Time to replace Slack! Who will win, MatterMost or Riot/Matrix?
Slack is the prodigy of the revival of team communication. This is an awesome development. In the early days of the internet IRC (the grandfather of chat channels) was the way for nerds to have non stop communication with each other. On IRC we discussed everything from private topics on life up to project topics. When I left the student life and the non stop nerd contact stopped, the chat channels also disappeared from my life.
I was surprised that in Large Enterprises the whole concept of chatrooms or continuous digital contact between people was not present. The only thing you did was start to start a one-on-one dialogue with someone by picking up a phone or send an email. No chatter about life, the direction of the company etc. Slack has brought chat rooms back to companies.
TIMES ARE A CHANGING
Slack is a shiny product but it is standing still in its development. It is time to evolve! In this day and age the demand of products are changing. A communication tool should be safe, open & pretty. Adapt or Die! Does Slack tick all these three requirements?
Is my data safe? The new kid on the block.
The reason Whatsapp has adopted the encryption that is developed by the chat app Signal, is that security has become a mandatory requirement. People are deleting accounts of apps that get media attention for not being secure.
Signal is popular for secure chats and secure calling. An added bonus is that Signal does not give (meta-)information to the company behind Facebook. This company is the owner of Facebook, Whatsapp and Instagram, and is known for combining all the possible usage data via their apps.
The adoption of encryption by Whatsapp is in-line with the statement:
We the people need security and privacy!
— E.A. Botjes
Another trend concerning “is my data safe” is the feature of modern software that the shutdown of a server or a company does not stop the functioning of the software. Building software that can not be censored or is very difficult to take down is called: Federation. This term is used in the comparison chart created below.
Slack eats your data
Slack seems to have lost the race for being responsible with your data.
In the comparison matrix the three topics named before: Safe, Open & Pretty are set against the now top 3 in team communication tools. Slack might not be the best solution for this new world, and also lacks some other freedoms.
TEAM COMMUNICATION TOOLS COMPARISON
The clear winner is Riot with a close runner up being MatterMost. Slack is very beautiful. For most teams that do not like “computers” Slack is a nice start when open and secure is not one of your top priorities.
The only two reasons to use MatterMost over Riot are Technology fit or if you need a separation of Team Environment in our organisation.
MatterMost is easier to comprehend than Riot/Matrix from a technological point of view. When you want to run the tool in your own managed server and the IT savviness in your team is not super high then MatterMost is your tool of choice.
Riot/Matrix is better when you only want to use a Cloud Service, or when you want to have control by having it on your own server.
A killer feature of Slack is that you can create a separate environment per organisation (or project). This provides the user a specific set of channels for a specific context. In MatterMost this is also possible and implemented even better than in Slack. In MatterMost you can create as many teams as you want. You just see a small team-overview at the left of the screen, this is not possible in Slack.
In my case I am part of an organisation with small independent teams in the Netherlands. Every team has its own MatterMost team section. One team can not see the channels of the other teams and there is one main section where we can exchange ideas on organisation wide topics.
BREAKDOWN PER CRITERIA
When you are interested in more details, you can read more thoughts on the subject below.
For the security topic all three solutions are not that bad. The clear winner on Security is Riot with end-to-end security in private and group conversations. Riot is hands down the best option.
With End-To-End Encryption not only the communication channel is secure, but the messages stored on the server can only be read by the people in the conversation.
In second place we have MatterMost. When you deploy MatterMost on your own server you can add the encryption on communication and server level. You can also control that only your organisation has access to the database. The database contains all the attachments and chat logs. In the MatterMost Security Documentation you can read the encryption options.
Compared to Slack the additional security of MatterMost is that you can control who has access to your data on the server.
On the third and last place we have Slack. Just as with MatterMost two-factor authentication and secure client-server communication are available. Slack does not support end-to-end encryption, like MatterMost. Anybody that gains access to a Slack server can read all the things you have written and exchanged.
In this day and age not only hackers and frustrated system administrators are part of the Threat model but also governments tend to claim copy of data for their own use. In my opinion the clear text storage of communication on a centralized server is a setup to stay away from if you have the opportunity.
“All services hosted by third parties in the USA are less private than ones on hosting you control.” — discussion on security & privacy
MY THOUGHTS ON SECURITY
Only a few years ago it was super nice to see that we have centralized (web 2.0) team collaboration tools developed on the internet. The rise and fall of the forum on the internet is a nice example of this. Today we are far into the development of the web 3.0 architecture. Decentralized communication now comes with encrypted communication. The people behind Open Whisper Systems brought end-to-end encryption to the masses via the chats apps Signal and WhatsApp.
“Federated protocols support civil/digital liberties more than centralized.” — discussion on security & privacy
Matrix is the foundation on top of which Riot functions. A nice read on the importance of encrypted chat history and how to achieve it is the following article: Run your end-to-end encrypted chat server using Matrix and Riot. At the yearly opensource conference in Brussels Belgium (FOSDEM) the creators of Matrix gave a talk on the vision and execution of encryption in Matrix.
FOSDEM 2017 — Encrypting Matrix
We’ll also introduce the Megolm cryptographic ratchet — a new ratchet written by Matrix to tackle the specific problem…
Mastodon is an alternative for twitter that does not need a (commercial) company to rely on. Think what would happen when a retail store or insurance company would buy twitter, take it offline and integrate all the data into their Business Intelligence and Customer Profiling software :)
Mastodon is a free, open-source social network. A decentralized alternative to commercial platforms, it avoids the risks of a single company monopolizing your communication. Pick a server that you trust — whichever you choose, you can interact with everyone else. Anyone can run their own Mastodon instance and participate in the social network seamlessly. — https://mastodon.social/about
The benefits of open systems versus closed systems is a topic that deserves not one book but many books. For the selection of a Team Collaboration tool we can boil it down to a few principles that are very important and advocate for open as an important criteria.
- My data is my data and I should always have access to it.
- Software of the Open Source kind is on average more secure and more agile in reaction to the discovery of security bugs.
- “Open is more transparent than proprietary.” — discussion on security & privacy
- Software that is Open Source removes the sole dependency of your collaboration tool on one commercial driven organisation and the threats that come with the future and direction of an single commercial organisation.
The power of open
Open source software is the default for new technologies. Not only Signal is open, but Riot, Mastodon and every new technology like Docker is by default open. If you want to read-up on the why behind this development and new standard these are some nice books:
To summarize the following requirements are more and more standard for software and organisations which thrive the popularity of open.
- Be Distributed
- Be Secure with respect for privacy and anonymity
- Be Free (Libre) with respect of Civil and digital liberties by transparency
- Be Interoperable with other protocols for easy integration and exchange of data
After getting everything on the internet and on the mobile. Everything should be pretty. Apple achieved many sales with this philosophy. and finanly it is also getting part of the strategy of the other larger companies.
An example of this is the Symposia called “The Pursuit of Digital Happiness” by ViNT that influences the CTO’s of the netherlands.
The difficult part of this is that it is almost impossible to have clear and fact based discussion on this topic.
We can state that a good app should :
- Be shiny
- Have a Dark Theme
- Have the ability to disable notifications in a granular way
- Have the integration with Giphy so you can have fun
All the three tools do support this, but Slack is the absolute winner. Their team does really understand that Shiny is important. The only UX failure that have had for a while is when someone is part of multiple slack team/organisations. That did not work wel but has improved over time. Riot has switched to a native app and is awesome since then. and Mattermost is slowly improving. Their web interface is perhaps even a bit better then Slack, because of the nice organisation bar on the left, but their native app is still not very sexy.
Like stated before. My advice would be to switch to Riot because you are more in control of the security. When you want to be in control of your data go to MatterMost.
If you are a large enterprise and therefore are subject to many laws, regulations and certifications then 7 USD per user per month is a very good quality for value proposition. No forum, intranet etc needed.
If you are a medium or small organisation that is has no affection for IT then MatterMost as a Service is a good deal. MatterMost hosted is cheaper then Slack. It provides the same and sometimes better functionality. And the expensive certification labels slack has achieved is for most organizations not needed and so also there is no need to pay for it.
If you are a medium or small organisation that loves to be in control I would advice MatterMost. If you are a medium or small organization for whom data security is above all else I would advice end-to-end encryption options in Riot.