One more step

Please complete the security check to access

[-] mox@lemmy.sdf.org 19 points 2 years ago* (last edited 2 years ago)

It has been a while since I looked at Wire, and I didn't look very deep, but here's what I noted:

Self-hosting was unavailable at the time.

I believe they violated their privacy policy a while back, by accepting new owners/investors without notifying their users. That kind of behavior is telling of what to expect from an organization, and potentially dangerous (depending on your threat model) if you're trusting them with anything, such as...

I have read complaints that they stored cleartext contact lists on the server, but I haven't verified this myself. (The first two points were already deal-breakers for me, so I didn't bother.)

[-] yogthos@lemmy.ml 17 points 2 years ago

Looks like both the client and server are open source now, so it's definitely possible to self host. Unlike Signal, Wire also supports federation nowadays https://docs.wire.com/understand/federation/index.html

[-] dhhyfddehhfyy4673@fedia.io 9 points 2 years ago

Does Wire still store metadata on who you message? That seems potentially more damaging than Signal's phone number requirement, at least since the switch to being able to hide your number from everyone.

[-] yogthos@lemmy.ml 6 points 2 years ago

Wire doesn't require any personally identifying data to register though.

[-] Zoot@reddthat.com 1 points 2 years ago

Your right, they could just read any of your messages if they feel like it however. Wouldn't you rather have a phone number associated with an unreadable account? Or no "personally identifying info (besides your entire device...)" but Wire can read and see all of what you send.

[-] yogthos@lemmy.ml 2 points 2 years ago

Given that Wire uses Signal protocol, are you suggesting that e2e encryption in Signal is not secure?

[-] Zoot@reddthat.com 4 points 2 years ago

No, what I'm saying is that if Wire still sends the passwords for the encryption in plaintext to their servers, thats bad. Signal doesn't do that afaik.

[-] yogthos@lemmy.ml 2 points 2 years ago

I agree that would be a weird thing to do, is there a source for this?

[-] Zoot@reddthat.com 4 points 2 years ago* (last edited 2 years ago)

Definitely search on your own, I was only going based off this. Could be fixed by now!

But if it was ever true, that's again, bad. Not something you would even think of doing if your true motives are "privacy"

[-] yogthos@lemmy.ml 1 points 2 years ago

Yeah that's pretty bad, and I agree that I wouldn't trust a company that did something like that going forward.

[-] ISOmorph@feddit.org 9 points 2 years ago* (last edited 2 years ago)

I find this site useful to compare messengers. I would trust Wire a tad more because it's hosted in a country with stronger GDPR regulation, vs Signal being hosted in the US.

For my needs, XMPP with Omemo has been unbeatable for a long time

[-] yogthos@lemmy.ml 4 points 2 years ago

yeah that's a good overview of different protocols/messengers

[-] pupbiru@aussie.zone 3 points 2 years ago* (last edited 2 years ago)

wire is US-based these days AFAIK - they accepted a bunch from VC money from a firm that does things like data mining and moved to the US

[-] jaxiiruff@lemmy.zip 8 points 2 years ago

Huh, never really looked into Wire but it seems like its a great option and now im wondering why people bother with signal or matrix if this can do both encryption and federation

[-] BakedCatboy@lemmy.ml 10 points 2 years ago

Federation sounded interesting so I looked at the website and it sounds like on prem can't yet federate with people using "cloud" which I guess is the hosted version - they can only federate with other on-prem instances.

It looks promising though and would be cool to host my own instance and still chat with friends.

[-] akilou@sh.itjust.works 4 points 2 years ago

Ok, in like 2 seconds of looking into Wire I see that the app is rated 2.8 stars to Signal's 4.5 and under the "data collected" section it lists name, email, phone number, user ID, photos, and videos. Signal lists phone number.

[-] yogthos@lemmy.ml 3 points 2 years ago

All you need to create an account is a username and password, so not sure where your name, email, and phone number will come from.

[+] akilou@sh.itjust.works -10 points 2 years ago

Because Signal is awesome and the gold standard for privacy

[-] ExtremeDullard@lemmy.sdf.org 13 points 2 years ago* (last edited 2 years ago)

That is not the reason: Signai is very good but it's not the best. The reason why it's more popular is because it's good, ubiquitous and easy to install.

In other words, it's a well-known app you can confidently tell your computer idiot friends and family to install on their phone and start communicating with them 5 minutes later. What's what makes it popular.

[-] SomeAmateur@sh.itjust.works 5 points 2 years ago* (last edited 2 years ago)

When it was sms compatible it was a suuuuper easy sell for my family

"It's way more secure when you text me but you can still text everyone else you know too. And we can still use it through wifi if cell service isn't working for me."

[-] joeldebruijn@lemmy.ml 1 points 2 years ago

I like the way you assign different attributes to friends and family.... 😁 Computer idiots, friends and family or ... Computer idiots friends, and family ....

[-] istanbullu@lemmy.ml -1 points 2 years ago

Signal is nowhere close to being popular.

Telegram has almost 1 billion users, which is why governments are unhappy with it. Signal is a niche toy for a very small number of people.

[-] golden_zealot@lemmy.ml 2 points 2 years ago* (last edited 2 years ago)

I think it may depend on where you are. Back when Whatsapp went belly up, myself, my entire family, and every other person I know IRL switched over to signal within a week, so I think it may be more popular than you expect, though still not as popular as Telegram as you noted.

[-] istanbullu@lemmy.ml 1 points 2 years ago

They don't even bother reporting Signal usage, it's a round off error: https://www.statista.com/statistics/258749/most-popular-global-mobile-messenger-apps/

Telegram has almost 1 billion users, half as many as WhatsApp

[-] istanbullu@lemmy.ml 6 points 2 years ago

I'm not using Signal until it's on F-Droid.

[-] akilou@sh.itjust.works 5 points 2 years ago

You don't even need a store, you can install through the apk here https://signal.org/android/apk/

[-] istanbullu@lemmy.ml 8 points 2 years ago

Signal's hostility to F-Droid is the problem.

[-] pupbiru@aussie.zone 2 points 2 years ago

they’re not hostile… they don’t see the reason for them and it’s not as clear cut as you’re making it out in favour of f-droid

[-] istanbullu@lemmy.ml -2 points 2 years ago

Because Google's monopoly on the appstore is just great, right?

[-] pupbiru@aussie.zone 1 points 2 years ago

they have apks

[-] istanbullu@lemmy.ml 1 points 2 years ago

which still use Google services.

[-] pupbiru@aussie.zone 0 points 2 years ago

that’s an entirely separate concern to f-droid

[-] jjlinux@lemmy.ml 2 points 2 years ago

Care to expand on what you mean by that?

[-] yogthos@lemmy.ml -2 points 2 years ago

🤣

One more step

Please complete the security check to access

Privacy

A place to discuss privacy and freedom in the digital world.

Some Rules

Related communities