@laufi Signal gehört auch einer US-Firma...
Und von den Messangern die Wert auf Sicherheit legen ist Wire noch relativ weit verbreitet.

Ein sicherer Messanger den keiner benutzt, hilft aber nicht.

Gut dass die Leute ein Auge auf Dienste wie Wire oder Signal haben, ich würde aber weder Signal noch Wire löschen.

@maumau
ist keine klassische Firma sondern eine 501c3 Non-Profit LLC. Eine Holding ist i.d.R. Gewinnoriertiert.

@maumau
So viel ich gehört habe, möchte Wire jedoch nicht weiter mit Privatkunden "arbeiten", sondern "spezialisiert" sich auf Firmen.
@laufi

@laufi warn users and give them at least a month to decide to whether they want the new policy or delet account

@laufi This, among the arguments in the article itself, illustrate that while it’s nice having an open source client/server, if you can’t reasonably run the server portion yourself, you’ve no idea what’s actually running on the servers

@laufi I applied for a position there a while back where my main role would have been devops stuff for their enterprise side of things, so you could tell they had really put their focus toward it

it's a shame though, most of the folks I talked to seemed really passionate about the right to privacy, etc

maybe we'll see some skilled Haskell programmers hitting the market soon

@laufi at least I'll stop wondering whether to use Wire or Signal...

@hkz
@laufi
What to do when Signal is not an option? It's also US company, ignoring their users and lacks many useful featureds

@engineering @laufi a good question to which I cannot provide an answer.
I am not in partisanship, but right now I do trust them on not keeping metadata, and as such don't have anything to provide when asked by the government. I also trust them to build the app they distribute on the store with the sources provided on github. Unchanged.
I hope we won't be let down by them.
Why do you say that they ignore their users? Genuinely curious.

@hkz
@laufi
Signal is LLC, funded by non-profit foundation. They are not opened towards community (don't allow 3rd party clients, no f-droid version), have compromised on security, and in the end, you have to trust them. Same as Wire. Only less metadata (if you trust they deployed the same server code as one on github) and less features.

To be clear, I use both apps, but trust no one

@engineering @laufi yeah, the lack of an #fdroid variant is bothersome. Is it in regard of this that you said they compromised on security? Or are there other reasons?

@hkz
@laufi
No, it was this
microblog.shivering-isles.com/

Also, non-US Wire users are under Swiss laws. All Signal users are under US laws. So, we need to wait and see if there will be some other changes for private users, current situation is still quite good for them

@laufi @rf I've seen some news about PrivateInternetAccess (very affordable VPN service) being sold to someone unscrupulous too.

@laufi
Thats f***** sad :( I liked Wire alot and got all my relevant contacts there.

So it is only Signal that is left?
@laufi
Sadly not, I have run my own ejabberd for many years and even tried matrix before I convinced ppl to install Wire ... approval for xmpp/matrix is not very high. There are no clients that my mother does understand 😇

We also tried Signal before but even this is not user friendly enough. Hoped it got better over the years but it looks like there was not much improvement. Also they still use phone numbers for id. Not a big fan of that.

@kaputse
I had the best results with signal, people did not like wire that much. Probably also a question of taste.

@laufi

Does anyone know what the changes to the privacy policy actually are?

@Blort in the article it days: "A previous version of the policy (July 18, 2017) stated it would only share user data when required by law. Now (Updated September 1, 2018), it reads they will share user data when "necessary." What does necessary mean, and necessary to whom? Necessary to law enforcement, shareholders, or advertisers?"

@laufi, and how it affects end-to-end encryption? Hint: it does not affect.

Wire is the only messenger that has somehow good UX (which means it's easier to convince people to use it) and fully open-sourced code.

@dump_stack
The problem with e2e encrypted messengers is metadata. And when I show people messengers they tend to like signal more because it has a simpler UI. It is also run by a nonprofit.

@laufi, if you consider metadata as an important part of privacy (which is good, because of most of the people miss), then why you miss the phone number issue?

I can't consider any messenger privacy-oriented till it forces me to have a smartphone with a sim card.

e.g. Wire does not even require you to have a smartphone, and you can register from desktop application just by email.

@dump_stack
That is certainly an advantage of wire in terms if accessibility, but it is also a disadvantage for contact discovery. In terms of privacy it depends in whether you can get an unidentified phone number in your country. But i would aggree that signal is not the perfect choice for privacy.

@dump_stack
Someone told me wire promised to open source their server software. Did that happen yet?

@laufi
AFAIK they did, it was one of the reasons why I chose them.
@dump_stack

@laufi, yes, they have actually released everything.

Federation is coming soon (it's in the roadmap and they're actively working on Messaging Layer Security), so I hope it'll go well.

github.com/wireapp/wire-server

@laufi

So they can store and keep data that you don't want them to have, but they can delete any data they prefer not to be seen?

Sign in to participate in the conversation
chaos.social

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!