Is anybody self hosting Beeper bridges?

I’m still wary of privacy concerns, as they basically just have you log into every other service through their app (which as I understand is always going on in the closed source part of Beeper’s product).

The linked GitHub README also states that the benefit of hosting their bridge setup is basically “hosting Matrix hard” which I don’t necessarily believe.

  • keyez@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    ·
    7 months ago

    Ooo definitely going to give this a shot thanks for linking it. Their docs and guides say all of these bridges are encrypted and though things go through their app/services they cannot see or save anything, will be good to verify with my own bridge/instance however.

    • sunstonedOP
      link
      fedilink
      English
      arrow-up
      4
      ·
      7 months ago

      Agreed! I’m pretty psyched about their transparency and the overall model. Especially in the universe where this Apple lawsuit results in Beeper being allowed to connect to iMessage again.

      Would love to hear any results you find with hosting! I’ll give it a try too and maybe do a follow on post with what I learn.

    • TedZanzibar@feddit.uk
      link
      fedilink
      English
      arrow-up
      1
      ·
      7 months ago

      Yes I’m very interested in how they claim to have a zero knowledge model but also admit that their bridges decrypt and re-encrypt messages as they pass through. It might only be an ephemeral thing but surely it’s a massive, gaping target for bad actors to wire tap.

      • sunstonedOP
        link
        fedilink
        English
        arrow-up
        2
        ·
        7 months ago

        Hm, so it’s encrypted from your beeper client to the bridge, decrypted, then re-encrypted with the outgoing platform’s protocol. Seems like a good reason to host your own bridge, and a good call on it being a glaring attack surface.

        Seems like the secret sauce is in how they deal with messaging platform integrations? Maybe the goal is to avoid another iMessage lawsuit. With Beeper as a proof of concept it would be cool to start adding integrations in a fully open source way (legality permitting)

      • knF@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        7 months ago

        For what I understood the decryption/encryption process happens on the bridge. The bridge is the selfhosted component so the transformation would happen in your server and they would have no visibility over the unencrypted message.

          • TedZanzibar@feddit.uk
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            7 months ago

            Yes, exactly. And how do you even tell the app that you want to self host? I see no option for pointing it to a different core server/bridge.

            … Unless you have to do it at the point of sign-up? I remember seeing an ‘advanced’ option on the login screen.

              • TedZanzibar@feddit.uk
                link
                fedilink
                English
                arrow-up
                1
                ·
                7 months ago

                Yeah I’m not disagreeing that it’s audible but having read the instructions it leaves a lot of unanswered questions like the above. Presumably people with more knowledge and time than me will figure it all out and write step-by-step guides at some point.