I can answer that: it’s the “I don’t care about security as long as I can send memes and inappropriate messages to most people” experience.
From the looks of it, it’s as secure as having WhatsApp/Signal/Telegram/ProtonMail doing “E2EE” through each app’s servers, and never knowing whether the client did the encryption right, or if it sent the keys to the server for messages to get intercepted… well, except you do know that the bridges are decrypting all messages anyway.
Closed source helps with the second part, the connecting with a majority of people using the same closed source platform (then different people use different platforms, which is where we are now… but the DMA might solve that).
On-device bridges could be nice if they included that in the OpenSource part.
the connecting with a majority of people using the same closed source platform
The platform is open, including the part that connects to other closed source platforms. It’s just Matrix and open source bridges after all. And making the client app closed souce doesn’t help with any of that.
I’m sorry if I’m a bit pedantic about this, but it seems like you’re describing an upside to closed source software that’s just not there.
I was trying to explain that people on closed source platforms, right now, get:
Good network effect
Simple configuration
Enough security theatre to keep them happy
Different extra features
That’s the experience I understand Beeper is trying to compete with… and make money in the process.
Closing the client, could help them differentiate above the competition by better integrating into their own infrastructure, still keeping a simple configuration, and charging for it, while people who buy into the security theatre, woldn’t notice a difference in that respect. Expanding to selling some user metadata, or sniffing the bridges, would be an extra.
Nothing about what you just wrote has anything to do with closed source software though. You could just as well say that closed source helps them predict the future or draw shinier unicorns. It doesn’t!
Maybe you mean tightly coupled, stripped-down, preconfigured or vertically integrated, but you can do that just as well with open source software. No one is forcing them to make a general purpose chat app or offer the ability to choose a different server. It’s just a matter of being able to see, verify and modify the code.
differentiate above the competition […] charging for it
This is the only thing that comes close imo. But they stated specifically that they don’t want to make money with the chat app itself, so it doesn’t really work as a justification. They could easily offer server-side premium features or create a closed source premium-only version or extension, it’s no reason to make the base app closed source.
security theatre
They don’t have to do that, and they don’t afaik. Matrix itself can do proper e2ee just fine, and Beeper is pretty open about the fact that bridges hosted by them have to break e2ee to translate between platforms. They’d only need theater if their closed source app actually has some bad code in it, which is kind of my point.
Expanding to selling some user metadata, or sniffing the bridges, would be an extra
Again: Their Matrix server and bridges are open source right now, and it wouldn’t stop them from doing what you’re describing.
I can answer that: it’s the “I don’t care about security as long as I can send memes and inappropriate messages to most people” experience.
From the looks of it, it’s as secure as having WhatsApp/Signal/Telegram/ProtonMail doing “E2EE” through each app’s servers, and never knowing whether the client did the encryption right, or if it sent the keys to the server for messages to get intercepted… well, except you do know that the bridges are decrypting all messages anyway.
Closed source doesn’t help with that though, you don’t have to care about privacy in open source.
They are working on on-device bridges that preserve e2ee, but making the client closed source kind of defeats the purpose here.
Closed source helps with the second part, the connecting with a majority of people using the same closed source platform (then different people use different platforms, which is where we are now… but the DMA might solve that).
On-device bridges could be nice if they included that in the OpenSource part.
The platform is open, including the part that connects to other closed source platforms. It’s just Matrix and open source bridges after all. And making the client app closed souce doesn’t help with any of that.
I’m sorry if I’m a bit pedantic about this, but it seems like you’re describing an upside to closed source software that’s just not there.
Too pedantic 😉
I was trying to explain that people on closed source platforms, right now, get:
That’s the experience I understand Beeper is trying to compete with… and make money in the process.
Closing the client, could help them differentiate above the competition by better integrating into their own infrastructure, still keeping a simple configuration, and charging for it, while people who buy into the security theatre, woldn’t notice a difference in that respect. Expanding to selling some user metadata, or sniffing the bridges, would be an extra.
Nothing about what you just wrote has anything to do with closed source software though. You could just as well say that closed source helps them predict the future or draw shinier unicorns. It doesn’t!
Maybe you mean tightly coupled, stripped-down, preconfigured or vertically integrated, but you can do that just as well with open source software. No one is forcing them to make a general purpose chat app or offer the ability to choose a different server. It’s just a matter of being able to see, verify and modify the code.
This is the only thing that comes close imo. But they stated specifically that they don’t want to make money with the chat app itself, so it doesn’t really work as a justification. They could easily offer server-side premium features or create a closed source premium-only version or extension, it’s no reason to make the base app closed source.
They don’t have to do that, and they don’t afaik. Matrix itself can do proper e2ee just fine, and Beeper is pretty open about the fact that bridges hosted by them have to break e2ee to translate between platforms. They’d only need theater if their closed source app actually has some bad code in it, which is kind of my point.
Again: Their Matrix server and bridges are open source right now, and it wouldn’t stop them from doing what you’re describing.
I just can’t help it. 😜