Self-deployed installation, mandatory registration and data protection/privacy concerns


If I understood properly, registration has become mandatory since version 6.5.0 (also stated here in the release notes). Since I maintain an environment where data protection / privacy is crucial, could someone elaborate on the (current and future) implications of a workspace registration? I have to avoid that any relevant data will be sent to third-parties. In short I’ll have to decide whether I could upgrade or have to switch to another chat-solution.

Thank you.

Ok then, 17 days ago, it really is like a ghost-town here.

The basic answer is no its not privacy safe. Push notifications for example, unless using the ‘paid’ version are sent in the clear via HQ so they can see every message you send. Without mobile clients its better but still not great because there is telemetry sent back to HQ from the server itself.

You could, remove the telemetry and not use the mobile app’s, or you could write your own transport to a mobile APP using the API, or you could use something else.

Essentially, if you’re that tight on privacy, you may be better writing your own solution because the recent trend in open-source, is money money money, and that means tearing down open-source offerings and making it hard for people to use without paying for a subscription. Just my opinion, but RHEL, Java, REDIS, MySQL… I have spoken.

Yup… long story.

Nothing connected really is.

That I can’t remember the exact answer to, but I know a man who does so I will advise in due course.

You could though there may still be restrictions on code modifications depending on exactly what code you modify. Need to check the licences carefully - I don’t recall it all now.

You can obviously build your own white label mobile apps and use your own push notification server. But there would still be a bundle of data sent to the cloud registration server.

The first question is exactly how ‘relevant’ a piece of data may be, and how strict you are the OP is at managing it.

They could just air-gap Rocket - there are examples of that. You will still need registration so you will need to have at least one person add their data there, but you can use an offline licence.

Yup, and the reason? You can’t eat for free.

Too many large companies (often VC backed) preferred to use open source software because profit, but contribute zero back.

I help develop on a couple of open source projects and it is a continual battle for funding, and knowing there are companies out there making lots of money, want everything fixed, now, for free, and complaining all the time that this isn’t done or that isn’t fixed, but do sweet f-all to help either financially or in code.

I personally know a number of projects that have either stopped working, or closed source because they were essentially working for no money and eventually said enough is enough. I know there are probably going to be a lot more in due course. It is very sad.

Interesting post from the Devuan list trying to cover this scenario via licencing.