wrt the security practices on the old infra; yes - clearly they were major screw-ups. all I can do is spell out what we did wrong, and that we are painfully aware of the errors, and what we are doing to fix it going forwards.

> why wasn't the matrix.org infrastructure fixed before launching a new product.

because we put all our energy into getting modular sorted properly to try to increase $ to fund the team, rather than tidying up the old infra, with the expectation of eventually moving matrix.org over to the new hosting infra RSN.

> Though I'm surprised that you seem to see public offerings of Matrix homeservers to be a negative

It's very much a positive from the protocol's perspective. But from the painful practicality of keeping the team funded, it's a problem to spend time supporting Librem-specific issues if there's no $ to cover the time, as it just ends up sucking time from the core project. There is a massive risk of the tragedy of the commons here. In other words: from the perspective of keeping the team paid to work on Matrix as their day job, we'd rather users bought Matrix hosting from providers who funnel some of the revenue back to the core team. Hopefully Purism will end up doing so.