Open ghost opened 5 years ago
I understand that maybe it was comfortable using AWS back when Wire was in it's early days and way smaller than it is nowadays. But today, with the increasing number of users, this issue should be worked on with higher priority than before. Indeed, labeling Wire 'swiss-based' is dishonest at best.
I agree AWS hosting is an issue, although it will be less of an issue when server>server federation is implemented. I'm not sure what replacements are available, but surely there is at least one hosting provider that does for the Eurozone what CatalystIT does in Aotearoa (NZ): https://catalystcloud.nz/
Totally agree, this is counter to the purpose and mission of wire.
Wire is centralized on Amazon's AWS. There are substantial privacy and ethical issues with this:
security risks
When users connect to AWS, privacy abuser Amazon gets their IP address and likely knows they are using Wire. That IP address can then be cross-referenced to other activity recorded by Amazon (both their shop and other AWS-based services like Signal and Github). Amazon also has a view of that plaintext metadata that Wire exposes. It's really a bad idea for Amazon to see who is associated to who.
@EgbertW also mentioned in https://github.com/wireapp/wire/issues/102 that Wire is advertized as being Swiss-based when in fact the servers are in Ireland and operated under ownership of a US company. That issue was apparently lost amid other issues in that thread and still needs to be remedied.
privacy-related ethical problems
Wire users are generally privacy-focused, so the ethical consequences of using AWS are out of alignment with the values of Wire users. There is both an ethical need and a practical need to abandon AWS (which has proven to be an untrustworthy supplier).