![semaphor spideroak security audit semaphor spideroak security audit](http://www.codevate.com/assets/img/case-studies/security-audit-portal/featured-desktop.png)
If you’re doing the self-hosted version then you’re basically relying on your own ability to keep the implementation secure. Now, whether or not a self-hosted open source alternative is more secure than Slack… may depend. RocketChat doesn’t seem to mention Slack, and, frankly, feels a bit behind Mattermost in development (though it also announced that it’s about to run a Kickstarter campaign to jumpstart more development. Mattermost is quite upfront that it’s building a Slack alternative - it’s all over its website - though it also points out that it’s tried to improve on some things in Slack. Both have built open source, self-hosted Slack clones (and both try to make money by offering paid hosting for those who want it). The two big players here are Mattermost and RocketChat. The other alternatives that have been getting some attention lately are a couple of attempts to basically create a truly open source Slack clone that can be self-hosted. Semaphor offers an alternative, where each user can just pay their own way - which might be appealing to some user groups. Those groups are never going to use a paid option, because there’s no “company” to pay for all users. That is, there are lots of Slack groups that are general interest groups around certain topics, and not a company’s own internal group. One nice feature of Semaphor that Slack doesn’t have: the ability for individuals to pay their own way. Of course, Semaphor is, like Slack, working off a Freemium model, where additional features require per user fees, which can add up.
#SEMAPHOR SPIDEROAK SECURITY AUDIT CODE#
SpiderOak also, kindly, makes the Semaphor client source code available for anyone to audit, which is necessary if anyone’s going to take their encryption seriously. It’s a bit more clumsy, but if it helps keep things secure, that seems promising. Semaphor is apparently trying to work its way around this limitation by creating bots that act as their own users within Semaphor (something Slack has also), but where the bots themselves become the key to integrations. And, because of this setup, it’s not as easy to do “integrations” with third-party apps and services, which is a key selling point of Slack. There are some limitations there - of course - because any team member might leak their key (though whoever gets in would just have access to whatever that team member can see). You get a key and that encrypts all of the data in your group messaging. It’s now taken that approach to Semaphor, which obviously takes its inspiration from Slack (and feels quite similar), but with the same zero knowledge encrypted setup. Since you keep the keys, even though it’s hosted in the cloud, SpiderOak has no way to decrypt your files should anyone hack in, or should the government come calling. SpiderOak is the company you should already know of that provides an encrypted “zero knowledge” cloud backup solution. I’ve been playing around with it - and while it’s early on, it certainly has potential. The most recent, and perhaps most interesting, player in the space is SpiderOak, which recently launched its Semaphor Slack competitor on the market. Just as we’ve been encouraged to see greater use of encryption on mobile phones, email and on websites, it’s good to see new entrants trying to take on Slack with a focus on security and privacy. Not that there have been any known breaches of Slack that I’m aware of, and I’m sure that the company takes security very seriously (it would undermine its entire business if it failed on that front…), it’s been interesting to see other options start to pop up, which might be more appetizing for those who are extra security conscious. However, in these days where hacked emails are in the headlines, I can see why some might get nervous about using a tool like Slack. I also am in a bunch of other group Slack chats, as it’s basically become the platform of choice for group discussions. But, over time, it has certainly gotten comfortable, and there have been some nice feature add-ons and integrations that have made it a pretty cool service overall - though if you really want to use it to its fullest extent and switch to the paid version, it can get pretty pricey, pretty quickly.
![semaphor spideroak security audit semaphor spideroak security audit](https://i.pinimg.com/originals/2e/f7/9c/2ef79c5888ab54ba293a8890074ba0fb.jpg)
#SEMAPHOR SPIDEROAK SECURITY AUDIT UPGRADE#
While we saw some folks claim it was revolutionary, we found it to be a nice, but somewhat marginal, upgrade to our previous use of Skype chat rooms. Like a ton of people and companies, we’ve been using Slack here.