Element-web: 'Send a message (unencrypted)...' is causing confusion/concern amoung some users

Agreed, E2E encryption is not the same as completely unencrypted, if you can trust the server and TLS provides transport encryption - this is still encrypted and saying "(unencrypted)" isn't strictly true.

The intention of this feature is pretty clear - to make all users understand that this particular message will not be E2E encrypted.

I agree, though, that to users who are unfamiliar with Riot's (beta) E2E feature, it is perhaps simply alarming. There's not a lot the user can do about it in a room that's not theirs to configure, after all.

Our options are:

• enable configurable options that can allow users hosting their own platform to choose their own wording
• design something that works for everybody (by delivering the clear message to people who care, and not alarming people unnecessarily).

Of course, since you're hosting your own instance, you could just modify https://github.com/matrix-org/matrix-react-sdk/blob/1ff443956605ca818b212072767a1f6e515994b5/src/components/views/rooms/MessageComposer.js#L290 to words of your own choosing :)

instead you can set a positive message:

Send a message (https-encrypted, only readable by matrix servers)

only if the server doesn't use https, the message should stay (...unencrypted)

That just takes up way too much space :L

Yeah, something concise like E2E Encrypted/Transport Encrypted/Unencrypted seems appropriate

I would prefer there to not be any warning. It unnecessarily scares 'normal' people. Browsers don't warn about plain http websites either.

The permanent warning could be replaced by a one-time warning/explanation dialog while registering a new account. Crypto-conscious folk tend to be smart and only need to be educated once.

I like the warning if the site is without https.

"Normal"people have to be informed just in that case.

With https I like a one-time-warning too.

I'm not sure what people's thoughts are on this still, but it does seem like the text hasn't caused any major issues in the past few months. When this was originally opened, e2e was only a couple weeks old to Riot, so not many people used it. Now that it's been at least in the light for a while, it seems as though people are less confused by it. New users haven't asked about what it means (to my knowledge) for several months.

At this point I feel as though it's probably safe to close this as "not needed anymore". What are people's thoughts on making no changes?

I would like to get rid of that message. It looks, as if you are using something really unsafe.

Other messengers don't show such warnings either.

Yep, we still haven't switched to E2E as it was a pain for people to manage keys on new devices. Maybe that's improved. Regardless, transport encryption is still encryption and shouldn't be labelled as unsafe.

Not sure if someone already said it but what about only Show this to users that have a high enough Power Level to change it and instead only Show a open keylock to others?

I think an open lock is a also missleading, as e.g. on website that means total lack of encryption. Perhaps a yellow/orange lock instead to show that there is encryption, but it's not as "encrypted" as it could be?

edit: Alternatively, show two connected locks to indicate E2E, or some other new icon to signify E2E, rather than just generic "encryption"

A majority of our users are not tech-savvy or do not understand what Matrix/Riot is in the first place

I am definitely a tech-savvy user. Took a course on information security, I know the concepts, alright. Yet I was very confused as well.

Couldn't find a way to turn on 'encryption' (whatever that was supposed to mean). Here is what I tried:

Tried clicking the lock. Then checked the room settings via the menu label. No option there. At some point I found out that it's possible to verify the other user's keys if you clicked the avatar of the other user. So I did that on both ends. Still not encrypted. Tried creating a new chat (maybe it only works after verifying the keys). Nope, just redirected me to our already existing chat. Checked the application settings to see if there's a way to prefer E2E chats there.

Finally I found out there's a way to open the real room settings by clicking on a very small low contrast cogwheel on top of the chat. Then hidden between a barage of checkboxes, there's an option to make the chat encrypted (which weirdly enough is also a checkbox, even though it's a one-way setting).

So here's my take on this: I completely agree that this is a problem. Instead of telling people that their chat is 'not encrypted', all chats should be end to end encrypted by default, even if they have not verified the other user's keys. Then users are informed about this in a non-invasive way if it is the case.

E2E encryption should not be optional. It should not be some fringe feature for paranoid users. The person that added this scary (unencrypted) message probably understood this.

The all chats e2e by default is fine and dandy until you consider some people use clients that don't support e2e and it can't be disabled once enabled. Also bots

(which weirdly enough is also a checkbox, even though it's a one-way setting)

Excellent observation.

For the rest, I think that forcing e2e in all rooms at this point is unrealistic.

I still want the ugly perma-warning to be removed, and replaced with a dialog box on joining the room, which can be turned off.

The dialog also offers room for a slightly longer explanation so users don't have to go around looking for settings they can't change anyway.

Just chiming in to reaffirm: I've had a user mention that this was confusing to them, and they thought it meant there was no transport level encryption at all. Which is usually not true of course -- most homeservers have at least transport level encryption thanks to SSL.

So another idea would be:

Send a message (SSL encryption: on, E2E encryption: off)...

The following text could be used when there is literally NO encryption at all (riot is connecting to an HS over HTTP -- I don't even know if this is possible these days but let's assume it is):

Send a message (unencrypted)...

Other alternatives to consider:
For HTTPS with no E2E:

Send a message (Encryption type: SSL)...

For E2E (HTTPS/HTTP is not relevant):

Send a message (Encryption type: E2E)...

For HTTP with no E2E:

Send a message (Encryption type: None)...

I suggest:

For HTTPS with no E2E:

Send a message (Encryption: SSL-only)...

For E2E (HTTPS/HTTP is not relevant):

Send a message (end-to-end encrypted)...

For HTTP with no E2E:

Send a message (unencrypted)...

I run all my services behind a reverse proxy that handles TLS, none of these suggestions help my use case (as Riot has no idea this is happening.) Can't I just get this to be a user configurable setting in config.json? (I can make a PR)

I'm certainly not too crypto-savvy; so I turned to Google to research what this 'unencrypted' message status is all about, which landed me on this Github issue.

So I just want to confirm here that this 'unencrypted' status is indeed confusing, and should ideally be replaced with a one-time warning/explanation upon account activation. Also, I'm not trying to be an asshole, but it doesn't reflect that well on Riot when new users find this 2 years old issue without any progress in regards to fixing it ...

Everybody add a +1 reaction in the first post, to get this done

2+ years and counting... can we get this confusing string removed, please?

Please don't ping the issue to check status. If there's progress, it's highly likely to be linked here.

@drzaiusx11 please create a pr

I think it is good that the encryption status is displayed. You can't expect the user to check the room status god knows where before sending each message. The wording is not good, though.

Fixed for cross-signing

What is the fix?

it becomes Send a message and Send an encrypted message respectively