It seems useless to me, at least regarding the cybersecurity aspect. Of course, it’s helpful when people ask for my contact information, and I don’t want to share my phone number or email address.

But they still require information that could be used to prove or be linked to my identity for registration, right? This means a hacker could still reveal your IP address, phone number, email, and your passcode. Likewise, the development team can access these as well.

I know I’m overly cautious about my privacy, but that’s just how I am.

  • bamboo@lemm.ee
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    My main complaint is that they officially prohibit 3rd party clients including 3rd party builds of their official ones. They also don’t have reproducible builds for their clients. It leaves the door wide open for inserting some telemetry via an update to completely bypass their otherwise good encryption and (lack of) data retention.

      • bamboo@lemm.ee
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        They can already do that. You can make custom clients that pretend to be the real one, it’s just against their terms of service. Spammers generally don’t care about the ToS though, so it’s just legitimate users that are affected.