I just posted a sibling comment to the GP: At least in August it wasn't optional and happened automatically on Android, unless you were running M: The permissions requested during installation (contact access, to even have a way to offer this feature) of the app were exercised without asking for further consent and your contacts were shared with their server unconditionally.
There'a a on/off switch to share contacts under Wire Settings/Options and it's off by default at installation, (it was at the end of August when I started using the service).
Don't know though if the app asked for permission to access contacts like it should, since I don't have any device with M.
This is from the Privacy whitepaper how they manage the data shared [1] :
> Address books are uploaded to backend servers if users grant client applications
access to their contacts. Each address book entry is first normalized, i.e. phone
numbers are ensured to be in E.164 form. Entries are then hashed (using SHA-
256) and base-64 encoded before being transmitted to the server.
No other information, such as names, addresses, birthdates, notes, etc. are
extracted from the address books.
Address books are checked for changes every 24h by clients and changes are
uploaded again.
Uploaded address books are used to match users on Wire, i.e. to suggest new
contacts and to automatically create connections between users (see section 2.2).
The matching algorithm creates connections between users who have each others
e-mail address or phone number in their address book.
Interesting. That implies that they changed that behavior in less than a month after I opened a ticket, which is actually very nice to read.
Tried it on Pre-M and M, it worked correctly on M ("Wants to access your contacts" -> Denying didn't harm the app). For Pre-M it was as I described above: Opt-out (and worse, they have/had no way to remove contacts, at all) instead of opt-in.
I appreciate the update though - will look into Wire again these days.
> There'a a on/off switch to share contacts under Wire Settings/Options and it's off by default at installation, (it was at the end of August when I started using the service).
Oh, thanks that's good to know. And impossible to find out without just installing the app.
> Entries are then hashed (using SHA- 256) and base-64 encoded before being transmitted to the server.
This signals that they care about privacy, but it doesn't really provide much protection against someone who wants to break it. Maybe it's just about keeping honest people honest. It would be very straightforward to dictionary attack the un-salted hash. Using a password cracking program like HashCat, you could probably recover most of the numbers in a few hours.
