Telegram doesn’t surprise me, chats aren’t even encrypted per default in some instances (group chats, I believe?)

But then again, how solid is any encryption if Matrix bridges can exist?

Amju Wolf
link
fedilink
01Y

No Telegram chats are end-to-end encrypted by default. And I don’t know anyone who’d use the feature regularly (it’s a hassle).

And, to be fair, it’s not really necessary for most day to day messaging.

That’s not true. Please don’t spread misinformation. That’s literally the point of this thread.

TLS encryption to telegram servers is not e2ee. That’s the point

Amju Wolf
link
fedilink
21Y

Indeed. That’s literally what I said.

@jet@hackertalks.com
link
fedilink
2
edit-2
1Y

Your sentence, and punctuation, are ambiguous. When I read it I thought you were saying they were end to end encrypted. But seeing your second comment and rereading it, I can see how you meant it to be they are not end to end encrypted

Amju Wolf
link
fedilink
21Y

It’s ambiguous only if you expect people to not use punctuation 😅.

But yeah I can see how it could be confusing. Unfortunately I don’t think there’s a mark for showing that a comma was omitted deliberately, lol.

I read it that way too. So while it’s reader-error, changing the first word to “Zero” would be a lot clearer.

I think it’s very much necessary to insist on our right to privacy. Personal chats not being encrypted should be a clear and absolute NO for anyone.

Amju Wolf
link
fedilink
21Y

Ideally, yeah. Practically, shit like stickers or media sharing is way more important to the vast majority of people.

Matrix bridges have nothing to do with encryption, they read the messages exactly the same way a client would, and send them to the other side of the bridge exactly the same way a client would.

They have a lot to do with encryption. As an example, Signal and Matrix use different encryption standards. So to get a message across, it needs to be decrypted mid-transit, to then be re-encrypted with the protocol of the recipient.

Any one of your contacts can set this up without your knowledge or consent, and then there’s a gap in the encryption. They can just freely give away the keys to their chats they have with you, and now a third-party has the means to decrypt your messages.

That’s pretty fucked if you think about it, but there’s not much you can do.

Sure, it’s not a huge problem if the service doing it is verifiable to have good security and doesn’t snoop, but it’s still adding another link in the chain to trust and to keep intact.

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 3.12K Posts
  • 78K Comments
  • Modlog