this is fantastic news imo. I can finally actually consider Threema which I haven’t been able to so far because of it being proprietary. consider me interested!
e: I hope they open source everything… servers, clients, etc. if not, this’ll be pointless. I also hope they pick a good license, not something obscure.
Within the next months, the Threema apps will become fully open source, supporting reproducible builds
Doesn’t sound like the server software will be open sourced. Of course it would be nicer if they did that as well but as long as you don’t have to trust the server in any way I’m kinda okay with it
You have to trust the server with all your meta data. So it’s as good as whatsapp.
But I also have to trust the server with my meta data if they open source it? Threema still has the advantage that they don’t need any personal information at all to create an account to the metadata can be as little as “key 1 send a message to key 2”
The metadata is who (IP address, so location) is contacting whom and how frequently they are doing so. Unless it’s P2P, which it doesn’t seem to be.
It’s an inherently flawed system due to its centralisation. Check out https://matrix.org for a fully free and open source software stack where you can host your own instance and control your own metadata.
deleted by creator
ISPs are pretty cancerous, yeah. I mean even if you don’t host it yourself you’re susceptible to whoever you get to host your server and their ISP. You could use a VPN but you still have to trust the VPN provider. But ISPs have extraordinary amounts of metadata in almost every case anyway. In the UK ISPs are legally obliged to keep a list of websites that have been accessed.
Self-hosting is normally better than not self-hosting, and decentralised is normally better than centralised. But this is because of freedom much more than it is because of privacy. For privacy the best thing is to not use the internet at all.
to be fair, the whatsapp apps aren’t open source, right?
deleted by creator
No, but the data is end to end encrypted, allegedly
allegedly
so the benefit of Threema in this scenario over Whatsapp would only be the clients being open source, and how good that is depends on how much clients actually do
deleted by creator
I’m just hoping it’s worded funny. I don’t know what not trusting the server would look like but as long as it’s proprietary I’ll still avoid it
deleted by creator
No it shouldn’t. And even if the server would be open source we could not verify that the one running is using the published code
Can you do it within iOS?
I’m not 100% knowledgeable on how that’d work so I can’t say, but I’d always have “why haven’t they open sourced the server?” in the back of my head when using it
I’m already messaging apps that are 100% FOSS – I’d only get interested if Threema did the same tbh
deleted by creator
deleted by creator
This could mean the server-side code remains closed source. Good catch!
deleted by creator
deleted by creator
deleted by creator
deleted by creator
I don’t think threema uses emails as a messaging format so probably pretty different? But if you’re interested there seems to be a reverse engineered api already
deleted by creator
ok that’s cool but that’s a missed opportunity for a good domain hack
They can still do one. threema.ma, threema.na, threema.sh, threema.sk, etc. threema.ps would be confusing, though. And threema.ga… just no.
Opportunity unmissed!
Never heard of Threema, but it sounds interesting. Will keep an eye on it. Thanks for letting me know.
Removed by mod
but that’s like totally different from Threema…
