for the devices of those you chat with - that way they will also know which devices you marked as trusted.

      • rufus@discuss.tchncs.deOP
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        1 year ago

        Yeah. That’s the correct one. You can also do that with other apps that rely on a background connection to some server. I also don’t use google and their cloud messaging. So that’s the way around it.

        Regarding the verification: It’s an additional layer of security for you. To make sure all the devices logged in into your account actually belong to you. Otherwise someone with access to your computer or password (or matrix-server(?)) could in theory read your messages. To prevent that, they make you verify it’s actually you who registered that additional device. I think Element has an option to not sync encryption keys with unverified devices. So you could end up with malfunctioning encryption. But in case it’s working fine for you, you can skip the verification. You’re just missing out on the extra security this way.