I was on the beta testing team and have been using Beeper for a little over two years now.
The convenience of having an application to house all of your chat networks is amazing.
I was on the beta testing team and have been using Beeper for a little over two years now.
The convenience of having an application to house all of your chat networks is amazing.
The bridges are all open source, and they use matrix synapse as their server installation - though their client is a closed source fork of element with changes. You can use any matrix client to connect to it, and they say it’s a standard synapse setup.
If privacy is a concern, bringing your own client should remove that concern as the rest is open source. It’s also e2e encrypted, as any matrix server is.
I self host my own matrix homeserver with bridges set up using their code. The only bit of their stack I can’t use is the client. I don’t like that that’s closed source, that’s frustrating.
Edit: while writing this two more people made the same comment. Sorry!
Beeper’s server set up is actually a lot more complicated than just standard Synapse at this point. When they say you can “self host Beeper” that’s really not accurate at this point at all. All of their 3rd party chat bridges are dynamically spun up on a per user basis with hungryserv and those servers operate in parallel with a synapse server for Matrix interoperability all behind a roomserv server. Here’s a presentation that one of their lead developers created regarding their new architecture.
Most of that extra stuff is there to handle user contact privacy and security with the bridges, which is fair. I don’t have any interest in self hosting beepers full setup, I want to get the functionality of multiple messaging services in one client - which I have, with my self-hosted matrix instance and the bridges they help develop and maintain.
I wish all of it was open source, but I did feel it necessary to head off comments that imply that the entire thing is closed source. Their implementation around dynamic servers and isolated containers spinning up isn’t really the bit that seems relevant regarding user privacy with regards to data scraping or anything. There are a lot of comments in here implying it’s fully proprietary, but there’s a lot more nuance to it than that, as you point out.
Personally, I think it’d be nice if you could self-host just the bridge instances and connect them with beeper yourself, so that the part that isn’t e2e encrypted is running on software you can validate and hardware you control.
I 100% agree this would be a great solution. That’s what I thought this page was going to be at first until I kept reading and realized it’s just a config guide for the Matrix Ansible setup. I wish they didn’t say “self host Beeper” on that page at all because self hosting Matrix has absolutely nothing to do with the Beeper service other than their devs built the bridges that they’re showing you how to set up with Matrix.
🚩🚩🚩
More like “e2mitm2e” encrypted, with the mitm being the bridges.
If the target network doesn’t support encryption, that’s “e2mitm2null”… does it at least alert you in that case?
Then run your own matrix instance with these bridges that they maintain for the community.
That still doesn’t fix the e2e problem. Just because only me, and let’s hope not too many others who manage to break into the instance, can mitm everything, doesn’t make the mitm go away.
There really should be a standard, or at least a set of standards, on how to do e2e, so the bridges would only need to route the messages.