Beeper Self Hosting (github.com)
from sunstoned@lemmus.org to selfhosted@lemmy.world on 10 Apr 2024 13:00
https://lemmus.org/post/4459789

Is anybody self hosting Beeper bridges?

I’m still wary of privacy concerns, as they basically just have you log into every other service through their app (which as I understand is always going on in the closed source part of Beeper’s product).

The linked GitHub README also states that the benefit of hosting their bridge setup is basically “hosting Matrix hard” which I don’t necessarily believe.

#selfhosted

threaded - newest

keyez@lemmy.world on 10 Apr 2024 14:35 next collapse

Ooo definitely going to give this a shot thanks for linking it. Their docs and guides say all of these bridges are encrypted and though things go through their app/services they cannot see or save anything, will be good to verify with my own bridge/instance however.

sunstoned@lemmus.org on 10 Apr 2024 14:52 next collapse

Agreed! I’m pretty psyched about their transparency and the overall model. Especially in the universe where this Apple lawsuit results in Beeper being allowed to connect to iMessage again.

Would love to hear any results you find with hosting! I’ll give it a try too and maybe do a follow on post with what I learn.

warmaster@lemmy.world on 10 Apr 2024 15:22 next collapse

Please make a lemmy post about it with your findings, and link it from your comment.

TedZanzibar@feddit.uk on 10 Apr 2024 15:29 collapse

Yes I’m very interested in how they claim to have a zero knowledge model but also admit that their bridges decrypt and re-encrypt messages as they pass through. It might only be an ephemeral thing but surely it’s a massive, gaping target for bad actors to wire tap.

knF@lemmy.world on 10 Apr 2024 15:40 next collapse

For what I understood the decryption/encryption process happens on the bridge. The bridge is the selfhosted component so the transformation would happen in your server and they would have no visibility over the unencrypted message.

warmaster@lemmy.world on 10 Apr 2024 15:43 collapse

In a selfhosted scenario, but what about their cloud service?

TedZanzibar@feddit.uk on 10 Apr 2024 15:54 collapse

Yes, exactly. And how do you even tell the app that you want to self host? I see no option for pointing it to a different core server/bridge.

… Unless you have to do it at the point of sign-up? I remember seeing an ‘advanced’ option on the login screen.

knF@lemmy.world on 10 Apr 2024 20:31 collapse

It’s explained in the FAQ: www.beeper.com/faq#how-can-i-self-host-beeper I’ve not used the app so I don’t know how practical/easy it is but they’re at least offering the option, which is laudable.

TedZanzibar@feddit.uk on 10 Apr 2024 21:58 collapse

Yeah I’m not disagreeing that it’s audible but having read the instructions it leaves a lot of unanswered questions like the above. Presumably people with more knowledge and time than me will figure it all out and write step-by-step guides at some point.

sunstoned@lemmus.org on 11 Apr 2024 04:55 collapse

Hm, so it’s encrypted from your beeper client to the bridge, decrypted, then re-encrypted with the outgoing platform’s protocol. Seems like a good reason to host your own bridge, and a good call on it being a glaring attack surface.

Seems like the secret sauce is in how they deal with messaging platform integrations? Maybe the goal is to avoid another iMessage lawsuit. With Beeper as a proof of concept it would be cool to start adding integrations in a fully open source way (legality permitting)

xlash123@sh.itjust.works on 10 Apr 2024 15:48 next collapse

I’ve been interested in doing this, but I can’t tell why I need to login to Beeper in order to self host. I noticed their previous self-host solution did not require that.

Because of that login step, I decided to look into this other repo which uses Ansible to deploy a Matrix homeserver and the same bridges that Beeper uses. I haven’t finished it yet since there’s a lot of config and choices to make, but it seems like it’ll serve the same end goal.

Edit: lol, maybe if I read the intro, I’ll get my answer.

You can connect any† standard Matrix application service to your Beeper account without having to self-host a whole Matrix homeserver.

Still might go with the second option so that I don’t rely on their cloud services.

sunstoned@lemmus.org on 10 Apr 2024 17:46 next collapse

That’s a cool solution! I’d be interested in making a nix flake to do something similar to that Ansible project. Thanks for linking!!

keyez@lemmy.world on 10 Apr 2024 17:47 collapse

Been trying to read through to understand and see how all this is supposed to work, I guess it’s so you can use beeper app and infra and APIs to talk to your matrix server and the encryption/decryption/handshake happens here between matrix and beeper and then send to their servers for delivery and all that portion.

shrugal@lemm.ee on 10 Apr 2024 23:25 collapse

I started using their Signal and WhatsApp bridges today, probably one of the easiest setups I ever did. You just run a Docker container for every bridge, and login to your Signal/WhatsApp account by chatting in the app with the Matrix bot it creates.

Literally takes like 5 minutes if you’ve used Docker before, and you don’t need a domain or forwarded ports or anything.