I really want to sign up for Beeper, but the fact I have to give them my phone number to sign up for a waitlist seemed like a red flag. How is their security profile?
This post is referring to beeper mini. It's confusing naming, but that's not the same as beeper(cloud service). Beeper mini is available to everyone on the play store and is not a cloud service. You just get it, login to Google (to pay the subscription cost) and it works. No invite needed
Want a invite code? Its just to prevent people from mass signing up
That's to prevent multiple entries by one person. Their security is very good, with audits and their products being largely open source (for this, PyPush. For Beeper Cloud, their Synapse fork and their bridges.). Only the parts that don't matter to security (the clients, mostly) are closed source.
This is the best summary I could come up with:
What may hold it at bay is the Digital Markets App (DMA), a law in Europe that says big tech companies will have to have an interoperable interface for their chat networks.
In addition, Beeper uses certificate pinning, which makes network traffic analysis more difficult to perform in order to verify its claims.
To work around this limitation, the team built BPNs to connect to Apple’s servers on the user’s behalf when the app isn’t running.
When the Android phone’s battery died, however, the texts reverted to green bubbles and did not make it to Beeper’s app — they went to Google Messages instead.
The company is also hoping to gain trust by building in public, with 50-plus projects that it’s published to GitHub with the open source code that goes into the app.
Founded in 2020, Beeper comes from former Y Combinator partner Eric Migicovsky and CTO Brad Murray, previously of wholesale marketplace startup Faire and Fitbit.
The original article contains 1,306 words, the summary contains 158 words. Saved 88%. I'm a bot and I'm open source!
Are their messages from their app going to show blue to iMessage users or something? Cuz I don't see why you'd need to reverse engineer that otherwise. Even then... How hard is it to spoof a Mac address or other hardware identifier that says the message came from an iPhone?
The fact this is even an issue is just ridiculous to begin with. If you give that much of a shit: Use a different god damn messenger that treats everyone the same.
afaik, their while thing is that they do everything on-device, so your device is the only one with access to your messages
Technology
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed