Why has Wire become untrusted?

So now Wire Messenger has apparently shifted to US ownership, but why does that make it untrustworthy while its still open source and its E2E encryption is sane, where Signal Messenger’s servers are also hosted in the US and still considered secure?



Read this topic: https://forum.privacytools.io/t/wire-swiss-gmbh-is-now-owned-by-a-usa-holding-company/1932

4 Likes

Read the complete thread so u’ll understand.

https://securechatguide.org/centralizedapps.html#signal
https://securechatguide.org/centralizedapps.html#wire

3 Likes

It is (still) trusted. It’s just they don’t care about regular users anymore. If it suits you, feel free to use it

Yeah…? Definitely not lmao
image
by Morten Brogger (CEO)
Source

3 Likes

(post withdrawn by author, will be automatically deleted in 24 hours unless flagged)

@roe
We still don’t have all the information, and no official statement regarding Wire (Personal) roadmap. This is his opinion. It will probably be like this, but I don’t plan to stop using it as long as it works well it is supported by the company. As I mentioned in another thread, Keybase is even worse (no business users, only VC money, more metadata, etc.) and it is still trusted by community.

Screenshot_20191118_123137

Regarding the first part, IMO, it is good that companies who provide great open-source software (like Nextcloud, OpenProject, Ubuntu, Riot…) have ways to make profit from business users. I really don’t see this as a downside. It might be even better than to depend on some rich philanthropist who has good intentions and is willing to spend his fortune to support some software (like Signal or Telegram). If that business-focused software is also good for me, I will use it for my personal stuff

A lot of focus is being placed on the server location, which is less important (and more important) in different ways.

Wire leaks a lot of metadata, and with a location in the US, that can be very dangerous for some. Signal doesn’t leak that same data. So on US servers, Signal is stronger there. Both use E2EE by default, so your message content in the US is safe regardless. I’d say Wire wins when it comes to using personal information to sign up, but then again, they leak enough identifying info about you that you don’t need to. Also worth noting that Signal is a non-profit, with no incentive to sell your data, while Wire is a for-profit that also works closely with government agencies (namely the ones who want your data).

Lastly, and I will go into this more in an upcoming blog post, but Wire broke trust. It didn’t make this transfer public knowledge until they got found out. Then, it took myself, Snowden, and others to hammer them for them to even make a statement. That statement, and then a follow up article on TechCrunch put into question their commitment to the individual user.

Their shady behavior calls into question what level of trust we can give them, and their flippant attitude towards individual consumers is offputting to say the least.

3 Likes

(post withdrawn by author, will be automatically deleted in 24 hours unless flagged)

I would also add that Wire has put Perosnal service in the “background” (on their site and in development) long time ago, year or so. Yes, it was there, unlike now, but you needed several clicks to find what you’re looking for. So it was more or less obvious who they are targeting.

I agree with @danarel they broke trust, but I don’t think it’s because they have bad intentsions (like selling data). I think it’s just they don’t care anymore about private users, so why bother with statemens and responses about their organization.

Regarding current users, they said all the servers they are using now will remain in Europe, and their development team is in Germany.

We also need to accept that USA is the best country to run such (software) business. Most of big tech companies are there, it’s easier to sell your product or service, it’s easier to work than in Europe, it’s much easier to get the money from investors, etc. Mozilla, Signal, Duckduckgo, Bitwarden, Tor, Pursim (hardware)… are some of most popular privacy tools, and are all made in US. IMO, bad European bureaucracy (EU mostly) is also responsible we don’t have more privacy-focused (open source) software and software companies. Even if there are some great ones (Nextcloud, Framasoft, Qubes OS…) it is much harder to make them sustainable and very hard to “convince” companies to switch from tech giants’ services