• slazer2au@lemmy.world
    link
    fedilink
    English
    arrow-up
    45
    ·
    5 days ago

    I would say no, but not because of their malice.

    Reading over the FAQ they use Matrix to bridge the various messaging services to your one app which means the e2e encryption offered by those services ends at the beeper servers. If their servers were compromised they would be able to see the messages before matrix can forward them to beeper.

  • MangoPenguin@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    12
    ·
    5 days ago

    I don’t know if there’s any way to say yes/no for sure.

    It’s another service/layer that has access to your messages, even if you trust Beeper there’s always a chance something gets breached and someone else gains access to private data.

  • Ulrich@feddit.org
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    2
    ·
    edit-2
    4 days ago

    The best software doesn’t need to be trusted because it’s open source and self-hosted.

    I haven’t looked into this in a while but I believe the current Beeper app only allows you to use Beeper servers, is not open source, and requires you to connect it to a Google account for unknown reason, for those reasons, I say no.

    The previous “Beeper Cloud” was open source and you could theoretically self host it and run it on your own server. Probably still can.

    But I stopped using it for a completely different reason:

    Its intended to do something that the services it uses DO NOT want you doing. For that reason, they make it intentionally difficult to do. Apple demonstrated this really well when they predictably “patched” the iMessage loophole PyPush found. You’ll be logged out constantly, there are constant bugs caused by server-side changes, and your accounts will be flagged for “automated activity”.

    Any convenience it’s supposed to give you is just negated by these complications.

    Also it was acquired by Automattic a while back, which is, on it’s own, a great reason to avoid it.

    So, yeah, there are many reasons not to trust it.

    • Evotech@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      4 days ago

      You can self host it, but it’s pretty difficult and not really available for most.

    • Ulrich@feddit.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      4 days ago

      I just looked into it again out of curiosity. It no longer requires a Google login (nor does it even require Google Play services, because I don’t have them. This will probably change once they go paid, which they’ve apparently rolled back since the iMessage debacle).

      It says it supports SMS/RCS, but it actually supports neither. All it does is connect to your Google messages web account. This is an absolute joke for an app that bills itself at the top of it’s home page as “all your chats in one app” and it doesn’t even support the most common chat method.

      As far as I can tell the app is still closed source.

  • Evotech@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    4 days ago

    Honestly, I use it. For my purposes it’s good enough and the reduced security is worth it for the availability it provides me.

    I don’t use it for work and I use signal separately for secure transmission.

  • Qkall@lemmy.ml
    link
    fedilink
    English
    arrow-up
    2
    ·
    4 days ago

    You can self host and the main matrix bridge maker works with them… also this year self hosted bridges locally on your phone incoming .

  • southsamurai@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    8
    ·
    5 days ago

    Ehhhh, depends on what you want to trust them with.

    Dank memes and dad jokes, sure.

    Communicating with a friend about something personal, I wouldn’t.

  • SadSadSatellite @lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    6
    ·
    5 days ago

    I have no experience with it and can’t claim to know, but the privacy advocate in me tells me it can use everything because it wants access to everything so it can datamine from every app at once.

    Again, I don’t know this specific app, but literally every other non Foss app is just a front for granted permissions.

  • sunzu2@thebrainbin.org
    link
    fedilink
    arrow-up
    3
    ·
    5 days ago

    Only if you are fine with the idea that a great actor will have an easier way to interpret your communication.

    It is a vague threat and nobody will go after you specifically but these companies also have shtii security so you could easily end up having your comms breached and leaked.

    At this point you have to assume anything decrypt going through somebody’s server is logged and sold.

    • ikidd@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      5 days ago

      Which great actor are we talking about here? Robert Duvall? Brad Pitt? Dwayne Johnson?

      I think which actor will be interpreting my communication, presumably on stage, makes a huge difference.

  • Eldritch@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    5 days ago

    Can you trust anyone? How much trust do they need to have. If you actually want to be secure. Don’t use any encryption provided inside a program. Even if code is supposedly open source. If you didn’t audit the code before compiling it yourself. It may as well still be a black box. If tight security is a must. Then nothing beats negotiating one time pads with those you are going to interact with. They’re one of the few things that are actually uncrackable unless someone gets a hold of your pad. Write whatever it is you need to write encrypted using a program for one-time pads or just a basic algorithm and then send it in clear text or any other messenger you want. Only people who have access to your pads will be able to decrypt it.

    • AmidFuror@fedia.io
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      5 days ago

      It’s not a digital rapе whistle. WUPHF is about fun. Fun, communication, connection.