As I noted within my post, #9955859@lemm.ee (alternate link), URL thumbnail generation in Element is an enormous privacy, and security vulnerability. Thumbnails are generated server-side, regardless of E2EE settings. What this means is that the URLs that one sends would be leaked out of your encrypted chats to the server. Here is a notable excerpt from the settings within Element:
In encrypted rooms, like this one, URL previews are disabled by default to ensure that your homeserver (where the previews are generated) cannot gather information about links you see in this room.
Post Edit History
2023-10-02T00:54Z
1c1,2
< As I noted within my post #9955859@lemm.ee ([alternate link](https://lemm.ee/post/9955859)), thumbnail generation in [Element](https://element.io/) is an enormous privacy, and security vulnerability. Thumbnails are generated server-side, regardless of E2EE settings. What this means is that the URLs that one sends would be leaked out of your encrypted chats to the server.
---
> As I noted within my post #9955859@lemm.ee ([alternate link](https://lemm.ee/post/9955859)), thumbnail generation in [Element](https://element.io/) is an enormous privacy, and security vulnerability. Thumbnails are generated server-side, regardless of E2EE settings. What this means is that the URLs that one sends would be leaked out of your encrypted chats to the server. Here is a notable excerpt from the settings within Element:
> > In encrypted rooms, like this one, URL previews are disabled by default to ensure that your homeserver (where the previews are generated) cannot gather information about links you see in this room.
2023-10-02T01:28Z
1,2c1,2
< As I noted within my post #9955859@lemm.ee ([alternate link](https://lemm.ee/post/9955859)), thumbnail generation in [Element](https://element.io/) is an enormous privacy, and security vulnerability. Thumbnails are generated server-side, regardless of E2EE settings. What this means is that the URLs that one sends would be leaked out of your encrypted chats to the server. Here is a notable excerpt from the settings within Element:
< > In encrypted rooms, like this one, URL previews are disabled by default to ensure that your homeserver (where the previews are generated) cannot gather information about links you see in this room.
---
> As I noted within my post, #9955859@lemm.ee ([alternate link](https://lemm.ee/post/9955859)), thumbnail generation in [Element](https://element.io/) is an enormous privacy, and security vulnerability. Thumbnails are generated server-side, regardless of E2EE settings. What this means is that the URLs that one sends would be leaked out of your encrypted chats to the server. Here is a notable excerpt from the settings within Element:
> > In encrypted rooms, like this one, URL previews are disabled by default to ensure that your homeserver (where the previews are generated) cannot gather information about links you see in this room.
2023-10-02T03:44Z
1c1
< As I noted within my post, #9955859@lemm.ee ([alternate link](https://lemm.ee/post/9955859)), thumbnail generation in [Element](https://element.io/) is an enormous privacy, and security vulnerability. Thumbnails are generated server-side, regardless of E2EE settings. What this means is that the URLs that one sends would be leaked out of your encrypted chats to the server. Here is a notable excerpt from the settings within Element:
---
> As I noted within my post, #9955859@lemm.ee ([alternate link](https://lemm.ee/post/9955859)), URL thumbnail generation in [Element](https://element.io/) is an enormous privacy, and security vulnerability. Thumbnails are generated server-side, regardless of E2EE settings. What this means is that the URLs that one sends would be leaked out of your encrypted chats to the server. Here is a notable excerpt from the settings within Element:
Post Signature
ul7mHTfs8xA/WWwNTVQ9HzKfj/b+xw+q9csWf60OJrT58jMJpmsX8/BicwFodR8W
Llo93EMtboSUEtYZ+wQhaL/HmrEr6arup7gJzZgslOBWPFj5azADHSpjX9RYuvpt
Fk2muTUgJP2e+SW3BGDPmlcluw6mQOYcap84Fdc1eU47LOZprBXob97qInMK5LrL
tzNqARRtXGdogZtQYlNCqCd9eQgqTwPfxKVadmM6G3xQMh6mWQxQz56sCXqj+mlG
OqJyZIgB1UXEuVZeAO3pl9wN+cSM4eqHLHQwEd+aVeSPf75r2d7mZs+VNwr1WfMu
0sWcPh3aZLXKqdls6UJMEA==
That doesn’t make any sense… If the URLs are server side that means there is no e2ee at any time because the server has to know when to shown the preview…
If that’s true disabling preview generation doesn’t really matter because the vulnerability would be elsewhere
I never used matrix, but do clients own the keys or are they stored on the server?
If you look at this documentation it outlines various methods of generating URL thumbnails. Essentially, a separate request from the client for only the URL is made to the server which then returns a thumbnail. It’s an absolutely moronic design choice, if you ask me.
EDIT (2023-10-02T01:35Z): Do note that the link that I provided is for Synapse v1.37 – Synapse is currently on v1.97. Curiously, the documentation for the new versions of Synapse have removed the sections talking about URL previews. I’m not sure what’s up with that.
RT373YSQwMB+y28d7xm/Xybihcmx9jgkd4RskvPuoFQ3hapIv4exdmtMe+QxsVqos5odxTVuKAftj53zXFFQyD7MK0985zDvfKYjIj+b+8rNSAG0fArG2SXVBW0mLXqRnXiZXiknoPekyu7MKr1aD8k9DMQzCap60oNWmOLoCQXdmEetiEnhGL8zW2KR9P4MxtzxMzLzPWJyLmpLbXVJdxTmHFN32IvMHiyY29iJqZegmIuav0+IP2c3leGrJs75eGW2uWoj8J8VWWzflWfRRO3FwzJFRIvrptPN0osD0wMrgLJ4FYwXZQetIEJ99TxWvxqTYak90q6HxvVygOyHPw==
I agree. That’s a terrible choice to me.
Why would they not just offload this as a feature for the client to handle? At least then the security and privacy ultimately would be up to the user’s decision.
Post a link to a channel of 1k users and 1k users send a request to the website, instead of only the server once?
/edit: From a privacy standpoint I’d really trust my chat server provider over random websites. So I definitely don’t see how it’s a terrible choice for these two reasons.
That being said, if you’re concerned, disabling previews is the answer.