• Eldritch@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    17 hours ago

    Can you trust anyone? How much trust do they need to have. If you actually want to be secure. Don’t use any encryption provided inside a program. Even if code is supposedly open source. If you didn’t audit the code before compiling it yourself. It may as well still be a black box. If tight security is a must. Then nothing beats negotiating one time pads with those you are going to interact with. They’re one of the few things that are actually uncrackable unless someone gets a hold of your pad. Write whatever it is you need to write encrypted using a program for one-time pads or just a basic algorithm and then send it in clear text or any other messenger you want. Only people who have access to your pads will be able to decrypt it.

  • sunzu2@thebrainbin.org
    link
    fedilink
    arrow-up
    0
    ·
    17 hours ago

    Only if you are fine with the idea that a great actor will have an easier way to interpret your communication.

    It is a vague threat and nobody will go after you specifically but these companies also have shtii security so you could easily end up having your comms breached and leaked.

    At this point you have to assume anything decrypt going through somebody’s server is logged and sold.

    • ikidd@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      16 hours ago

      Which great actor are we talking about here? Robert Duvall? Brad Pitt? Dwayne Johnson?

      I think which actor will be interpreting my communication, presumably on stage, makes a huge difference.

  • southsamurai@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    0
    ·
    18 hours ago

    Ehhhh, depends on what you want to trust them with.

    Dank memes and dad jokes, sure.

    Communicating with a friend about something personal, I wouldn’t.

  • Ulrich@feddit.org
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    19 hours ago

    The best software doesn’t need to be trusted because it’s open source and self-hosted.

    I haven’t looked into this in a while but I believe the current Beeper app only allows you to use Beeper servers, and is not open source, so for that reason, I say no.

    The previous “Beeper Cloud” was open source and you could theoretically self host it and run it on your own server. Probably still can.

    I stopped using it for a completely different reason:

    Its intended to do something that the services it uses DO NOT want you doing. For that reason, they make it intentionally difficult to do. Apple demonstrated this really well when they predictably “patched” the iMessage loophole PyPush found. You’ll be logged out constantly, there are constant bugs caused by server-side changes, and your accounts will be flagged for “automated activity”.

    Any convenience it’s supposed to give you is just negated by these complications.

    Also it was acquired by Automattic a while back, which is, on it’s own, a great reason to avoid it.

  • MangoPenguin@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    0
    ·
    20 hours ago

    I don’t know if there’s any way to say yes/no for sure.

    It’s another service/layer that has access to your messages, even if you trust Beeper there’s always a chance something gets breached and someone else gains access to private data.

  • slazer2au@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    20 hours ago

    I would say no, but not because of their malice.

    Reading over the FAQ they use Matrix to bridge the various messaging services to your one app which means the e2e encryption offered by those services ends at the beeper servers. If their servers were compromised they would be able to see the messages before matrix can forward them to beeper.

    • AmidFuror@fedia.io
      link
      fedilink
      arrow-up
      0
      ·
      18 hours ago

      It’s not a digital rapе whistle. WUPHF is about fun. Fun, communication, connection.

  • SadSadSatellite @lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    0
    ·
    20 hours ago

    I have no experience with it and can’t claim to know, but the privacy advocate in me tells me it can use everything because it wants access to everything so it can datamine from every app at once.

    Again, I don’t know this specific app, but literally every other non Foss app is just a front for granted permissions.