Why is this posted here? Telegram is not a private or secure messenger.

No such thing as a secure and private messenger exists

Not even Signal?

@ganymede@lemmy.ml
link
fedilink
3
edit-2
4M

no idea why you’re being downvoted.

you’re entirely correct, and i don’t interpret you as defending telegram’s lack of user protections

(noticing a real uptick in reddit hivemind around lemmy lately, it’s depressing tbh)

Yea I’ve been getting nuked for my shit opinions instead of discussions. I accidentally posted in Hexbear this weekend…that was an experience.

People need their copes, such as believing that privacy isn’t hypothetically impossible

Everything that’s encrypted is private and secure. There are messengers that encrypt your messages, profile, who you message, contacts, etc. Use those. If you’re particularly paranoid, read the code and build from source.

@ganymede@lemmy.ml
link
fedilink
4
edit-2
4M

Everything that’s encrypted is generally more private and secure than the equivalent which isn’t encrypted

States have armies of cryptographers who have broken all publicly available encryption methods and maintain a propaganda campaign to sustain the belief they haven’t.

How would these armies communicate then?

Private encryption protocol Despite the propaganda, it is possible to create without public scrutiny. All you have to do is not cheap out like they did with DES.

Did you know they use the Signal protocol? So literally the same encryption scheme?

Besides, the military isn’t smarter than 30 universities independently confirming the security.

This is a actually pretty worrying

This is a actually pretty worrying

Why?

Telegram is not an encrypted platform, so they’re not going after him for providing end-to-end encrypted services. They’re going after him because they have full insight into what’s going on in their platform and not taking appropriate action and in some cases completely ignoring it. It’s pretty common that if you’re providing a public platform that you comply with authorities. Signal doesn’t have this problem, they have no insight into anything their user base is doing; you can’t be asked to enforce things you can’t see.

@NecroParagon@lemm.ee
link
fedilink
1
edit-2
4M

I and many tens of thousands of others use it for accurate and timely war updates. Where are we expected to go if Telegram starts censoring everything?

This could be catastrophic for the war effort online.

Edit: I should note that with the exception of illegal things, like child pornography, being made aware of to the owner of the platform they should have to act on that. That’s excluded from the ramifications this will have on important matters. Any platform should be made to act IF they are made aware of such activities.

ᗪᗩᗰᑎ
link
fedilink
14M

Thanks for the reply. Yeah, losing Telegram as a platform for updates would be pretty unfortunate. Is there something unique about Telegram that prevents alternatives from being used? Is it the group size? Its ubiquity?

Possibly linux
link
fedilink
21
edit-2
4M

So you want so start seeing platforms practice mass censorship? That’s what’s going to happen as they aren’t going to take on risk.

What’s worse is that spells the end of the fediverse and smaller hosted media. The admins who are bold enough to host a Lemmy or Mastodon instance are eventually going to get taken by authorities. It doesn’t matter what country they are in. Admins can’t moderate everything and there will always be content that is illegal somewhere.

So you want so start seeing platforms practice mass censorship? That’s what’s going to happen as they aren’t going to take on risk.

Platforms are already not taking a risk and practice mass censorship. This is why you have words like “unalive” and “grape” becoming part of the American lexicon. It’s not even nefarious. Advertisers don’t want their content near negative content so platforms (without being asked by their government) auto-enforce these kind of policies.

What’s worse is that spells the end of the fediverse and smaller hosted media.

Serious doubt. All the fediverse has to do is comply with the law when asked, it really is that simple. Telegram was specifically not complying with the law, which is why illegal content is so easy to find on there, and thus why they were being targeted.

Admins can’t moderate everything and there will always be content that is illegal somewhere.

Frankly, if you can’t keep your house in order, you’re not taking your responsibility seriously enough. Nobody’s forcing lemmy, mastodon, peertube, pixelfed, etc admins to give free accounts to more people than they can manage.

The law will then say E2EE is forbidden. And then the next step is making Telegram as a prime example to strip out E2EE because “Look how many bad guys we can catch without E2EE”.

ᗪᗩᗰᑎ
link
fedilink
44M

The law will then say E2EE is forbidden.

They’ve already been trying to add backdoors to encrypted platforms already.

next step is making Telegram as a prime example to strip out E2EE because “Look how many bad guys we can catch without E2EE”.

It’s going to be hard to ban E2EE globally. If they do propose laws to ban encryption we’ll just need to fight back. The issue with Telegram is completely unrelated to E2EE as they’ve implemented it so poorly, I wouldn’t conflate the two issues.

Telegram never was and never will be a secure messaging platform. Anyone using it as a such is an idiot.

Possibly linux
link
fedilink
3
edit-2
4M

I never said it was

Picture this moment, but in 1994 wherein Vint Cerf and Robert Kahn are taken into custody for developing TCP/IP, a protocol that inadvertently enabled drug dealers to communicate.

Célia
link
fedilink
214M

He is not arrested for having developed the Telegram protocol and apps, but for failing to moderate his platform, where he could totally do so as the messages are not encrypted (except for secret chats which doesn’t even support groups) on his servers, which he has control over.

Got carried away with democracy and attempts to feel like someone. So what kind of moron do you have to be to get EU citizenship? Thought he would run away from the democrats and liberals. Well, he’s an idiot and that’s it.

Feel better grandpa?

There exist not EU citizenship because the EU is not a country. That aside, EU countries have stronger dmocracies, and especially stronger privacy protection laws than any other country in the world. What are you talking about? Are you in the correct community?

It’s you protonmail who will tell how they disclose user data, which leads to arrest in Spain. Source

Well you don’t even seem to know that the Swizz is not part of the EU. And by being arrested in Spain confirms my point.

I expected you to say that, that it was something else. :D

There are open groups on Telegram in which people post that they want to see person XY dead… Everyone who joins the open group can read it anyway.

They decided not to moderate this and not to delete illegal content once reported, although it’s easily possible without breaking encryption.

IMO, this has not much to do with privacy.

This is like posting that we should kill someone on Reddit and nothing is happening.

I don’t see how that’s his problem.

People who think it is, should report for their duty in Kursk as soon as possible.

This is like posting that we should kill someone on Reddit and nothing is happening.

Have you been there in early 2022? Tons of “we must exterminate Russians”. Or in 2015 or so, go to /Europe, see what they say about migrants. You might wanna lower that high horse of yours

Célia
link
fedilink
34M

They wouldn’t even have to break encryption to moderate, message groups cannot be (end-to-end) encrypted on Telegram, as secret chats only support one-to-one conversations

It still isn’t a great future to look forward to

Does that mean that French Lemmy admins are now liable for everything that is said by others? That seems like a huge liability and it is impossible for them to catch everything. Also what happens if someone criticizes the French government? Do they have the power to have random comments removed?

If they receive a notice that there is illegal content, that it should be removed and then refuse to cooperate?

Then yes, e2e is not under fire, not cooperating in moderating/Removing known criminals is

This is a global push to destroy systems the government’s can’t control. He fact he was arrested says everything.

removed by mod

Just ask chatgpt, it’s really easy to understand actually

https://chatgpt.com/share/2ea4cddf-d28b-41af-b221-0a6bb5637247

Dirty statists downvoting, typical heard behaviour !

Wrong community mate.

Isn’t everything? shrug

How so? Telegram isn’t a great choice if you’re looking for privacy: E2EE is disabled in 1-on-1 chats by default in Telegram, so it’s technically possible for Telegram employees to read majority of messages sent on their platform. Group chats and channels have no E2EE at all.

deleted by creator

He was not arrested for privacy, there are huge open groups on Telegram for piracy, csam and cyber criminals.

These groups are not encrypted, everything is stored in plain text on their servers. He is being arrested for not removing/moderating this content.

Well, he caused this himself in the end, he failed to deliver on the part of secure and private messaging because default chats are insecure and secret chats are a buggy joke. If he delivered in the promise of providing a real secure and private messenger and did real effort to fight against spam, then things mind have turned out differently. Decentralization should also have been part of it.

In the end, he chose for fancy features instead.

“Sure”.

Telegram is like CSAM and Nazi Central tbf. The place needs a purge, sucks that it’s capitalist states doing it, they will go after leftists too…

You know you are an authoritarian country when you arrest CEOs of messaging apps.

ᗪᗩᗰᑎ
link
fedilink
64M

But’s not just a messaging app. Telegram is a public forum (non-private and unencrypted btw) where they know crimes are being committed and are taking no action to mitigate them.

If you let people commit crimes in your house you are a criminal. If you own a mall and let people commit crimes in it, you are a criminal. If you own a boat and let people commit crimes in it you are a criminal. Same concept here. Pavel Durov created a public forum and not only allows crime to happen, but lies to people telling them its secure and private.

If I were a tinfoil wearing kind of person, I’d think Pavel was in on the whole thing and helping some 3-letter agency because Telegram has been a “privacy” scam from the beginning and it seems criminals are too dumb to realize they fell for playbook similar to Anom, just on a bigger scale.

Does that mean if you provide an E2EE service, you are a criminal too, because you let people to commit crimes on your platform, you’re just unable to see them? It’s like having a mall with no surveillance or security.

ᗪᗩᗰᑎ
link
fedilink
14M

Does that mean if you provide an E2EE service, you are a criminal too …

Nope! Not if you believe privacy is a human right.

It’s like having a mall with no surveillance or security.

It’s more like renting an apartment or office space and not being liable for crimes that you cannot see. Malls are generally viewed as a public space (think unencrypted chat rooms). If you own a Mall and have no surveillance and security and continue to allow crime to happen after you’ve been asked to remediate the issue, you are aiding criminals, much like Pavel and Telegram if you consider that Telegram is not encrypted and they have the ability to view everything going on in their platform.

Apartments and business offices are more like “encrypted” chat rooms. You can’t be held liable if you’re unable to see crimes being committed.

I feel like the difference is not that big, though.

If you rent, your landlord has a right to enter your apartment, even though they rarely use that right. Sometimes, they can check on things. The same applies to apartments in personal ownership: if police has a warrant, they can enter and see if there’s illegal activity. So based on this analogy, no, apartments are not “encrypted” chat rooms, and I don’t think any significant number of places would be considered “encrypted” or “fully private”, if you must.

Continuing with the analogy, Telegram can view and intervene in the activity on the platform, just like landlords or police, but Durov, let’s call him a landlord, protects privacy of his tenants, not letting the law enforcement in.

Speaking of E2EE platforms, I’m sure there’s crime happening on them, because it’s logical for criminals to use more secure protocols, yet I don’t see the same arguments made about them. It’s just they are providing the same (better!) tools to the criminals without an option for law enforcement to see the content (but perhaps with options to ban on request).

And frankly I don’t think there’s too big of a difference between E2EE and non-E2EE platforms in terms of conscience: the former just deliberately deprive themselves of an opportunity to see what content goes through their services.

P.S. that said, I don’t think it’s ok that Telegram promotes the service as private, and that Durov ignored requests to nuke known illegal activity.

ᗪᗩᗰᑎ
link
fedilink
14M

I feel like the difference is not that big, though.

But the difference is massive. Telegram, because E2EE does not work for the majority of its use cases, is hoarding tons of CSAM and other illegal content. This isn’t just about the “criminals” who are adding illegal content, its about Telegram’s access and hoarding of this data.

On the other hand, Signal is simply a transport vehicle for data. No illegal content is stored or accessible by Signal, its developers or anyone who may gain access to their infrastructure - the complete opposite of the situation over at Telegram. Signal cannot be implied to be storing illegal content because they simply don’t store any content. Law enforcement can ask Signal to provide all the data they have on specific users, and they have, but the only data they have is when you created your account and the last day (not time) a client pinged their servers.

All CEOs should be arrested actually.

Which country is not authoritarian by that measure?

It’s own fault, you shouldn’t have taken the citizenship of this stinking pad… You should have taken the citizenship of the Emirates or India or Brazil, for example… Having French citizenship now is a disgrace.

You don’t seem to know what you are talking about. Are you a child or on a primary school or something? Read more.

He has dual citizenship - French and UAE.

I was too lazy to just google it, but he has citizenship in Russia, the UAE, France, and Saint Kitts and Nevis.

India is also attacking encryption and I am not sure about Brazil. If he set foot in India he also would of been arrested.

You were right. After the arrest, it caused a backlash in India. An investigation was launched against the encrypted messaging app to find out whether it violated Indian laws.

If we are being honest I wish I was wrong. I wish seeking privacy from mass surveillance was for paranoid people

Elise
link
fedilink
14
edit-2
4M

I’d totally be on board with this if the moderation was aimed purely at such cases.

I’m afraid it will be used to oppress minorities and suppress political opinion. Are we going to keep putting people in jail for their political opinions?

Durov, as a citizen of France, recently sent them away when they asked for access, and then flew to them to test the strength of democracy. Imbecility and courage.

TWeaK
link
fedilink
64M

He just left Azerbaijan after meeting with Putin. I think he decided he’d be safer in French custody.

redrum
link
fedilink
74M

Source?

TWeaK
link
fedilink
54M

https://turan.az/en/politics/putin-refused-to-meet-with-pavel-durov-in-baku-783760

Apparently he didn’t end up meeting with Putin, but that had been the plan.

@fireshell@lemmy.ml
link
fedilink
2
edit-2
4M

He wanted Uncle Vova to hide him from the bad guys, but he sent him away, there was no meeting. Pasha went to a foreign land.

TWeaK
link
fedilink
34M

You’re right, Putin declined to meet with him.

minnix
link
fedilink
904M

Telegram is good for citizen journalism (like what’s going on on the ground in Gaza and Ukraine), funny videos and memes, tech support, and casual conversation. Never privacy though.

Possibly linux
link
fedilink
9
edit-2
4M

What should be alarming is what thus means for other services. Can you get arrested for running a Matrix server in France? It seems like this is very slippery

I personally don’t like Telegram as it is centralized, not private and is to close to the Russian government. However, it should be allowed to exist.

ᗪᗩᗰᑎ
link
fedilink
14M

If you own a house, can see crime is being committed there and take no action to stop it you are a criminal and should be arrested. If you own a farm, can see crime is being committed there and take no action to stop it you are a criminal and should be arrested. If you own a school, can see crime is being committed there and take no action to stop it you are a criminal and should be arrested. If you own an office building, can see crime is being committed there and take no action to stop it you are a criminal and should be arrested. If you own an internet service provider (ISP), can see see crime is being committed there and take no action to stop it you are a criminal and should be arrested. If you own any land, can see crime is being committed there and take no action to stop it you are a criminal and should be arrested. If you own a public forum, can see crime is being committed there and take no action to stop it you are a criminal and should be arrested. If you own a public messenger (because Telegram is very much not private or encrypted) can see crime is being committed there and take no action to stop it you are a criminal and should be arrested.

I don’t see this as a slippery slope.

What with public land? Do politicians need to be arrested?

ᗪᗩᗰᑎ
link
fedilink
14M

yeah that doesn’t make sense, I meant private forum, public forums belong to the “public” thus nobody can be held accountable.

The fact that governments want to shut down Telegram and arrest its founder shows that Telegram is pretty good for privacy.

I wouldn’t go that far

Why not both? Telegram is bad for privacy, and governments still want to arrest the founders of systems they cannot control?

Because we jumped to the conclusion that he is being arrested for providing privacy, and thus our internal biases make it difficult for us to quit that idea. Much easier to force the facts to fit the conclusion than it is to reevaluate the conclusion.

And definitely much better than discord, contrary to what some say

I’m pretty sure no one actually says that

nitrolife
link
fedilink
-254M

Why not? Unlike whatsapp and signal, telegram private chats are not synchronized. So if you lost your phone and started a new one, the chats will not magically recover as in whatsapp. Because recover is unsecure. So the telegram is quite private.

or do you mean that encryption is not enabled by default in every chat? This is not an indicator of the messenger’s privacy.

Although Tox takes them all by the head, of course.

There are way better options. Use Signal, Simplex Chat or even Matrix

nitrolife
link
fedilink
24M

Signal not good enough after check protocol.

Matrix is overkill. But I was hosted it some time ago.

So, I will check Simplex Chat. Thanks.

Unlike whatsapp and signal, telegram private chats are not synchronized. So if you lost your phone and started a new one, the chats will not magically recover as in whatsapp.

That’s not true. Signal stores all messages on device.

or do you mean that encryption is not enabled by default in every chat? This is not an indicator of the messenger’s privacy.

Encryption on Telegram only works in 1 on 1 chats and is turned off by default meaning no one use it.

Encryption on Telegram only works in 1 on 1 chats and is turned off by default meaning no one use it.

It also only works in the mobile clients

nitrolife
link
fedilink
-4
edit-2
4M

That’s not true. Signal stores all messages on device.

Ok. Signal win one point.

Encryption on Telegram only works in 1 on 1 chats and is turned off by default meaning no one use it.

so, I use the telegram crypto chat to get a credit card pin from my bank. do you want to do this with signal? =)

in 1 on 1

and in turn, this means that the FSB log collector is not connected in the third place. =)

P.S. Do you understand the absurdity of the situation? telegram is not safe enough, but for some reason it is preferred by drug dealers. The lives of these people literally depend on the messenger. and the European Union was so unable to cope with this that it arrested the developer for complicity.

telegram is not safe enough, but for some reason it is preferred by drug dealers. The lives of these people literally depend on the messenger.

Most people are technically illiterate. On top of that, most criminals are idiots (otherwise they’d have calculated risk/reward ratio rather than only looking at the reward side of things). The reason it is used by drug dealers is (1) Telegram is convenient, (2) Telegram is not moderated so they accumulate there due to “moderation selection”, (3) Law enforcement didn’t care enough to do anything about that. Now that (3) has changed and (2) is on shaky grounds, I expect a lot of them will move elsewhere.

Definitely I would do so in Signal and never Telegram. What a question

nitrolife
link
fedilink
24M

OK. Thanks for answer.

Chats are only synchronized in Signal on actively linked devices. If you link a new device, your chat history will be completely blank at first.

nitrolife
link
fedilink
-1
edit-2
4M

and this does not prevent you from connecting the FBI log collector in the background. He will always be active.

I live in a country where, when crossing the border, they can request a phone for check chats, so I can roughly imagine how it works. Government has a much higher level of access. if the account is restored via SMS, this means that any FSB employee can connect your account to himself. if the conversation is not one-on-one, it means that the FSB log collector is somewhere in third place. This is the reality. I don’t understand why you think that your government collect data somehow another. may be from really bad people’s, but with same methods.

P.S. on telegram you have only one-by-one crypto chats. Protocol can’t connect anyone else.

Signal has been pretty throughly audited by data security experts. It’s as secure or more so than Telegram. It uses end to end encryption, same as Telegram. If you’re crossing the border, unlink your device, delete the app, and relink it later. Your account can’t be restore via SMS. I’m not sure what you mean by that. I’m sure my government can collect any data they want if they’re determined enough, but Signal is about as secure as it gets if you’re talking civilian digital communication.

nitrolife
link
fedilink
2
edit-2
4M

I’m sure my government can collect any data they want if they’re determined enough

Exactly. But telegram destroy basic tracking paradigm. You can register on really fake number for example, byed thought TON coin. That’s why Durov arrested in the first place.

And that really good for drug dealers. Or for russian opposition who don’t go out from Russia.

P.S. And experts check only Crypto part, by the way. What really happening on signal servers who known. In that part telegram con’t connect anyone to 1to1 chat (but maybe can hack keys. But I cant approve that after check client source code), but signal can convert that chat to 3 persons and connect logger without problems.

troed
link
fedilink
304M

Russia banned Signal, but not Telegram, to make sure their citizens couldn’t plan any subversive activities against the state.

That’s all we needed to know for sure.

nitrolife
link
fedilink
4
edit-2
4M

On the other hand, Durov was arrested in Europe, but the developers of the signal somehow does not.

Well, for some unknown reason, drug dealers still choose telegram. And they don’t just have an unfounded choice, but the profit depends on the messenger. Or say you that Durov was arrested for no reason?

P.S. in Russia now testing system for ban all messengers don’t hosted in Russia. They next after youtube. Telegram too. Information from first hands. =)

@Omniraptor@lemm.ee
link
fedilink
1
edit-2
4M

оо рекабушники в эфире. Реддит ещё у вас банить не собираются?

nitrolife
link
fedilink
24M

А кто его знает. Тут как ветер подует так и заблокируют. По телеграмму / ватсапу и т.д. хотя бы предупреждали телеком операторов ещё месяц назад.

Well, for some unknown reason, drug dealers still choose telegram.

How do you know that not 99% of drug dealers use Signal and 1% Telegram? Could very well be so. You don’t know because it’s all encrypted. That is the whole point. That is also why nobody from Signal got arrested. No law violated if you can deny all allegations.

nitrolife
link
fedilink
0
edit-2
4M

in telegram all crypted too. and public chats, if you don’t tell me that government check servers in another contry. And I repeat my question. Why signal developer not with Durov?

UPD: and you can read messages and listen calls in any chat in signal. I explain that next to comment line. That no private. As WhatsApp for example. And if you not private with encrypted what are you secure with encrypt?

Telegram chats are not encrypted by default, only Secret chat is which is not synced to Desktop and only works on one-to-one chats, no groups.

Why signal developer not with Durov?

Because almost all data is encrypted. They don’t even know who is messaging whom. How can they be charged with crimes they didn’t commit? They don’t know what their users are using the messenger for, so they can just deny everything.

UPD: and you can read messages and listen calls in any chat in signal.

No you can’t unless you have access to the phone itself. It’s impossible. You clearly have no idea what you’re talking about.

nitrolife
link
fedilink
1
edit-2
4M

No you can’t unless you have access to the phone itself. It’s impossible. You clearly have no idea what you’re talking about.

Page 47. https://odr.chalmers.se/server/api/core/bitstreams/527d7251-f7f4-4a6c-ac7b-f8253d174336/content

how often do you check encryption keys in chats? How does WebRTC relay work need to be explained?

Signal doesn’t provide such open and easily found chat rooms.
It’s really much more a messenger (with group chats, but those you have to manually set up)

So it’s not an “open” place like telegram and with that not as attractive for advertising illicit services or products.

besides that, Signal is the technically much more secure variant. No discussion about it.

nitrolife
link
fedilink
-4
edit-2
4M

So it’s not an “open” place like telegram and with that not as attractive for advertising illicit services or products.

As telegram. If you think that some drug dealers create public chats with sell drugs, so… you are wrong. All work with darknet. In telegram all of them use only private one-by-one crypto chats.

besides that, Signal is the technically much more secure variant. No discussion about it.

If you want protect yourself for random network administrator on your network line, of course. If you want protect from anyone (government for example), of course not. Not necessarily in a bad way. Privatecrypto chats one-by-one are equally protected for the Russian opposition and for drug dealers. This is freedom of information. And that’s why Durov was arrested. and not because he can hack chats something but don’t do that. I think in really because that he can’t hack chats and don’t approve hack / insert backdoors for anyone.

@balsoft@lemmy.ml
link
fedilink
1
edit-2
4M

Bullshit.

If you want protect yourself for random network administrator on your network line, of course.

Telegram and Signal both use TLS. They are identically secure from transport-level attacks.

If you want protect from anyone (government for example), of course not.

Of course yes. If you want a more private group chat, or an actually useful 1-on-1 encrypted chat that works across multiple devices, Signal is the only option (out of the two, there are way better alternatives like XMPP and Matrix). For 1 device-on-1 device E2E chats, Signal and Telegram are about the same level of security, except Telegram’s protocol sees less scrutiny from the crypto community.

As telegram. If you think that some drug dealers create public chats with sell drugs, so… you are wrong. All work with darknet. In telegram all of them use only private one-by-one crypto chats.

LOL. I see drug ads on the street all the time. The one time I checked, it pointed to a publicly available Telegram bot.

troed
link
fedilink
44M

Not “somehow”. The authorities know Telegram can indeed backdoor their service, since they know it already is. They also know Signal cannot.

Thus, since Telegram can but refuses, he gets arrested.

nitrolife
link
fedilink
-24M

an interesting assumption. how can private encrypted chats be hacked? On custom self compiled clients if you think that client have hole. I learned telegram protocol and don’t find any case. XD

troed
link
fedilink
-14M

Your .ru domain makes your comments in this discussion meritless.

custom self compiled clients

nitrolife
link
fedilink
-3
edit-2
4M

That’s why I started a domain in the ru zone. I can create domain anywhere else of course. If for you the nationality of the talker somehow affects the security of third-party software, then so be it. In the end, you can always not trust my words but familiarize yourself with the protocol.

Maybe the difference is that the signal developers aren’t rich people flying around the EU on private jets? Maybe there’s no value in targeting the signal devs because they can’t legally be expected to moderate chats they literally can not access? Maybe it’s not worth backdooring because it’s open source?

nitrolife
link
fedilink
-1
edit-2
4M

Maybe the difference is that the signal developers aren’t rich people flying around the EU on private jets?

Telegram is not first durov project. Durov create VK. That is number one Russian facebook.

Maybe there’s no value in targeting the signal device because they can’t legally be expected to moderate cats they literally can not access?

Can them connect any number of users in chat? That mean that them have access in any chat. And them should follow all USA laws of course.

Maybe it’s not worth backdooring because it’s open source?

Telegram open source too. And have many open client apps. For example clients without AD API support. How much custom client apps have signal?

kali
link
fedilink
24M

Telegram’s servers are not open source. Telegram’s client is. If you make a back door in a messaging software, you’d want to do it server-side which means the users can’t tell if it’s backdoored as Telegram’s server’s source code is not available.

Alternatively; Signal’s server code is open source, so if they put a back door in it they’d either have to lie to their users, or publish the back door in their code.

nitrolife
link
fedilink
1
edit-2
4M

Telegrams servers are not open source. Telegram client is. If you make a back door in a messaging software, you’d want to do it server-side which means the users can’t tell if it’s backdoored as Telegram’s server’s source code is not available.

That’s why cryptography don’t trust ANY server side. For example signal server software can be don’t same as github signal server software. And that’s why alice and bob in crypto chats can check keys after handshake through server. But in signal you crypto for chat rooms with multiple clients. Can you check how much client in you chat? I don’t find how. In telegram you always know that 1to1chat only 1to1.

Alternatively; Signal’s server code is open source, so if they put a backdoor in it they’d either have to lie to their users, or publish the back door in their code.

And what problem with that?

P.S. For example system of technical means to ensure the functions of operational investigative measures installed an all mobile operators anywhere. But someone tell you something about that? No. Because that a law, not backdor.

I don’t care much for the guy, but the fact he gets arrested for the service is a bad sign for private messaging in Europe.

@sqgl@beehaw.org
link
fedilink
17
edit-2
4M

I think you and most people in this thread have been mislead by the article because of the closing remark.

Beyond terrorism, the most dangerous pedophiles communicate on Telegram to exchange content.

But it isn’t the private stuff he is being prosecuted for though AFAIK (although it might have been reported by “traitors” within those chats).

Unlike Signal, there are public chat groups and channels and I presume these are the ones which got him into trouble for propagating illegal activity.

From another article…

terrorism, narcotic supply, fraud, money laundering, receiving stolen goods and others… he allowed an incalculable number of offenses and crimes to be committed, which he did nothing to moderate

The platform has faced issues of misinformation and hate speech, especially antisemitic speech following October 7, 2023.

So platforms are now liable for everything people post? This seems like a free pass to censorship and authoritarian control.

Just like how municipal governments are responsible for every crime that occurs in city limits!

Wait a minute

What do you mean ‘now’? Even 4chan had to remove illegal things, this isn’t new.

In the US platforms are shielded from liability with the exception of CSAM

Célia
link
fedilink
34M

The platforms should be held liable when those groups can easily be accessed by anyone, and moderation would be “simple” as the conversations aren’t even encrypted. We aren’t asking for more of Telegram than Youtube or Facebook

If you don’t care for the guy, you will nearly certainly lose privat messaging in Europe. Maybe, it’s even too late by now.

No. Pavel Durov is a nut and he is not out there saving private communication. Signal is offering the most accessible e2ee messenger right now. Telegram has questionable security on their optional e2ee chats which is also not the default.

But the people trying to save e2ee in europe are activists and politicians. Patrick Breyer has done excellent reporting on the chat control plans of the EU.

Durov is just some dude peddling his mid messenger

Signal is offering the most accessible e2ee messenger right now.

Doesn’t matter. In the reach of EU, some law about Chat Control. If they make this into law, no provider within the EU will have a choice in this matter.

good thing Signal is US-based. I hope it will remain possible to use their service in the EU though…

Wasn’t Signal revealed to have NSA backdoor or I am confusing it with something else?

I have googled it and I just found this report here.

I think you’re confusing it, I haven’t heard that at least but it’s possible I missed it! Though signals apps and I believe even server code are open source so this would have been tricky to accomplish.

Okay, now I’m wondering, can we actually check if servers run on this published code or modified version?

no, but the client code already guarantees e2ee

Telegram is not private messaging.

To add to that. Russian government was demanding to be able to access messages or will ban Telegram in the country.

Did not hear anything beyond that, but Telegram continues to operate there.

andrew_bidlaw
link
fedilink
7
edit-2
4M

There wasn’t any legal ban. RosCommNadzor slowed down TG like they recently did with YT (it can barely load a music track without VPN) without any court decision because they can, it went for a week or so, and then it was lifted. Nobody knows why, but there is a suspicion that TG started to cooperate with russian authorities, in a non-automatical manual manner. Some suspect it was a PR campaign to make it as popular as it is now.

It didn’t leak stuff as far as I know, that’s done by bots like Глаз Бога that accunulate all info on a person and frequently used in OSINT and deanon\bullying, but blocking popular bots and channels that are too annoying to Russia is what they do. From the top of my head: CleverVoting (Умное Голосование, УГ) channels from Navalny’s team*, channels for cooperation of protest of soldiers’ wives, separatist channels from Bashkortostan and other places. I’ve seen iranians also posted that they had their protest channels banned - and Iran and Russia banned free and popular VPNs at the same time, spoiling their cooperation.

* Durov’s public comment on that gave birth to a meme. He implied that there are just two ways: either banning it from TG or having TG banned on the whole territory of Russian Federation. As a copypasta it was transformed millions of times, and if it hasn’t lost it relevance, we could’ve probably seen a boykisser version of it.

Russia banned Telegram, everyone (incl. the government) continued to use it, Russia unbanned Telegram - that’s how it looks from here. A government official told me Telegram being unbanned was just a matter of time when it was still banned.

That’s what they say. I only trust encryption and not people.

Telegram has been banned in Russia, as far as I heared.

deleted by creator

TWeaK
link
fedilink
94M

Durov was travelling to France from Azerbaijan, where he had been meeting with Putin. There’s a theory that he basically surrendered to the French authorities so as to avoid retaliation for saying no to Putin too many times.

Where did you read about a meeting with Putin?

TWeaK
link
fedilink
04M

I read it on a reddit thread about this arrest story. However, looking it up Putin declined to meet with him. That still kind of fits with him turning to France for safety.

That’s wild. Remember where you read that?

TWeaK
link
fedilink
04M

Him turning himself in for safety is pure speculation at this point, however he was due to meet with Putin in Azerbaijan, until Putin declined.

They do support e2ee in private chats

Not activated by default. First strike. Cannot be activated in group chats. Second strike.

They use a custom encryption protocol and there’s been bugs that look like a backdoor.

https://grapheneos.social/@GrapheneOS/113020871978942265

Gregor
link
fedilink
134M

Yes, they do, but it’s very inconvenient. You can’t access such chats on desktop, no cloud syncing…

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 3.12K Posts
  • 78K Comments
  • Modlog