Honestly, I use it. For my purposes it’s good enough and the reduced security is worth it for the availability it provides me.
I don’t use it for work and I use signal separately for secure transmission.
I would say no, but not because of their malice.
Reading over the FAQ they use Matrix to bridge the various messaging services to your one app which means the e2e encryption offered by those services ends at the beeper servers. If their servers were compromised they would be able to see the messages before matrix can forward them to beeper.
The best software doesn’t need to be trusted because it’s open source and self-hosted.
I haven’t looked into this in a while but I believe the current Beeper app only allows you to use Beeper servers, is not open source, and requires you to connect it to a Google account for unknown reason, for those reasons, I say no.
The previous “Beeper Cloud” was open source and you could theoretically self host it and run it on your own server. Probably still can.
But I stopped using it for a completely different reason:
Its intended to do something that the services it uses DO NOT want you doing. For that reason, they make it intentionally difficult to do. Apple demonstrated this really well when they predictably “patched” the iMessage loophole PyPush found. You’ll be logged out constantly, there are constant bugs caused by server-side changes, and your accounts will be flagged for “automated activity”.
Any convenience it’s supposed to give you is just negated by these complications.
Also it was acquired by Automattic a while back, which is, on it’s own, a great reason to avoid it.
So, yeah, there are many reasons not to trust it.
You can self host it, but it’s pretty difficult and not really available for most.
I just looked into it again out of curiosity. It no longer requires a Google login (nor does it even require Google Play services, because I don’t have them. This will probably change once they go paid, which they’ve apparently rolled back since the iMessage debacle).
It says it supports SMS/RCS, but it actually supports neither. All it does is connect to your Google messages web account. This is an absolute joke for an app that bills itself at the top of it’s home page as “all your chats in one app” and it doesn’t even support the most common chat method.
As far as I can tell the app is still closed source.
I don’t know if there’s any way to say yes/no for sure.
It’s another service/layer that has access to your messages, even if you trust Beeper there’s always a chance something gets breached and someone else gains access to private data.
Ehhhh, depends on what you want to trust them with.
Dank memes and dad jokes, sure.
Communicating with a friend about something personal, I wouldn’t.
I have no experience with it and can’t claim to know, but the privacy advocate in me tells me it can use everything because it wants access to everything so it can datamine from every app at once.
Again, I don’t know this specific app, but literally every other non Foss app is just a front for granted permissions.
Only if you are fine with the idea that a great actor will have an easier way to interpret your communication.
It is a vague threat and nobody will go after you specifically but these companies also have shtii security so you could easily end up having your comms breached and leaked.
At this point you have to assume anything decrypt going through somebody’s server is logged and sold.
Which great actor are we talking about here? Robert Duvall? Brad Pitt? Dwayne Johnson?
I think which actor will be interpreting my communication, presumably on stage, makes a huge difference.
Threat*
Can you trust anyone? How much trust do they need to have. If you actually want to be secure. Don’t use any encryption provided inside a program. Even if code is supposedly open source. If you didn’t audit the code before compiling it yourself. It may as well still be a black box. If tight security is a must. Then nothing beats negotiating one time pads with those you are going to interact with. They’re one of the few things that are actually uncrackable unless someone gets a hold of your pad. Write whatever it is you need to write encrypted using a program for one-time pads or just a basic algorithm and then send it in clear text or any other messenger you want. Only people who have access to your pads will be able to decrypt it.
Sounds a lot like WUPHF
It’s not a digital rapе whistle. WUPHF is about fun. Fun, communication, connection.
