This is a public service announcement.

If your job uses Slack, please remember that the administrators that have been configured can view any channel and download all files and all information published, including channels that are "private" or between 2 individuals.

Your discussions are not secure and can be snooped upon, even private conversations.

In other words: there is no privacy on Slack. Period.

This is the end of this public service

(Don't ask how I know that)

@ParadeGrotesque Here's an interview with the founder. He freely admits he doesn't know why anyone is using it. (from 2015 and I dunno if there's an English version).

The question how a company can even consider outsourcing their internal communication to a third party still leaves me utterly bamboozled.

It's stupid in many ways. It isn't reliable, only claims to be. Worse, most slack or googlemail use I've seen is probably illegal under GDPR.

They just don't care.

@ParadeGrotesque I've heard people claim Mattermost "didn't work well". I don't have any experience with it (anyone here does?) but from my experience with trying to introduce self-hosted free alternatives to proprietary bullshit, they probably just didn't (get a chance to) try very hard ...


@quincy @ParadeGrotesque I use Mattermost, and it works quiet well. Also used IRC which was OK but terrible when trying to send anything else ie images as it's not supported by the protocol.
I don't like stuff like Slack and Discourse.

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.