Let me edit in one more relevant info:
I don’t use it, but my contacts may or may not use it.

For those who don’t know, Beeper is an app that aims to unite all your messaging apps into one. To do this, it makes use of Matrix, bridging all those services together. So far, so cool.

However, since different services often use different encryption protocols, messages between those services and Matrix have to be decrypted on Beepers’ servers, before being re-encrypted with the protocol of the recipient.

They are completely open and transparent about this (which I can very much respect), and state that chats on their servers are encrypted, so they can’t read them.

Still though, decrypting mid-transit kinda throws the whole end-to-end part out of the window.

Some might say that everyone needs to decide for themselves if that’s a problem. But the issue with that is that if you decide to use Beeper, you also decide that every person you chat with is okay with it. Not very cool in my book.

That’s where the question asking for independant audits comes in, because I certainly don’t have the expertise to look at their code. If everything is safe from attackers, then cool.

But me for example, I switched to Signal specifically for verifiable and proper End-to-End Encryption, so chatting with someone who uses Signal through Beeper kinda defeats the point.

Because, how does Beeper even get what they need to decrypt a message I send to a Beeper user?

I don’t consent to a third party decrypting my messages, simply because one of my contacts uses their service. That is fundamentally wrong in my opinion.

What are your thoughts on this?

  • glowie@infosec.pub
    link
    fedilink
    arrow-up
    13
    ·
    1 year ago

    Beeper is just a reskinned Element messenger. The devs behind it are also the ones who built all the bridges everyone uses.

    Beeper users who message other Matrix/Beeper users it should be fully e2ee as it’d be no different from using Element or another Matrix client.

    But, it would be nice to get more clarification at a high-level as to how they handle the message relaying.

    • miss_brainfart@lemmy.mlOP
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      They state that they open-sourced the privacy-critical portions of their codebase for people to look at.

      But idk, I think the entire codebase is privacy-critical when it comes to private messaging.

    • I’m just hearing about Beeper for the first time, but if what you say is true then OP’s concern is valid. Bridges have to decrypt to re-encrypt; what’s more, they have to ~hold your credentials~ hold a token to be able to act on your behalf.

      I just did some reading about this, and you can self-host bridges and use end-to-bridge encryption, in which case Beeper will not have access to the unencrypted messages. But if you use Beeper-hosted bridges, then they have access to unencrypted messages.

      Edit @tulir is the lead architect. Tulir wrote gomuks, and most of the existing bridges. It gives me more confidence in the endeavour; it bothers me that the sign-up requires a phone #. That’s going to be a non-starter for me, personally.

      • glowie@infosec.pub
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Interesting, when I signed up I didn’t need a phone number, just email. Lmk if you’d like an invite code (if that’s even necessary anymore?)