Selfhosted

59923 readers

558 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam.
Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.
Don't duplicate the full text of your blog or git here. Just post the link for folks to click.
Submission headline should match the article title.
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago

MODERATORS

curbstickle@anarchist.nexus

curbstickle_lw@lemmy.world

Beeper Self Hosting (github.com)

submitted 2 years ago by sunstoned@lemmus.org to c/selfhosted@lemmy.world

14 comments fedilink hide all child comments

Is anybody self hosting Beeper bridges?

I'm still wary of privacy concerns, as they basically just have you log into every other service through their app (which as I understand is always going on in the closed source part of Beeper's product).

The linked GitHub README also states that the benefit of hosting their bridge setup is basically "hosting Matrix hard" which I don't necessarily believe.

you are viewing a single comment's thread
view the rest of the comments

[–] TedZanzibar@feddit.uk 1 points 2 years ago (2 children)

Yes I'm very interested in how they claim to have a zero knowledge model but also admit that their bridges decrypt and re-encrypt messages as they pass through. It might only be an ephemeral thing but surely it's a massive, gaping target for bad actors to wire tap.

[–] sunstoned@lemmus.org 2 points 2 years ago

Hm, so it's encrypted from your beeper client to the bridge, decrypted, then re-encrypted with the outgoing platform's protocol. Seems like a good reason to host your own bridge, and a good call on it being a glaring attack surface.

Seems like the secret sauce is in how they deal with messaging platform integrations? Maybe the goal is to avoid another iMessage lawsuit. With Beeper as a proof of concept it would be cool to start adding integrations in a fully open source way (legality permitting)

[–] knF@lemmy.world 2 points 2 years ago (1 children)

For what I understood the decryption/encryption process happens on the bridge. The bridge is the selfhosted component so the transformation would happen in your server and they would have no visibility over the unencrypted message.

[–] warmaster@lemmy.world 2 points 2 years ago (1 children)

In a selfhosted scenario, but what about their cloud service?

[–] TedZanzibar@feddit.uk 2 points 2 years ago* (last edited 2 years ago) (1 children)

Yes, exactly. And how do you even tell the app that you want to self host? I see no option for pointing it to a different core server/bridge.

... Unless you have to do it at the point of sign-up? I remember seeing an 'advanced' option on the login screen.

[–] knF@lemmy.world 1 points 2 years ago (1 children)

It's explained in the FAQ: https://www.beeper.com/faq#how-can-i-self-host-beeper I've not used the app so I don't know how practical/easy it is but they're at least offering the option, which is laudable.

[–] TedZanzibar@feddit.uk 1 points 2 years ago

Yeah I'm not disagreeing that it's audible but having read the instructions it leaves a lot of unanswered questions like the above. Presumably people with more knowledge and time than me will figure it all out and write step-by-step guides at some point.