Sunbird is closed source so you just have to take their word for it when they say they don’t store messages or credentials. How the fuck could you know if they’re lying or not? You can’t because it’s closed source.
As much as I have issues with the similar Beeper, at least Beeper is open sourcing their bridges.
That statement is pretty stupid in general. But for server side software, open source doesn’t help much. Even if you can look at the source, you still need to trust them that that’s what they are running on their servers.
I am often able to reach of level of trust to believe a company is not straight up lying about the code they are running on their servers.
I am not often able to reach a level of trust to believe a “trust me bro” from a company (especially if that statement is not qualified in a meaningful way).
Open source is important for services with end-to-end encryption, because you can make sure the client actually encrypts the outgoing data, is not sending your private key somewhere, and won’t break that security at some point in the future.
Of course this particular service cannot even have end to end encryption in the first place.
Sunbird is closed source so you just have to take their word for it when they say they don’t store messages or credentials. How the fuck could you know if they’re lying or not? You can’t because it’s closed source.
As much as I have issues with the similar Beeper, at least Beeper is open sourcing their bridges.
Just read through their faq
That’s a nope from me.
Yeah okay at first I thought “closed source isn’t necessarily a problem as long as there’s a good reason”.
But nope. That’s the worst reason.
That statement is pretty stupid in general. But for server side software, open source doesn’t help much. Even if you can look at the source, you still need to trust them that that’s what they are running on their servers.
I think there is levels of trust.
I am often able to reach of level of trust to believe a company is not straight up lying about the code they are running on their servers.
I am not often able to reach a level of trust to believe a “trust me bro” from a company (especially if that statement is not qualified in a meaningful way).
Open source is important for services with end-to-end encryption, because you can make sure the client actually encrypts the outgoing data, is not sending your private key somewhere, and won’t break that security at some point in the future.
Of course this particular service cannot even have end to end encryption in the first place.
deleted by creator
deleted by creator
They host their iMessage related shit the exact same way, so the amount of trust in the service is basically identical, at 0