Wire to Replace Signal as Standard in the Bundestag

internet_points

Wire seems fine, better than many alternatives, but ditching Signal because of the possibility for phishing seems very odd?

eembees

> The Bundestag administration actively provides Wire as an alternative to commercial platforms such as WhatsApp or Signal. Any idea why Signal is deemed a "commercial platform" by DBT administration?

dmos62

Anybody care to give their take on which alternative messengers are better for everyday use? Alternative as in not owned by mega corps. Does Signal have the best UX for non-technical people or casual use? Would be nice to move some conversations over to such a messenger, but don't want to force the other parties to experiment too much.

delis-thumbs-7e

This site seems to demand cookie consent for access (is that legal in EU anyway?) so can somepne provode tl;dr?

crimsoneer

This seems silly. Signal is great, let's not all start spinning up our own dedicated, not interoperable national messenger applications.

c0l0

One of my most esteemed former co-workers used to say that whenever you succeed in making something idiot-proof, the universe will create a better idiot, undoing any progress you made.

arianvanp

Working on the foundation of this (getting Wire deployed at and certified by the BSI) was my first job out of college 7 years ago and how I ended up in Berlin. And once you end up in Berlin you can never leave, it seems. I was actually on site at the Bundeskanzleramt and they had requirements of being able to install the entire server stack airgapped. We ended up building quite a cool delivery method based on Nix to ship the whole closure of the system and the containers inside and spin up a Kubernetes cluster with it. I'm wondering if it is still being used. Amazing to see it's still going strong :)

Arathorn

there is a definite irony in switching from being vendorlocked to Signal (open source but closed and locked to a US non-profit) to being vendorlocked to Wire (open source but closed and locked to a German/Swiss for-profit) - talk about jumping from the frying pan into the fire :) Meanwhile the rest of Europe (and much of the rest of Germany) seems to have converged on Matrix as a genuine open standard with various different commercial vendors (Element, Rocket Chat, Famedly, connect2x etc), avoiding vendor lock and so giving actual digital sovereignty: https://element.io/matrix-in-europe

Havoc

> often, the technology is not the weak point, but the human. Also doesn’t help that the humans doing the legislating tend to be of the “I print out my emails” generation

looperhacks

Now, I'm pretty confident to say that this is obviously just a red herring to distract from the fact that Frau Klöckner simply fell for a phishing attack. The usage of Signal wasn't the real problem (besides that it isn't formally approved for comms). But since this whole ordeal started, I'm divided where to place the blame (besides the attacker, of course): - Can we really victim-blame someone for falling for an attack? Sure, people in positions this important should know better, but I don't think we should put the blame on the victim. - Should we blame Signal for even providing the functionality that allowed the phishing in the first place? Signal announced changes that supposedly makes phishing harder, so apparently, something could've been improved before? - Should we blame the software-world entirely that having credentials that can be shared is even a thing? (Looking at passkeys) - Should we blame society that the knowledge about phishing attacks isn't ingrained into every person? (being a bit hyperbolic here) - Should we blame the administrative staff that allowed exposed politicians to even have apps that make phishing possible? It would be possible to make a super-secure messenger that needs much more verification than just "having the credentials". It's just super annoying and impractical for most people. Should we prevent exposed politicians from even having access to not super-secure messengers? I feel like things could be improved to prevent phishing attacks in the future. I just don't know what is the most sensible point to start.

newscracker

I’ve used Wire in the past and liked that it uses email addresses for registration (as pointed out in this article). Wire also had multi-device message sync long before Signal did. But on a different point, Wire is inferior to Signal. Signal has a painfully slow data transfer when switching devices. But given some time, the data transfer does work completely. On Wire, my experience has been that all media in chats are stored on the Wire servers and the backups don’t contain the media. They contain links to the media, while the media may be erased on the servers after sometime. I’ve lost a lot of media from chats on Wire when switching devices and restoring the backup from the original device. Only the text of the messages remain. At that time, Wire’s backups were also device/platform specific. Since I place a very high level of importance on retaining and transferring data, I wouldn’t recommend Wire to anyone who wants to retain chats for longer durations.

spwa4

Isn't the Bundestag famous for catching BOTH the CIA AND the Russians spying on Angela Merkel's phone? Which of course means they're also famous for not catching them spying on that phone, for years.