85
Beeper Chat App (www.beeper.com)
submitted 1 year ago by monty@lemmy.one to c/privacyguides@lemmy.one

Has anyone taken a good look at this from a privacy standpoint? I love this in concept, but not sure if it would be privacy conscience to share credentials for all of these different apps.

you are viewing a single comment's thread
view the rest of the comments
[-] dingus@lemmy.ml 34 points 1 year ago

I was on the waitlist when it was a paid app and I had not pre-paid for access, and my opinions are based on that.

I would start by saying any privacy bonafides this application has are from it running on the Matrix protocol and using Matrix bridges.


I was on the waitlist for over a year. I was honestly initially very excited when my turn came, because this was after they changed their funding method, switching from "everyone pays" to "some users pay for additional features to be unlocked."

I got a Zoom link sent to me for "onboarding." This was because initially, setup was fairly complicated for some people, and folks needed to be walked through it.

The first notification that I would not have privacy and my communications with this company would be recorded was when I entered the Zoom chat room and was notified that Beeper would be recording the session.

At no point in the year before this had it been made clear that any communications with this company would be recorded. I logged off and wrote an email stating that this is why I did not join the onboarding process. I left for work shortly after and thought about it the rest of the day.

I would not receive a reply offering for a non-recorded zoom session until the next day. By that point, I had questions, and I asked that they answer some of these questions before I re-scheduled a new meeting.

The questions were all related to Eric Micigovsky and his previous entrepeneurship with Pebble watch. When he sold Pebble, he screwed the workers on the way out, in my opinion, and it did not give me hope that he would make sure to sell Beeper to a company with the same values as he laid out in creating the application. He was happy to sell his company when it became unprofitable before: what would prevent him from doing it again?

More importantly: If the company is sold, how is there any guarantee that the privacy policy would not change?

I never received a response to these questions at all. I declined to ever use the service, ever since. I figured if they didn't think it was worth spending the time to answer such questions to me and lose me as a customer, they must not be very worried about the answers to such questions. Based on this, and the CEOs past history, I felt using the service was inadvisable.


Finally, in something that isn't so much my opinion as much as a fact.

When it comes to using iMessage specifically, you need a macOS server or an iPhone (both need to be relatively new) to run the iMessage bridge from. Beeper runs a fleet of these, but to make this work, you have to turn off some extra security settings on your Apple ID, and you have to give Beeper your password just once. They claim it is never stored, logged, or cached. It's quite possible that this is true, but it does mean you technically have your Apple ID logged in on a foreign machine you have no control over. What if this machine and all the other macOS servers got hacked to be part of a botnet? What if Apple bans all the Apple IDs involved for being part of a botnet? It leaves more questions I'm skeptical there are good answers for.

https://help.beeper.com/en_US/chat-networks/imessage

[-] Sternhammer@aussie.zone 4 points 1 year ago

… you have to turn off some extra security settings on your Apple ID, and you have to give Beeper your password just once.

If they’re using Apple’s app-specific passwords feature then that’s workable but if it’s your master Apple ID password, no way.

load more comments (1 replies)
this post was submitted on 18 Aug 2023
85 points (100.0% liked)

Privacy Guides

16263 readers
1 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...


Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 1 year ago
MODERATORS