- cross-posted to:
- tech@kbin.social
- technology@lemmy.ml
- technology
- cross-posted to:
- tech@kbin.social
- technology@lemmy.ml
- technology
Is Telegram really that bad and should i look more into it or is sticking to signal really the best option?
You must log in or register to comment.
Telegram is legitimately bad, it’s only saving grace being that it is STILL BETTER THAN DISCORD! It’s main “Sin” is rolling it’s own Encryption Algorithm; which has been proven to be less than 100% airtight and secure.
Sadly your average user does not care about privacy above all else. They only care about privacy in as much as it can factually and emotionally affect their daily lives. TL;DR: You have to incentivize them to care, and they will often refuse to move, or outright dislike a platform, if a specific feature they love or depend on doesn’t exist, even when it is 100% not critical to the application’s function.
which has been proven to be less than 100% airtight and secure.
I don’t believe that has been proven. There has been criticism of it 1, 2 from prominent cryptographers though.
Telegram’s MTProto protocol isn’t obviously broken in a practical way, concedes Matt Green, a cryptographer at Johns Hopkins University who has consulted for Facebook on encrypted messaging systems. But it’s uniquely “weird,” he says, in a way that suggests its inventors don’t understand tried-and-true cryptography practices and raises his suspicions that it may yet have undiscovered vulnerabilities.
Their response was even more dodgy trying to somehow inject some sort of “nationalistic”, “america bad” into it:
Telegram’s Ravdonikas argues that “Telegram encryption relies on classical algorithms, because we consider some approaches promoted by US-based cryptographers after 9-11/the Patriot Act (which your sources refer to as ‘state of the art cryptography’) questionable."
At the end of the day math is math regardless where it comes from. Secret chats also only work with the mobile client, have to be manually turned on and do not work for group chats and as it’s a centralized server you can’t host your own.
And with RFC 9420 aka Messaging Layer Security (MLS) being standardized, it’s likely all the good messengers will use that.
If you can.actually get people to switch, you should look into simplex chat. It has a lot of really good features, you can run a CLI application on any servers you might have to send you notifications really easily, and it’s being rather actively developed. A quick look at their website will show you how dedicated to privacy they are.
I can recommend SimpleX, too. Easier to install, set up, understand and use, than Matrix for example. Very promising so far!
@ips @constantokra fair enough but doesn’t come anywhere close to Matrix though. Matrix is meant for privacy while simplex is meant for privacy + anonymity.
Well, I use and support both. Matrix is also coming along nicely. But SimpleX is already very usable for everyone as a mobile messenger, that does everything you’re used to from years of other apps. Very clean UX for me.
Signal publishes a unique identifier and the board is like 50% feds with close intelligence ties. I use it, but only for those that insist. It’s better than the other mainstream ones.
Use simplex.
Well, movie pirates use it so it must be safe! /s
Telegram has a lot of pros, but it can be safe only as long as you and every person in your circle sets it as such. Chats are not encrypted by default, you have to set it in group settings. Your phone number isn’t hidden by default, you have to manually set its visibility to “Nobody”. It even asks to let it pull your contacts, Facebook-style. There might be several such gimmicks, but generally they are easy to notice and control.
The biggest advantage(?) Telegram has is that everything is saved server-side instead of your phone. So you don’t need to keep having to back up your chats and be scared of losing everything if you lost your phone.
The biggest advantage(?) Telegram has is that everything is saved server-side
yeah, having all your secret data on a server you know nothing about is massive advantage 😂
What is the problem in asking for pulling your contact list? Isn’t it to check which of your contacts also have telegram?
Pulling your contacts lets it get a pretty good fingerprint of who you are, from who you talk to. It can already get that from who you actually message, but it’s getting a lot more information about you from pulling the whole list and not just who you talk to through telegram.
I understand, but if you are new to this conversation app, right after installing it would be good to know which of your contacts your are able to talk to there. I don’t see asking one by one and adding them manually a good solution, maybe there is another one I don’t see
