Yeah, from a social network, it turned into disinformation and censorship network! About one year ago I made a post about the Bulgarian gypsies and actually pointed out the discrimination against them and offered a PC-compliant solutions to the problem and they removed my comment, the appeal didn't change their decision, and they've blocked me from posting for a week. Some words always get your comment deleted and you get blocked for at least 24 hours! Pretty much all my friends move to Telegram channels. It's not the same, but nobody enjoys being watched and censored! Well, the guy who probably makes out with his wife in VR and make this the norm so that he feels better of himself cannot get this basic truth, of course.
The amount of times people bash on telegram is becoming painful.
But lets take a logical argument; NSA has made it's mission in backdooring basically everything.
We know from the Snowden revalations that their technical capability in 2008 (he only exposed info on things that were already old, his intent was to show illegal surveillance not capability remember) was such that they had some kind of access to every conceivable device on the planet and the majority of communication that went through the US.
I don't think their technical capability got significantly worse in that time. So, if Telegrams private crypto code is backdoored or weak: well, NSA have it. No doubt should remain in anyones mind about that.
Telegram is hosted on Google Cloud, which is under the juristiction of USA. Google cloud claims to not have access to client data, but I think it's not outside the realm of possibility that something could exist between the TLS terminators and the telegram communication relays.
Maybe I'm wrong here entirely, but two things cannot be true at the same time:
1) Telegram is weak, NSA has access
2) Telegram is strong, NSA does not have acces
If telegram was strong: NSA would do everything in it's power to push users to more controlled platforms.
If telegram was weak: Jan 6th and Jihadi terrorists wouldn't use it.
Addendum: all of these same complaints (save: weak crypto) can be used against Signal.
---
I don't think this is a good justification for not using telegram, you wont be labelled alt-right or a terrorist or a pedophile.
These same arguments come out time and time again about Tor too. It's pitiful, honestly.
Telegram and Signal are the best we have out of CENTRALIZED solutions. Both are founded by anarchists who like end-to-end encryption and user empowerment. One accuses the other of being less secure and easily backdoored by governments… but the actual problem is — they are both centralized.
We don’t even need to resort to conspiracy theories — all Germany would have to do to ban Telegram is make Apple take it out of its app store. And it is coming close to that. Telegram’s Durov also openly said that they respect countries’ laws and censor certain people because to be kicked out of the app stores in that country is worse.
What is the decentralized alternative? It takes a lot of work and immunity from the profit motive, to build a viable alternative.
Moxie is famously skeptical of decentralization, but it is essential — not just for privacy, but more broadly — for user empowerment and control. If you want to know what the decentralized solutions look like, lease read my answer to Moxie
A shorter (and less Web 3-focused) response to Marlinspike's claims in ‘The ecosystem is moving’ is this post by Daniel Gultsch, the maintainer of the "Conversations" XMPP client:
> Both are founded by anarchists who like end-to-end encryption and user empowerment.
Telegram didn't have e2e encryption for a long time and its chats are still not e2e encrypted by default. Also, I would hardly call Durov an anarchist.
Not that this really affects the thrust of your argument, since all 3 are US entities, but it seems unlikely that there's a single place you could tap for access to everything.
Oof, called out, have an upvote, you're entirely right.
Frankly I wasn't aware they were on all three, I was just on google cloud and got affected by these whack-a-mole shenanigans, and assumed it was exclusive.
This is entirely my bad for not checking my assumptions and I apologise.
> If telegram was weak: Jan 6th and Jihadi terrorists wouldn't use it.
The Jan 6 dudes ("terrorists" and/or otherwise) put their ugly mugs all over Facebook, Twitter, Parler, and the public Internet. I wouldn't exactly take opsec advice from that lot.
The whole Jan 6 thing is a complete joke. Many people outside the USA can not even understand why this is still a thing people talk about, compare it to terrorism and even to the 9/11 attacks. Its completely insane.
I remember 9/11 from outside USA. It "broke" the normal way people lived their life. Jan 6 on the other hand did nothing, no one cared. Only US propaganda media made a huge deal out of it. And they keep talking about the 768 (an more) people who have been charged as if they where charged for terrorism or something. Most of them simply got charged for entering a restricted building. Comparing this to a terrorist attack that took the life of 3000 people and injured at least 6000 other is grotesque and disgusting.
That's because Jan 6 turned into a failed, and very incompetently executed attempt at a coup.
9/11 may have been devastating in many ways, but Jan 6 was an attack at the very structure of the American democracy. They tried to install a leader of the country who wasn't actually the one elected by the majority. If they succeeded, it would be a major blow to American credibility and founding story of a "democratic nation by the people, for the people".
> That's because Jan 6 turned into a failed, and very incompetently executed attempt at a coup.
You gotta be kidding me and/or yourself. Do you really believable that?
This was a rather normal protest march which escalated to a riot where a small fraction of the people probably 100-200 resorted to various forms of violence mostly against property and to an extend against police. No question this is bad. But a coup? Really? Installing a leader, lol what?
Reality check: If an heavy armed group would have stormed the capitols and killed everyone inside that would not have installed a leader and that would be an actual terrorist act. Still there is no logical path how that would/could have changed whos the next president.
There is no evidence that any group of people went there with this goal (to violently install a leader). The vast majority was just there to protest and didn't do anything wrong. From the 700+ people charged the majority was just foolish and entered the building/property after police gave up or where overpowered by the actual violent people. There are plenty videos from inside the capitol where people just walk around. These videos were used to charge them but given the fact that they just walk around they basically are trespassing and cant be charged for much.
Most of the 700+ charges are non-violent.
One person died because she was shot by the police some others died do to medial reasons. Some injuries and property damage as you would expect from a riot.
Calling this a coup is absurd. America would be the last place where people start a coup unarmed.
I would advice you to watch some of the live streams from that day and/or read some foreign news articles about it and make sure you know about all the debunked misinformation tied to the riot.
From X people who got killed to a police officer being murdered to bombs it really had it all and most old articles you find about it still are not corrected.
Indeed. And it was trivial to get evidence of neo-Nazis faking "tradie" personae in the Melbourne riots because people could rock into their Telegram groups.
Read the article - "Whether this is a good thing for the world is another question, one muddied by how poorly understood Telegram is, especially in the US. The vast majority of journalists still refer to it as an “encrypted messaging app.” This description unnerves many security experts, who warn that, unlike Signal or WhatsApp, Telegram is not end-to-end encrypted by default; that users must go out of their way to turn on the app's “secret chats” function (which few people actually do); and that only individual conversations, not those among groups, can be end-to-end encrypted. For the millions of people who use Telegram under repressive regimes, experts say, that confusion could be costly."
Even if you make the argument that telegram CAN be encrypted (only in 1-1 chats) what ultimately matters is how people actually use it, and that is probably in an unencrypted manner.
> what ultimately matters is how people actually use it, and that is probably in an unencrypted manner
I've heard criticisms about Telegram's MTProto encryption on HN, but in my usage of Telegram nobody has ever turned on the secret chats mode enabling it anyway. Anyone privacy-conscious asks me to use Signal, Matrix, or even Threema.
I have heard compliments about Telegram sticker packs though, if the other apps want more users they could consider making "cute stickers" :)
> I have heard compliments about Telegram sticker packs though, if the other apps want more users they could consider making "cute stickers" :)
You joke, but Telegram's clients have been innovating for years. Way ahead of the rest. Its packed with features and yet never feels bloated or slow. Frankly, its amazing.
Not even a joke, I had a younger friend comment on the sticker cuteness and it never even crossed my mind that people would prefer messaging apps based on that.
The Telegram client/feature set is great, and I hope Signal and competitors will improve their clients to match.
I had to get vouched for by two people who moved from mainland China to get a wechat account, then the client took up all my free space so I deleted it.
In light of that, importing stickers from Telegram to other apps is fair game. Telegram's very brief terms of service* do not forbid users from using Telegram stickers outside of Telegram.
Also, some of these stickers are recycled memes from social media and pop culture, which usually qualify for fair use when used for messaging.
I don't think I've ever seen any of the stickers from the telegram company actually used in a chat.
I've seen lots of stickers that people have had drawn, though, sometimes even used by the people who commissioned them.
Telegram puts out a lot of packs, but they're made by different artists. You may be using their packs without realizing it. Everything on the Trending tab is theirs, and it changes frequently. Here are three packs with bats that I use, all commissioned by the Telegram team.
Telegram boardcasting phone number lead to arrest of Hong Kong protestors in 2019. I know it is fixed now, but a couple of years and a lot of people jailed too late.
Let's be fair, Jihadi terrorists probably don't know which platform is actually secure for their terrorist operation (none of them is, actually). They could've used WeChat if they were able to register an account for themselves. It's simply not a good metric.
It's the same reason why you don't want to measure someones kindness by comparing it with Adolf Hitler. "Oh I have such good neighbor, he is the completely opposite of Adolf Hitler", it just don't compare very well.
> We know from the Snowden revalations that their technical capability in 2008 (he only exposed info on things that were already old, his intent was to show illegal surveillance not capability remember) was such that they had some kind of access to every conceivable device on the planet and the majority of communication that went through the US.
We know they had access to every centralised provider's servers (including Google and any other company you care to name). We also know that they couldn't break post-DES cryptosystems when properly used - indeed NSA employees expressed considerable frustration about the fact that they couldn't break PGP-encrypted emails or chats and had to resort to metadata analysis, social engineering, hacking individual users and so on.
> 1) Telegram is weak, NSA has access
> 2) Telegram is strong, NSA does not have acces
It's not a binary. Most attacks on cryptosystems reduce the amount of work it takes to break in rather than making it completely free. And even if the NSA theoretically has access, that doesn't mean they can predict an attack or will share that data with every contry/agency/company. We know the NSA was reading all unencrypted emails up until at least 2012 or so, yet there was plenty of crime committed and discussed over email during that period.
(I'm no fan of Signal or the way it's marketed, quite the opposite, but I trust Telegram far less)
> If telegram was weak: Jan 6th and Jihadi terrorists wouldn't use it.
You must have missed this piece [1]:
> The app was in fact secretly built by the FBI, and designed to allow law enforcement to tune into conversations between about 9,000 users scattered around Earth.
Speaking hypothetically: the NSA could push the US Government to ask Apple and Google to remove Telegram from their app stores. Without mobile apps, Telegram would die very quickly.
> I don't think their technical capability got significantly worse in that time
I think that was probably around the same time more and more of the web moved from HTTP to HTTPS. Even webmail was accessed over plaintext for a long time, so I guess a lot of signal got worse while legal access got not only better but "integrated".
Telegram makes it insanely easy to have a non-encrypted message, so the NSA definitely wants terrorists to use that. It also has central mass data collection. Of course the NSA wants people to use Telegram.
telegram is way overrated. too hard to create an account, takes up too much memory, accounts do get closed for automated/arbitrary reasons. not at all like described in the article .
Maybe that person is comparing it to more traditional chat clients like Pidgin or Hexchat. Right now on my Manjaro desktop, Telegram is using 230mb of RAM, while Pidgin is taking 46mb. That being said, its a hell of a lot better than Slack, which could use up several gigabytes if you were in multiple groups.
on my desktop tg would routinely eat up to much memory so that i am now starting it with a script that sets a hard memory limit. haven't had a problem since.
Accounts getting closed is the case of any major platform. If it is for fighting against bots and robots, it is a good thing. If it is fighting against humans, not so good. I have a opinion, that nobody should be censored/cancelled - it just makes them more angry and furious and will not change how they think or act.
To respond to your first point, I mean there are more articles mentioning members of congress than there are members of congress. Or more articles mentioning Taylor Swift than there are Taylor Swifts. Not sure how quantity of articles is a unit of measurement here.
I don't get how reporting it equals over reacting to an actual real life thread where even you admit that it is potentially (why "potentially" though?) dangerous.
FYI: this is not just the US. Far right groups organise all over the world there.
Telegram is really weird and sketchy; the rants Durov posts on his channel against WhatsApp usually make no sense; and their claims of security are dubious. And TON was a disaster.
On the other hand. If I did any social organizing today, I would definitely use Telegram. Signal is fine, but nobody is using it and the UX is just worse. I don't trust Facebook to randomly not shut everything down because some outsourced content moderator in New Delhi had a bad sleep.
Durov might be sketchy and weird libertarian, but damn, his developers can deliver good and working product really fast. (And from what I understand, it's a really small team.) Credit where it's due.
I still think Telegram will plainly run out of money in a few years (you can use it to host unlimited amount of data and share it with unlimited number of people!! that is not sustainable), but well, I will use them before they do.
Telegram is ridiculously smooth, runs on everything, doesn’t treat any platform as an afterthought (despite having the electron thing, Signal is still very mobile oriented), and isn’t Facebook. It’s about as good as you’re going to get without making big sacrifices somewhere.
Yeah, it’s ridiculously well made. I’m not disputing that. The protocol is weird but they built a great app on top of that.
They just cannot be sustainable long term. There is literally no restriction size-wise on data you can save on their servers. For free. And they have basically no income. They have some new ad program with basically no tracking (which is good for users, sure, but nobody will pay that much for that). They get 0 commissions from payment (and I never heard anyone using their payment thing). TON went nowhere.
You’re repeating weird, but working with both bot api and tg api weekly or so (tg api through a wrapper, but I’ve read about lower level calls and used these in gramjs) I can’t see what do you mean by that.
So, crypto part or mtproto in general? I’m not a fanboy who is going to defend tg crypto, and personally I wonder why they didn’t use the same security stack e.g. my browser uses for gmail access. But apart from that it feels to me like a regular rpc protocol, clumsy sometimes, but nothing particularly weird. Working also with many stock exchanges protocols, I can tell these are sometimes weird af, despite being mostly over-https. E.g. bitfinex and iirc bitmex are funny ones, not to mention FIX/FAST or large exchanges native protocols.
Maybe they are referring to the fact that Telegram rolled their own cryptographic protocol that had a vulnerability that was fixed with a cryptic message [1] and still has some dubious choices [2]. I am not a cryptographer by any measure, so I don't whether there was a reason why they didn't pick an existing protocol like OTR. But, it doesn't make sense to me that they didn't switch to another protocol that is audited several times but released a second version of their protocol with the same criticisms.
The restriction is done trough throttling in speed.
It only looks like you have unlimited space but lets say you would actually want to upload a TB of stuff it would take very very long unless you use multiple accounts and then if you ever would need to download it it would again take very very long.
It also seems like files that are not downloaded by many people for a while get moved to slow servers and downloading these is really really really slow.
If you have a few GB and want an additional online backup sure you could abuse it for that but realistically the potential to abuse it is low as it simply makes no sense as a could storage + they simply delete accounts from people who abuse the network. "Spam" is very lose defined and if you spam upload/download I'm sure they consider that to be spam and delete your account. Kinda pointless "backup" if you can lose access the moment you use the backup.
>And they have basically no income.
How would you know? They launched ads in public channels.
>TON went nowhere.
TON exists and seems functional just doesn't have anything to do with Telegram anymore due to the SEC.
Sure, Telegram team used more human resources elsewhere while WA and Signal where doing their E2EE magic, but once they where done - what stopped them from investing into everything else?
Zero-knowledge E2EE makes it difficult or impossible to implement certain "quality of life" features that users have come to expect from cloud-based services.
The most salient of these is that, if you lose your keys, you may never be able to recover your data.
That requires re-encoding all transmitted data with a single password and is potentially vulnerable to brute-force attacks. Encryption used in signal, etc relies on double ratchet mechanism that continuously regenerates keys as they move along. This way one compromised key will not allow to decode the rest of the messages.
Also, downloading blob to client side and decoding it locally can hardly be done fast enough for user to consider it 'instantly'.
> That requires re-encoding all transmitted data with a single password and is potentially vulnerable to brute-force attacks. Encryption used in signal, etc relies on double ratchet mechanism that continuously regenerates keys as they move along. This way one compromised key will not allow to decode the rest of the messages.
That's a different, further goalpost - we were talking about E2E encryption, weren't we? I.e. the server should not need to decrypt your data to provide it.
Obviously if you want to be able to recover your history from storage with just a password, that does mean the password is the only protection over that history, tautology. So storing your history should be optional, if you're seriously worried about brute-force attacks on data encrypted at rest (indeed, even WhatsApp makes it optional to have a backup of your data!).
In any case, that doesn't compromise future secrecy - i.e. gaining access to the history still doesn't give you access to future messages.
> Also, downloading blob to client side and decoding it locally can hardly be done fast enough for user to consider it 'instantly'.
Off the top of my head, it doesn't have to be a single blob for all your data. You could split the blob into tiny equal-sized chunks, and then have a separate encrypted index file which stores the information of which chunks hold which chats (plus just enough metadata, e.g. chat titles and last messages, to display your homepage properly). The index file is the only one downloaded on first login, then when you want to open a chat it moves the corresponding chunks to the top of the download list.
How is it not E2EE? Are you going by a stricter definition than commonly used?
> End-to-end encryption (E2EE) is a system of communication where only the communicating users can read the messages. [..] End-to-end encryption is intended to prevent data being read or secretly modified, other than by the true sender and recipient(s). The messages are encrypted by the sender but the third party does not have a means to decrypt them, and stores them encrypted. The recipients retrieve the encrypted data and decrypt it themselves.
Which requirement do you believe is failed by such a system?
> Some encrypted backup and file sharing services provide client-side encryption. The encryption they offer is here not referred to as end-to-end encryption, because the services are not meant for sharing messages between users[further explanation needed]. However, the term "end-to-end encryption" is sometimes incorrectly used to describe client-side encryption.[23]
This is reasonable, but it's not describing any weakness of encrypted backups. It merely points out that "E2E" isn't the right term to use when there are not two E[nds], but rather only one client and their files.
However, our conversation was about storing chat history. There are two parties to the conversation in that case.
The key property of E2E is that only those parties can read those messages, and nobody else, in particular not the agents running the server. That property is not affected by the existence of backups, as long as those backups are client-side encrypted, because third parties cannot access them.
Therefore, it is possible to have both cloud-stored chat histories and true E2EE. QED.
Ok. After all, what do I know about encryption? I only directed the development of communication products that had OTR, OMEMO and PGP/GPG encryption in them.
Please, enlighten me how exactly Element/Matrix practically do that. Thank you in advance.
Encrypted backups are just that, encrypted backups. They are called end-to-end encrypted backups only by people who are ignorant of correct terminology. Even the Wikipedia entry on e2ee addresses this.
Regarding the security theater, the backups encrypted with your password are far more vulnerable to being compromised than any of the popular e2e encryption protocols.
But then again, most users do not need real security, they are fine with a warm comforting feeling of safety, provided by a sincere promise that everything is really safe, as demonstrated by Telegram users.
I have nowhere called them end-to-end encrypted Backups, that's a straw man.
> Regarding the security theater, the backups encrypted with your password are far more vulnerable to being compromised than any of the popular e2e encryption protocols.
How, so?
Are you aiming weak passwords? (One is provided for you ("security key"), however you can opt into a custom one that is not directly used for encryption ("security passphrase"))?
Or are you referring to PFS, which isn't a property of all popular e2e protocols either, and "far" would be quite a stretch.
How does all that disprove that Element uses true e2ee?
It is proven beyond doubt that whatever Element fetches from their own servers and decodes on application launch are not messages encrypted using e2ee protocols. It is also completely clear that it does reduce the privacy of user messages. I don't know what else to argue about here.
Element does not fetch any message from their servers in general.
If you use a server hosted by Element and don't disable encryption, e2ee encrypted messages will be fetched from their servers.
What is "it" that in your opinion should reduce the users privacy?
> I don't know what else to argue about here.
I don't know what you are arguing about right now.
What I know, is that I have disproven your original thesis (visible messages right after login through a password is not possible with e2ee) by explaining how it works and providing an example that has put that concept into practice.
If you feel there is anything to discuss, or if you have any further questions, don't hesitate to respond though.
Thanks for the link.
Actually, didn't even know that WhatsApp changed their backup mechanism, which previously used a mechanism that allowed e.g. google to obtain the messages.
Overall, the concept seems to be the same: use a secret, only known to the client to secure data stored at a untrusted location.
The major differences include:
- closed vs open source (it's easy to validate the mechanism in the implementation whereas you pretty much need to trust WhatsApp that they don't leak the key)
- WhatsApp uses a third party provider for storing the data whereas with Matrix your Homeserver is responsible for messaging and the backup
- only the main app can access the backup whereas with Matrix any of your clients can independently read and write to the backup (because there is no main client)
- WhatsApp stores everything in the backup, a Matrix client only the keys, because the messages are stored somewhere else
>Regarding the security theater, the backups encrypted with your password are far more vulnerable to being compromised than any of the popular e2e encryption protocols.
Hmm? How so? Surely this depends on the strength of your password.
All messages are encrypted with one key. Break one key, and all messages will be accessible to an attacker. Proper encryption protocols rotate encryption keys and compromising one message will not compromise the rest.
The situation is a bit more nuanced, given the large feature set that Matrix is trying to implement.
> Break one key, and all messages will be accessible to an attacker.
How do you propose breaking that one key, though? The attacker also needs to somehow acquire access to the key backup and to the encrypted messages, so it's a multi-step process.
The encryption protocol does rotate message keys. In fact it uses the same cryptographic primitives as Signal, that is the double ratchet algorithm.
I think you're conflating the message encryption protocol with cold storage, which is the purpose the key backup serves. It's completely typical for backups to be encrypted with a single symmetric key.
Finally, the key backup is completely optional and can be disabled.
>Some encrypted backup and file sharing services provide client-side encryption. The encryption they offer is here not referred to as end-to-end encryption, because the services are not meant for sharing messages between users[further explanation needed].
This wikipedia entry? So client-side encrypted backups are not called end-to-end encrypted, because the backup service is not a messenger?
On signal you will get various security related messages, like person x changed is key (because they reinstalled).
That stuff confuses every non IT person.
Not caring about it, allows for a more simple UI and UX to provide a easy way for
person A to message B.
Where B can be a group of thousands of people.
(a really secure way of posting a message to a big group would be way more complicated, even signal makes compromises)
For most people the said security is not a big issue. Esp. in countries where police can come for you and make you talk by any means. E2EE won't help you if they want you.
Wasn't it fixed? It was almost e2ee, but not really due to a bug as it trusted the server, but it was fixed save for key verification, but AFAIK, key verification is an open problem in e2ee.
I'm sorry but as someone from Russia - you are wrong.
>Reading your messages tells them who to interrogate, where to find them, who else is involved, etc.
Why read my messages if they can start from me? Or that other guy who posted something on twitter? Or any other place? Or talked to someone.
I'm not saying encryption is unimportant. I'm saying that it really only matters as long as all parties involved keep their business secure in the first place.
Not to mention that they police don't really work with that kind of precision here.
If you can choose secure communication vs. insecure communication you're better off choosing secure. You're right of course this doesn't protect you 100%, but it's a lot better than not having secure communication.
Does that mean even with Signal your friend could be compelled to unlock their phone and reveal the comms? Sure. It's still better to have that be the requirement than access to all comms by default. It requires more specific and high effort targeting. It makes it harder to just query keywords generally to find people. It's the better default state.
I took a look, but apparently you can't use the web app unless you already have an account, and you can only create an account in a mobile app. Is this an afterthought?
...except that for nearly a year you didn't have access to any updates to the Signal server code on their public repo while they were secretly adding Mobilecoin to it.
The funniest thing is that Telegram's group management tools blow anything FB has out of the water by a nautical mile.
If you only need the one channel and you need to manage a 100+ people, Telegram is by far the best tool. For "communities" Discord is a bit better, since you can split stuff to multiple channels. Anyone with basic knowledge of the internet can also install bots on both to manage dozens of different things.
Signal on the other hand is SUPER SECURE (although you will be giving your phone number to everyone), but no bots and no real ways to manage hundreds of possibly unruly people on a single channel.
If you're managing a 100+ user channel, encryption matters fuck-all unless your invitation process is 100% airtight and every user has all their devices encrypted and locked up at all times.
Data will leak anyway so E2EE won't bring any real advantages.
Political parties typically do, and some are known to use Telegram for their internal groups.
Any leakage of secret knowledge shared only through these groups could be detected as treason by one of the participants in that channel. Having several channels with fewer and fewer members, closer to the party's leadership, is a typical configuration to maintain control of the most secret information.
I've been on IRC since its inception in the 90's and I've used ircII and BitchX etc. I'm no stranger to janky clients for communication tools.
Element is still in its death by a thousand cuts phase. There's nothing hugely wrong with it, but everything is a bit wonky. Just enough to be consistently annoying enough for me not to bother.
Summary: Matrix mostly good, Element bad. They should just copy Discord's UX 1:1, change the colour theme and work from there.
> I still think Telegram will plainly run out of money in a few years (you can use it to host unlimited amount of data and share it with unlimited number of people!! that is not sustainable), but well, I will use them before they do.
> On the other hand. If I did any social organizing today, I would definitely use Telegram. Signal is fine, but nobody is using it and the UX is just worse. I don't trust Facebook to randomly not shut everything down because some outsourced content moderator in New Delhi had a bad sleep.
I don't see how Telegram is any different to say, Signal. It may have better apps, UX, features and more which that alone makes it a compelling competitor but its optional E2EE support is quite damning.
The great thing about regulations is that it stops such suspicious projects like TON dead in their tracks. After the ICO madness in 2017, unregistered ICOs have become illegal and TON fell in that category.
But who knows, maybe when the terrorists, extremists, scammers and fraudsters realise that Telegram is not E2EE by default or layman terms 'not secure', perhaps they would run to Signal and chat amongst themselves about using a private untraceable cryptocurrency like MobileCoin to fund and plan their operations. [0] [1].
>I don't see how Telegram is any different to say, Signal. It may have better apps, UX, features and more which that alone makes it a compelling competitor
You have answered your own question there. Humans naturally chose paths that they find convenient, not necessarily safest or otherwise "better" paths.
Also, out of the "popular" IM networks (network effect is a real thing), Telegram is the only one that has a sensible API to interface with your own systems.
> his developers can deliver good and working product really fast. (And from what I understand, it's a really small team.)
People keep insisting that electron is chosen for productivity yet telegram delivers more features with more efficiency in C++/QtWidgets (for the desktop) with a smaller team than so many electron stuff
You get efficiency basically for free with C++/Qt, unlike all of the Electron trash that gets pushed out. It's such a selfish way of thinking - "I don't care if my users can use efficient software, I just care about shoehorning Javascript into everything I touch!"
I take issue with your description of Telegram as "really weird and sketchy". You don't give any evidence other than Durov's personal opinions. And he's certainly entitled to them, given all the weird, often totally illogical beliefs everyone else in the world holds.
You toss out another statement in "TON was a disaster" without explanation. If you're going to make really big statements like this, please go into detail otherwise you're just shooting from the hip.
TON was a disaster because the SEC got involved. TON, as a technical solution to decentralizing Telegram, was a great idea and I'm sad Telegram was forced into a position of paying for all that infrastructure another way, with ads (opt-in, non-tracking, and only in one-to-many channels but still, ads).
> Telegram is really weird and sketchy; the rants Durov posts on his channel against WhatsApp usually make no sense; and their claims of security are dubious. And TON was a disaster.
Oh yes, definitely. Whenever I read them it feels strange, understanding the technical context of Telegram. He never mentions that WhatsApp is actually end-to-end encrypted. He does continue to talk about 'encryption', though. It's very very misleading. It just seems to be bashing WhatsApp without talking about Telegram's shortcomings too. He obviously isn't going to be non-partisan but it would be nice if he would be a little more honest.
> Durov might be sketchy and weird libertarian, but damn, his developers can deliver good and working product really fast. (And from what I understand, it's a really small team.) Credit where it's due.
The UX is great. The Telegram clients are quite nice to use.
They're open-source, too. Well, 'open-source' as in they dump
a huge diff into the source tree now and again, and they never
interact with outside developers submitting Feature Requests and Issues.
>his developers can deliver good and working product really fast. (And from what I understand, it's a really small team.)
Fun fact, their Android code [0] (haven't seen iOS) is unmaintainable mess and on the surface just looks like a complete disaster. I find it baffling how Telegram Android not only hasn't fallen to bits requiring a full rewrite, but has continued to deliver brilliant UX and features.
> I still think Telegram will plainly run out of money in a few years (you can use it to host unlimited amount of data and share it with unlimited number of people!! that is not sustainable), but well, I will use them before they do.
And then they will start selling all the personal data they gathered in all these years. They have all the data, except for the tiny amount that passed through secret chats (but they also have the metadata for these, tied to accounts and all the non-secret stuff).
The kind of data Signal can't sell even if Moxie turns evil, simply because Signal does not have it.
To be fair, it doesn’t even have feature parity with Signal for “one specific conversation,” which I might have been fine sacrificing to use Telegram. Among other things, there’s no multi-device E2EE support or message history backup for E2EE, last I checked.
People are consistently surprised that Telegram is not encrypted by default in any setting. You have to create a device-to-device-specific encrypted chat with your counter-party. It's not a reasonable security model, vastly outclassed by (the still quite flawed) Signal.
Ultimately, we need encrypted-by-default messaging based on public/private key pairs (obscured from the uninterested user, of course).
Both Threema and Signal are the way to go with chat apps, the only advantage Telegram offers are vast groups for specific purposes. Here in Berlin, I'm getting cheap produce through telegram, get alerted to public transport controls (I do have a ticket, but sometimes friends do not), and sell/buy stuff I don't need.
I'm consistently surprised when I remind myself that Telegram is a Qt app. It's so out of the norm today, when so many things [I use] are bloated Electron apps.
Funnily enough given the title, those same things have even bigger groups on Facebook than telegram in Berlin even accounting for how popular it is here.
TBH I would consider Matrix the way to go regarding chat. It allows app and vendor independent communication and combines e2ee with Synchronisation across arbitrary many devices (something that many people like from Telegram).
These days, Threema and Signal don't support the Matrix Protocol.
Nobody I know gives a shit that it's not E2E encrypted. It's a kick ass instant messenger, that's all that matters to most people. Vastly superior to Signal and others in almost every way.
Sure, but it’s for some reason framed as a WhatsApp competitor even in countries where Facebook Messenger is relatively popular, which seems silly to me. It appears to fill a similar feature niche as Facebook Messenger, not WhatsApp, even if these two categories can be somewhat conflated for most uses.
FB doesn't sell the data, they sell the ability for advertisers to advertise to groups. I'm not a fan of ad-driven models, but this is a lot different than selling data.
If you're using unencrypted messaging you should assume it's public. This is true of FB messenger and Telegram, but if I had to bet on what unencrypted content is more likely to be owned I'd bet on Telegram. This is mostly a bet on where the world's best security people are and the company culture.
Really though we shouldn't be relying on the benevolence of any of these company leaders, that's why people should use Signal or WhatsApp where the encryption means you don't have to (or Urbit where there is no central leader).
Telegram, specifically P. Durov has literally sponsored Russian dissidents. He refused to give over info when he still ran VK over to the FSB instead sending them literally memes. When Telegram was banned in Russia, he spun up free proxies for people to bypass the restrictions.
What a civilized response. I don’t know if this is the norm on HN, but this is incredibly constructive compared to the reddit or twitter doubling down for any stance. Cheers.
From this article it sounds like he probably did give info over to the FSB when running VK after he got spooked. Though at least it does sound like after that he made changes to get out of the country so he could be more independent.
VK =/= Telegram. At this point the FSB has free reign on key requests from VK — it’s owned in majority by Usmanov, who has strong connections to the Kremlin. But in the article it says that he made that clear in his remarks as well when he was ousted.
Yeah I know VK != Telegram, but in the article when he was running VK it sounded like he got scared and handed over a lot of personal user details to the government.
It also sounded like with Telegram there was some abuse of looking up or deleting other employees chats when threatened. The culture of the company doesn’t seem great.
All of this is kind of irrelevant though. The core issue is unencrypted chats.
If your friends don’t care but you do, educate them. The good old “I’ve got nothing to hide” is de-facto a synonym of self-censorship or recklessness due to lack of awareness.
There are like 1000 features in telegram that just don’t work properly for e2e chats as well. When I use e2e messengers they cut so many features for security. Matrix doesn’t show link previews when e2e is on for example.
I think you mean Element doesn't show previews when E2EE is on.
This is not a fundamental limitation but a default setting in order to preserve privacy. You can easily turn URL previews for a given E2EE room on by going to the room settings > General > scroll down to Other > URL Previews.
(outside of certain self-referential bubbles - like this site) no one cares anything about encryption, if in public chats I am anonymous and untraceable (example: no one can know my phone number and there are granular privacy settings) this is enough for 98% of people out here
"yes, encryption is useful if I want to send nudes to my partner or if I want to buy drugs but not while I'm asking mom for the sufflè recipe or I'm organizing a dinner with friends" this is what people think, and they are not completely wrong
"Normal" people are slowly but surely starting to care about encryption. They hear about it from people participating in self-referential bubbles like HN and then they start wondering. This is my experience.
I said it many times and I'll say it again: this can't possibly work in the real world, period. People are notoriously terrible with passwords already. So terrible in fact that VKontakte (I worked there, both with Pavel and after he was ousted) had, and still has, a department dedicated to account recovery. And those are passwords, short strings that you can actually remember. You can't possibly expect an average person to keep their private key (a file you can't store in your head) absolutely secret and never lose it at the same time.
In my world, the ability to recover your account if you lose everything is a hard requirement for any product that is meant to reach mass adoption.
The ability to revoke access is also a hard requirement. People share their credentials — it's a fact of life. In the usual setup, you can change your password and terminate sessions. But if your private key is your identity, you can't do shit to prevent someone who has gained access to it from impersonating you for the rest of eternity.
>In my world, the ability to recover your account if you lose everything is a hard requirement for any product that is meant to reach mass adoption.
I don't think it matters as much for messenger attached to your phone number. Even if you lose all your conversations you still can be reached by the same identificator and most of your contracts are stored in phonebook anyway.
I see telegram being used by local sport clubs as an alternative to messenger, primarily it seems for the reason that it doesn't require a facebook account. Most online gaming groups I know use discord, while programmer projects tend to use slack. A few gaming groups continue to use teamspeak.
I don't know however any groups that use signal as a replacement for any of the above, so do people have experience in migrating groups from those platform to signal?
If I'll ever need an app to pass around Pentagon secrets, I'll surely use Signal or something better. But if I need an app to chat with my friends and discuss what's going on without being banned and having the daily dose of Mandatory Truth injected, then Telegram works just fine so far.
As a Russian, this goes both ways. I really hate how the US tries its damnest to pretend they control the entire planet and meddles with internal politics of other countries, something they have no business even knowing about, all the time. Sovereignty? What sovereignty?
>given what this country has done on social media to control foreign elections
What has Russian done that
a) Directly affects the results, such as hacking any system where electronic vote is possible.
b) Any kind of propaganda or lobbying that any other country such as the USA, England or Israel don't also engage to make public opinion more sympathetic to them.
More of option B? If it hasn't been mentioned already and I know it already is a contentious topic repeating it, the drama with J.R. was allegedly a "professional political attack":
Nobody has any problem with Russia the country or the Russian people. It's the current Russian government and its psychopathic leader that are freaking us out.
Still, I believe a reflection of the government deeds affects just people – entrepreneurs, projects, etc.
I don't have data for that. I am just sharing my 5 cents here.
People could "freak out" when they hear "it's Russian" without doing any research from their side. I hope it's not happening often. As a Russian ciz this thought disappoints me sometimes and makes me sad (and our Gov deeds too).
Telegram was blocked in Russia for around 2 years for refusing to cooperate with FSB. That block wasn't effective despite breaking half the internet at times and many people didn't even notice it, so eventually the government just gave up and unblocked it to save itself from being laughed at.
It is actually trivially cut off at the app store level (both apple and google), just like the free-speech-loving Germany is proposing right now (1), and the Russian government chose not to do that. The "telegram blocked" story is 2 years old, currently 52% of Russian Internet users rely on Telegram every day (2) All charges against Durov personally were dropped, and he is (admittedly) rumored to visit Spb now and then, but there is no official beef with him or any of his services currently.
> It is actually trivially cut off at the app store level (both apple and google)
Yes, this is why Pavel blocked the Navalny bot (providing a very nonsensical explanation for it). Apple's app store is why we can't have nice things. Google Play doesn't matter nearly as much because Android allows sideloading and Telegram already makes use of that. This page https://telegram.org/android has a prominent apk download button and an "if you want a Google Play version instead we have that too, you weirdo" link at the bottom.
Check out "telegram russian block" or "ban" in a search engine, from 2018. I don't want to give any particular resources as you will know better what is better source for you - that was a huge event and most news sources wrote on that, including HN. Russian gov forced a block on so many IP classes that a lot of goverment services stopped working, not to mention whole public clouds. Let me just cherry-pick this hilarious tweet [0].
great, so a story from 4 years ago? the ban was removed in 2020, although they could have easily choked Telegram at the appstore level. Yet, it's officially alive and well.
Appstore you say.. well, there are many other distribution methods then appstore. I for instance use the direct download built into telegram. A bonus that I can enter chats that my government thinks is not appropriate, like ones that leaked their official communication they did on random public email services.
Also I'm sorry I dissapointed you with sources. Yes, it's sarcasm. How would one provide any meaningfull sources to what you are afraid of? Is it even possible?
Same. Also an American, and while I don't personally use it for some of the same reasons I try to avoid Facebook Messenger, I'm certainly not "triggered" by its success, whatever that means. It's at least nicer than close competitors like FB Messenger or Google Hangouts in my opinion.
What would you consider to be legitimate criticism of Telegram rather than just being “triggered at Telegram’s success?” I’m curious where you draw this line, and where you found comments from users identifiably from the US who you believe fall into the latter camp.
1. Everyone I know uses it in plain-text, very few dare to (gasp) initiate secret chats (and they tend to lose chat histories every now and then).
2. At one point it had been banned by Russian authorities with a demand to disclose the E2E encryption keys. The ban was quietly lifted with a single report I could find vaguely mentioning some cooperation promises by Telegram’s leadership. What is happening beneath the curtain is anyone’s guess.
3. Last time I checked, the company that runs the servers has undisclosed structure and is liable to be manipulated by whichever entity that gains a hold of them (not even through legal mechanisms, but through direct or indirect fear for personal safety).
4. According to what I heard from friends, solvency/debt issues from the failed ICO attempt made them desperate for money.
It’s not a safe private messenger, period. Even Telegram’s own advocates are switching from their old stance “Telegram is secure” to “Telegram is just best for messaging, who cares about e2e or privacy anyway” (which, incidentally, I don’t know if true in Android land, but at least on iOS Apple Messages has way superior stickers, built-in apps, etc. for those who don’t care that much about privacy).
Durov has said server code will not be open sourced since it would help countries block them more easily. They use many methods to avoid being blocked by government.
The article doesn't claim otherwise, it just states that you have to enable it manually for every chat, which most people don't seem to realize (or care about).
Wasn't Facebook supposed to be some sort of monopoly with an iron grip on its audience due to the first-mover effect? So now it turns out even chat platforms are viable competition...
The "sad thing" is that Whatsapp is 10x-50x more popular in my country and its quite hard to integrate (APIs, bots) compared to Telegram, at least for "small business".
I wonder if Telegram would also be more closed if it was #1...
Telegram doesn't support bots and most other advanced features for E2EE conversations either. It seems at least as valid (IMO) to speculate that WhatsApp's lack of API/bot support is due to an additional technical hurdle than its dominant market status.
This was a great article! It provides a lot of past details that most people wouldn't know about, especially about Pavel Durov (who is an eccentric character, as seen in the posts on his channel).
I'd actually pay a monthly subscription for the value Telegram has given over the years. The pace of development is unmatched by any other platform. I know Telegram chats are not end-to-end encrypted by default. Pavel Durov has explained, and I'm sure it's somewhere on Telegram's site too, that a big reason for not doing E2EE is enabling fast search (on the server). And it shows: Telegram has the best search among chat platforms and is even better than search on social network platforms with more features like Facebook. Maybe they have ulterior motives and/or aren't technically able to provide E2EE for all chats. So far, it hasn't had widespread scandals (other than TON) like Facebook/Meta has had.
This is not to claim that Telegram doesn't have design flaws or drawbacks. But no other platform can catch up to its UX and features for at least a few more years, and that gap seems to be widening as time passes. If any platform were capable of doing so, it would've happened already.
Among Telegram's many features (if you use Telegram, check how many of these you know about):
* Phone number hidden from others? Check.
* Username that can be given to anyone or published anywhere for others to contact? Check.
* Multiple accounts on one app? Check. (the official Telegram clients allow up to three accounts)
* Fast and reliable (comparatively) message delivery? Check.
* Client applications for multiple platforms? Check.
* Messages (the default, non-E2EE ones) sync across all clients? Check.
* Send large files? Check.
* Prevent phone number enumeration by others (who randomly add numbers to their contacts list)? Check.
* Granular privacy settings? Check.
* Search messages by text, by person, by date? Check. Global search? Check.
* Use a calendar view to check activity/messages? Check.
* Edit messages after sending? Check.
* Delete messages after sending? Check.
* Message reply threads? Check.
* User mentions and quick navigation to mentions? Check.
* Scheduled messages? Check.
* Audio messages? Check. Video messages? Check.
* Voice chats (like clubhouse)? Check.
* Polls? Check.
* Chat exports? Check.
* Media editor? Check.
* Built-in video player with playback speed adjustment and fast forward/rewind? Check.
* Edit photos after sending? Check.
* Forward messages with fine control over whether it shows as a forward and whether the caption should be included? Check.
The frequency with which Wired obsessively brings up Trump into everything suggests they are much less interested in exploring the technical side than to push a political agenda. It makes it look like the only thing that matters is where Trump is tweeting now.
And of course, at the conclusion of the article, the author shudders of the thought that there could be a communication platform not censored by the government. The horror!
256 comments
[ 2.7 ms ] story [ 60.4 ms ] thread"Telegram is Russian Spying"
"Telegram has extremely weak crypto"
"Telegram is used by pedophiles"
"Telegram is used by far-right terrorists"
.... Use Signal!
sigh
The amount of times people bash on telegram is becoming painful.
But lets take a logical argument; NSA has made it's mission in backdooring basically everything.
We know from the Snowden revalations that their technical capability in 2008 (he only exposed info on things that were already old, his intent was to show illegal surveillance not capability remember) was such that they had some kind of access to every conceivable device on the planet and the majority of communication that went through the US.
I don't think their technical capability got significantly worse in that time. So, if Telegrams private crypto code is backdoored or weak: well, NSA have it. No doubt should remain in anyones mind about that.
Telegram is hosted on Google Cloud, which is under the juristiction of USA. Google cloud claims to not have access to client data, but I think it's not outside the realm of possibility that something could exist between the TLS terminators and the telegram communication relays.
Maybe I'm wrong here entirely, but two things cannot be true at the same time:
1) Telegram is weak, NSA has access
2) Telegram is strong, NSA does not have acces
If telegram was strong: NSA would do everything in it's power to push users to more controlled platforms.
If telegram was weak: Jan 6th and Jihadi terrorists wouldn't use it.
Addendum: all of these same complaints (save: weak crypto) can be used against Signal.
---
I don't think this is a good justification for not using telegram, you wont be labelled alt-right or a terrorist or a pedophile.
These same arguments come out time and time again about Tor too. It's pitiful, honestly.
Pretty sure the intelligence people have a policy to maintain their ability to see their shit rather than blowing their load.
In fact there's probably an evolutionary aspect to the jihadi thing.
We don’t even need to resort to conspiracy theories — all Germany would have to do to ban Telegram is make Apple take it out of its app store. And it is coming close to that. Telegram’s Durov also openly said that they respect countries’ laws and censor certain people because to be kicked out of the app stores in that country is worse.
What is the decentralized alternative? It takes a lot of work and immunity from the profit motive, to build a viable alternative.
Moxie is famously skeptical of decentralization, but it is essential — not just for privacy, but more broadly — for user empowerment and control. If you want to know what the decentralized solutions look like, lease read my answer to Moxie
https://community.intercoin.org/t/web3-moxie-signal-telegram...
https://gultsch.de/objection.html
That's reaching deep... seriously?
https://theanarchistlibrary.org/category/author/moxie-marlin...
Durov seems to be more of a right libertarian type. Whether this qualifies as "anarchist" or not depends on who you ask.
Telegram didn't have e2e encryption for a long time and its chats are still not e2e encrypted by default. Also, I would hardly call Durov an anarchist.
Matrix
Source? Back when Russia was playing IP whack-a-mole, they were using at least AWS, Google and Azure.
https://www.bbc.com/news/technology-43797176
Not that this really affects the thrust of your argument, since all 3 are US entities, but it seems unlikely that there's a single place you could tap for access to everything.
Frankly I wasn't aware they were on all three, I was just on google cloud and got affected by these whack-a-mole shenanigans, and assumed it was exclusive.
This is entirely my bad for not checking my assumptions and I apologise.
The Jan 6 dudes ("terrorists" and/or otherwise) put their ugly mugs all over Facebook, Twitter, Parler, and the public Internet. I wouldn't exactly take opsec advice from that lot.
I remember 9/11 from outside USA. It "broke" the normal way people lived their life. Jan 6 on the other hand did nothing, no one cared. Only US propaganda media made a huge deal out of it. And they keep talking about the 768 (an more) people who have been charged as if they where charged for terrorism or something. Most of them simply got charged for entering a restricted building. Comparing this to a terrorist attack that took the life of 3000 people and injured at least 6000 other is grotesque and disgusting.
9/11 may have been devastating in many ways, but Jan 6 was an attack at the very structure of the American democracy. They tried to install a leader of the country who wasn't actually the one elected by the majority. If they succeeded, it would be a major blow to American credibility and founding story of a "democratic nation by the people, for the people".
You gotta be kidding me and/or yourself. Do you really believable that?
This was a rather normal protest march which escalated to a riot where a small fraction of the people probably 100-200 resorted to various forms of violence mostly against property and to an extend against police. No question this is bad. But a coup? Really? Installing a leader, lol what?
Reality check: If an heavy armed group would have stormed the capitols and killed everyone inside that would not have installed a leader and that would be an actual terrorist act. Still there is no logical path how that would/could have changed whos the next president.
There is no evidence that any group of people went there with this goal (to violently install a leader). The vast majority was just there to protest and didn't do anything wrong. From the 700+ people charged the majority was just foolish and entered the building/property after police gave up or where overpowered by the actual violent people. There are plenty videos from inside the capitol where people just walk around. These videos were used to charge them but given the fact that they just walk around they basically are trespassing and cant be charged for much. Most of the 700+ charges are non-violent.
One person died because she was shot by the police some others died do to medial reasons. Some injuries and property damage as you would expect from a riot. Calling this a coup is absurd. America would be the last place where people start a coup unarmed.
I would advice you to watch some of the live streams from that day and/or read some foreign news articles about it and make sure you know about all the debunked misinformation tied to the riot. From X people who got killed to a police officer being murdered to bombs it really had it all and most old articles you find about it still are not corrected.
Even if you make the argument that telegram CAN be encrypted (only in 1-1 chats) what ultimately matters is how people actually use it, and that is probably in an unencrypted manner.
I've heard criticisms about Telegram's MTProto encryption on HN, but in my usage of Telegram nobody has ever turned on the secret chats mode enabling it anyway. Anyone privacy-conscious asks me to use Signal, Matrix, or even Threema.
I have heard compliments about Telegram sticker packs though, if the other apps want more users they could consider making "cute stickers" :)
You joke, but Telegram's clients have been innovating for years. Way ahead of the rest. Its packed with features and yet never feels bloated or slow. Frankly, its amazing.
The Telegram client/feature set is great, and I hope Signal and competitors will improve their clients to match.
Many of Signal's sticker packs were ported from Telegram:
https://signalstickers.com/?s=author%3ATelegram
https://core.telegram.org/stickers#importing-stickers-from-o...
In light of that, importing stickers from Telegram to other apps is fair game. Telegram's very brief terms of service* do not forbid users from using Telegram stickers outside of Telegram.
Also, some of these stickers are recycled memes from social media and pop culture, which usually qualify for fair use when used for messaging.
* https://telegram.org/tos
https://tlgrm.eu/stickers/MrBat https://tlgrm.eu/stickers/BattyBat https://tlgrm.eu/stickers/FangBat
Most people I know would rather use Signal now.
It's the same reason why you don't want to measure someones kindness by comparing it with Adolf Hitler. "Oh I have such good neighbor, he is the completely opposite of Adolf Hitler", it just don't compare very well.
We know they had access to every centralised provider's servers (including Google and any other company you care to name). We also know that they couldn't break post-DES cryptosystems when properly used - indeed NSA employees expressed considerable frustration about the fact that they couldn't break PGP-encrypted emails or chats and had to resort to metadata analysis, social engineering, hacking individual users and so on.
> 1) Telegram is weak, NSA has access
> 2) Telegram is strong, NSA does not have acces
It's not a binary. Most attacks on cryptosystems reduce the amount of work it takes to break in rather than making it completely free. And even if the NSA theoretically has access, that doesn't mean they can predict an attack or will share that data with every contry/agency/company. We know the NSA was reading all unencrypted emails up until at least 2012 or so, yet there was plenty of crime committed and discussed over email during that period.
(I'm no fan of Signal or the way it's marketed, quite the opposite, but I trust Telegram far less)
NSA is not a law enforcement agency; they don’t care about crime.
You must have missed this piece [1]:
> The app was in fact secretly built by the FBI, and designed to allow law enforcement to tune into conversations between about 9,000 users scattered around Earth.
[1] https://www.theregister.com/2021/06/08/operation_ironside_an...
What power does the NSA have to influence those choices? When has it happened? Do you have evidence of it?
I think that was probably around the same time more and more of the web moved from HTTP to HTTPS. Even webmail was accessed over plaintext for a long time, so I guess a lot of signal got worse while legal access got not only better but "integrated".
Better and E2E crypto is the main argument for Signal though.
This is a significant difference between those two. You can't just ignore it if you build up such a case.
> accounts do get closed for automated/arbitrary reasons
can happen on any of big platforms
My favourite one from Wired is when they critically examined Project Xanadu leader and its history.
It's from 1995 but people still keep linking to it whenever Xanadu is mentioned.
https://www.wired.com/1995/06/xanadu/
The far right exists and is potentially dangerous, but overconcentrating on it will let other dangers fly under the radar.
FYI: this is not just the US. Far right groups organise all over the world there.
Telegram is really weird and sketchy; the rants Durov posts on his channel against WhatsApp usually make no sense; and their claims of security are dubious. And TON was a disaster.
On the other hand. If I did any social organizing today, I would definitely use Telegram. Signal is fine, but nobody is using it and the UX is just worse. I don't trust Facebook to randomly not shut everything down because some outsourced content moderator in New Delhi had a bad sleep.
Durov might be sketchy and weird libertarian, but damn, his developers can deliver good and working product really fast. (And from what I understand, it's a really small team.) Credit where it's due.
I still think Telegram will plainly run out of money in a few years (you can use it to host unlimited amount of data and share it with unlimited number of people!! that is not sustainable), but well, I will use them before they do.
They just cannot be sustainable long term. There is literally no restriction size-wise on data you can save on their servers. For free. And they have basically no income. They have some new ad program with basically no tracking (which is good for users, sure, but nobody will pay that much for that). They get 0 commissions from payment (and I never heard anyone using their payment thing). TON went nowhere.
You’re repeating weird, but working with both bot api and tg api weekly or so (tg api through a wrapper, but I’ve read about lower level calls and used these in gramjs) I can’t see what do you mean by that.
[1]: https://words.filippo.io/dispatches/telegram-ecdh/ [2]: https://crypto.stackexchange.com/questions/31418/signal-vs-t...
It also seems like files that are not downloaded by many people for a while get moved to slow servers and downloading these is really really really slow. If you have a few GB and want an additional online backup sure you could abuse it for that but realistically the potential to abuse it is low as it simply makes no sense as a could storage + they simply delete accounts from people who abuse the network. "Spam" is very lose defined and if you spam upload/download I'm sure they consider that to be spam and delete your account. Kinda pointless "backup" if you can lose access the moment you use the backup.
>And they have basically no income.
How would you know? They launched ads in public channels.
>TON went nowhere.
TON exists and seems functional just doesn't have anything to do with Telegram anymore due to the SEC.
If you don't need/want that it is clearly superior, but if you do...
Sure, Telegram team used more human resources elsewhere while WA and Signal where doing their E2EE magic, but once they where done - what stopped them from investing into everything else?
The most salient of these is that, if you lose your keys, you may never be able to recover your data.
- Hash the password client-side
- Send the hash to the server. The server treats it as a password, and gives you your blob of encrypted data
- Decrypt the data client-side using the original password
Also, downloading blob to client side and decoding it locally can hardly be done fast enough for user to consider it 'instantly'.
That's a different, further goalpost - we were talking about E2E encryption, weren't we? I.e. the server should not need to decrypt your data to provide it.
Obviously if you want to be able to recover your history from storage with just a password, that does mean the password is the only protection over that history, tautology. So storing your history should be optional, if you're seriously worried about brute-force attacks on data encrypted at rest (indeed, even WhatsApp makes it optional to have a backup of your data!).
In any case, that doesn't compromise future secrecy - i.e. gaining access to the history still doesn't give you access to future messages.
> Also, downloading blob to client side and decoding it locally can hardly be done fast enough for user to consider it 'instantly'.
Off the top of my head, it doesn't have to be a single blob for all your data. You could split the blob into tiny equal-sized chunks, and then have a separate encrypted index file which stores the information of which chunks hold which chats (plus just enough metadata, e.g. chat titles and last messages, to display your homepage properly). The index file is the only one downloaded on first login, then when you want to open a chat it moves the corresponding chunks to the top of the download list.
Exactly, and what is described is not e2ee at all.
> End-to-end encryption (E2EE) is a system of communication where only the communicating users can read the messages. [..] End-to-end encryption is intended to prevent data being read or secretly modified, other than by the true sender and recipient(s). The messages are encrypted by the sender but the third party does not have a means to decrypt them, and stores them encrypted. The recipients retrieve the encrypted data and decrypt it themselves.
Which requirement do you believe is failed by such a system?
[0] https://en.wikipedia.org/wiki/End-to-end_encryption
This is reasonable, but it's not describing any weakness of encrypted backups. It merely points out that "E2E" isn't the right term to use when there are not two E[nds], but rather only one client and their files.
However, our conversation was about storing chat history. There are two parties to the conversation in that case.
The key property of E2E is that only those parties can read those messages, and nobody else, in particular not the agents running the server. That property is not affected by the existence of backups, as long as those backups are client-side encrypted, because third parties cannot access them.
Therefore, it is possible to have both cloud-stored chat histories and true E2EE. QED.
Please, enlighten me how exactly Element/Matrix practically do that. Thank you in advance.
When you login, you provide that password, and Element can use that to decrypt the keys and use these to decrypt the messages stored in the cloud
Alternatively, you can solely rely on syncing keys between verified devices.
Only you as a recipient can decrypt the messages, because they are sent e2ee to you.
And this stays true if you use the backup, as only you know that password.
Regarding the security theater, the backups encrypted with your password are far more vulnerable to being compromised than any of the popular e2e encryption protocols.
But then again, most users do not need real security, they are fine with a warm comforting feeling of safety, provided by a sincere promise that everything is really safe, as demonstrated by Telegram users.
> Regarding the security theater, the backups encrypted with your password are far more vulnerable to being compromised than any of the popular e2e encryption protocols.
How, so? Are you aiming weak passwords? (One is provided for you ("security key"), however you can opt into a custom one that is not directly used for encryption ("security passphrase"))? Or are you referring to PFS, which isn't a property of all popular e2e protocols either, and "far" would be quite a stretch.
How does all that disprove that Element uses true e2ee?
What is "it" that in your opinion should reduce the users privacy?
> I don't know what else to argue about here.
I don't know what you are arguing about right now. What I know, is that I have disproven your original thesis (visible messages right after login through a password is not possible with e2ee) by explaining how it works and providing an example that has put that concept into practice.
If you feel there is anything to discuss, or if you have any further questions, don't hesitate to respond though.
I'll add link that adds technical Implementation details, in case you are interested: https://matrix.org/docs/guides/implementing-more-advanced-e-...
https://www.whatsapp.com/security/WhatsApp_Security_Encrypte...
Overall, the concept seems to be the same: use a secret, only known to the client to secure data stored at a untrusted location.
The major differences include:
- closed vs open source (it's easy to validate the mechanism in the implementation whereas you pretty much need to trust WhatsApp that they don't leak the key)
- WhatsApp uses a third party provider for storing the data whereas with Matrix your Homeserver is responsible for messaging and the backup
- only the main app can access the backup whereas with Matrix any of your clients can independently read and write to the backup (because there is no main client)
- WhatsApp stores everything in the backup, a Matrix client only the keys, because the messages are stored somewhere else
Hmm? How so? Surely this depends on the strength of your password.
> Break one key, and all messages will be accessible to an attacker.
How do you propose breaking that one key, though? The attacker also needs to somehow acquire access to the key backup and to the encrypted messages, so it's a multi-step process.
The encryption protocol does rotate message keys. In fact it uses the same cryptographic primitives as Signal, that is the double ratchet algorithm.
I think you're conflating the message encryption protocol with cold storage, which is the purpose the key backup serves. It's completely typical for backups to be encrypted with a single symmetric key.
Finally, the key backup is completely optional and can be disabled.
Then, how do you break the key?
Brute force? If you break one key that way, it's likely you could break equally secure keys as well.
Access to the device? Well then you have access to everything anyways
This wikipedia entry? So client-side encrypted backups are not called end-to-end encrypted, because the backup service is not a messenger?
That stuff confuses every non IT person.
Not caring about it, allows for a more simple UI and UX to provide a easy way for person A to message B. Where B can be a group of thousands of people.
(a really secure way of posting a message to a big group would be way more complicated, even signal makes compromises)
I get that people like its UX, but if you're sacrificing security for UX then basically anything becomes fine?
The police can only make you talk if they know who to make talk in the first place.
Reading your messages tells them who to interrogate, where to find them, who else is involved, etc.
Encryption is important especially in such countries.
The police need to crack the encryption protocol (not impossible, telegram use non-standard crypto), or somehow gain access to telegram's server farm.
>Reading your messages tells them who to interrogate, where to find them, who else is involved, etc.
Why read my messages if they can start from me? Or that other guy who posted something on twitter? Or any other place? Or talked to someone.
I'm not saying encryption is unimportant. I'm saying that it really only matters as long as all parties involved keep their business secure in the first place.
Not to mention that they police don't really work with that kind of precision here.
If you can choose secure communication vs. insecure communication you're better off choosing secure. You're right of course this doesn't protect you 100%, but it's a lot better than not having secure communication.
Does that mean even with Signal your friend could be compelled to unlock their phone and reveal the comms? Sure. It's still better to have that be the requirement than access to all comms by default. It requires more specific and high effort targeting. It makes it harder to just query keywords generally to find people. It's the better default state.
If you want to exchange your private keys, you better not do it using any chat platform.
What countries do you people live in that needs such hiding from the police/state?
In my country they bought Pegasus and what can I do about it? If they want to trace me they can do it.
Edit: but even so, they could verify a phone number by SMS, no need to make anyone install an app.
it is on https://Github.com/SignalApp
and i’ve got my own variant of Signal server and client running. and runs on not only mobile but Linux too.
Don't, unless it's for a BBQ or friendly partying.
[1] https://www.wired.com/story/brazil-hacker-bolsonaro-car-wash...
[2] https://www.reuters.com/article/us-iran-cyber-telegram-exclu...
[3] https://www.haaretz.com/israel-news/tech-news/.premium-exclu...
C'mon, it's not even E2E. It's as good as Facebook Messenger when it comes to security.
If you only need the one channel and you need to manage a 100+ people, Telegram is by far the best tool. For "communities" Discord is a bit better, since you can split stuff to multiple channels. Anyone with basic knowledge of the internet can also install bots on both to manage dozens of different things.
Signal on the other hand is SUPER SECURE (although you will be giving your phone number to everyone), but no bots and no real ways to manage hundreds of possibly unruly people on a single channel.
If you're managing a 100+ user channel, encryption matters fuck-all unless your invitation process is 100% airtight and every user has all their devices encrypted and locked up at all times.
Data will leak anyway so E2EE won't bring any real advantages.
Any leakage of secret knowledge shared only through these groups could be detected as treason by one of the participants in that channel. Having several channels with fewer and fewer members, closer to the party's leadership, is a typical configuration to maintain control of the most secret information.
Even better than Element? In my experience it does well with hundreds of people as well. And it allows to group channels as well, or use bots
And you can use E2EE everywhere you think you want it
I've been on IRC since its inception in the 90's and I've used ircII and BitchX etc. I'm no stranger to janky clients for communication tools.
Element is still in its death by a thousand cuts phase. There's nothing hugely wrong with it, but everything is a bit wonky. Just enough to be consistently annoying enough for me not to bother.
Summary: Matrix mostly good, Element bad. They should just copy Discord's UX 1:1, change the colour theme and work from there.
FYI they recently got an ad platform https://promote.telegram.org/
I don't see how Telegram is any different to say, Signal. It may have better apps, UX, features and more which that alone makes it a compelling competitor but its optional E2EE support is quite damning.
The great thing about regulations is that it stops such suspicious projects like TON dead in their tracks. After the ICO madness in 2017, unregistered ICOs have become illegal and TON fell in that category.
But who knows, maybe when the terrorists, extremists, scammers and fraudsters realise that Telegram is not E2EE by default or layman terms 'not secure', perhaps they would run to Signal and chat amongst themselves about using a private untraceable cryptocurrency like MobileCoin to fund and plan their operations. [0] [1].
[0] https://www.theverge.com/22249391/signal-app-abuse-messaging...
[1] https://foreignpolicy.com/2021/03/13/telegram-signal-apps-ri...
You have answered your own question there. Humans naturally chose paths that they find convenient, not necessarily safest or otherwise "better" paths.
People keep insisting that electron is chosen for productivity yet telegram delivers more features with more efficiency in C++/QtWidgets (for the desktop) with a smaller team than so many electron stuff
You toss out another statement in "TON was a disaster" without explanation. If you're going to make really big statements like this, please go into detail otherwise you're just shooting from the hip.
TON was a disaster because the SEC got involved. TON, as a technical solution to decentralizing Telegram, was a great idea and I'm sad Telegram was forced into a position of paying for all that infrastructure another way, with ads (opt-in, non-tracking, and only in one-to-many channels but still, ads).
Oh yes, definitely. Whenever I read them it feels strange, understanding the technical context of Telegram. He never mentions that WhatsApp is actually end-to-end encrypted. He does continue to talk about 'encryption', though. It's very very misleading. It just seems to be bashing WhatsApp without talking about Telegram's shortcomings too. He obviously isn't going to be non-partisan but it would be nice if he would be a little more honest.
The UX is great. The Telegram clients are quite nice to use. They're open-source, too. Well, 'open-source' as in they dump a huge diff into the source tree now and again, and they never interact with outside developers submitting Feature Requests and Issues.
Fun fact, their Android code [0] (haven't seen iOS) is unmaintainable mess and on the surface just looks like a complete disaster. I find it baffling how Telegram Android not only hasn't fallen to bits requiring a full rewrite, but has continued to deliver brilliant UX and features.
0. https://raw.githubusercontent.com/DrKLO/Telegram/master/TMes...
And then they will start selling all the personal data they gathered in all these years. They have all the data, except for the tiny amount that passed through secret chats (but they also have the metadata for these, tied to accounts and all the non-secret stuff).
The kind of data Signal can't sell even if Moxie turns evil, simply because Signal does not have it.
the E2E feature is... there... who cares about it, just load it up for one specific conversation and move on.
Ultimately, we need encrypted-by-default messaging based on public/private key pairs (obscured from the uninterested user, of course).
-not being tied to a phone number
-having a desktop app which doesn't suck (sync issues, connection issues, lacking features, is basically a simple proxy for your phone, etc)
-allows me to use 3rd party apps
-having chat history synced across my apps and devices and backed up. History is immensely important
These days, Threema and Signal don't support the Matrix Protocol.
I'd probably even trust FB's unencrypted messenger content to be better protected than telegram.
They clearly have a loyal fan following though.
That said, this idea
> I'd probably even trust FB's unencrypted messenger content to be better protected than telegram.
is ridiculous.
With Facebook you know you will be datamined and the result sold to anyone who wants to buy..
With Telegram maybe Putin reads it, maybe not.
One of them is a threat to my family and friends, the other is not.
If you're using unencrypted messaging you should assume it's public. This is true of FB messenger and Telegram, but if I had to bet on what unencrypted content is more likely to be owned I'd bet on Telegram. This is mostly a bet on where the world's best security people are and the company culture.
Really though we shouldn't be relying on the benevolence of any of these company leaders, that's why people should use Signal or WhatsApp where the encryption means you don't have to (or Urbit where there is no central leader).
In short - you’re posting misinformation.
My point is not that Durov sends data to Putin (I don't think he does).
My point is that there is a lot we don't know about Telegram.
When it comes to WhatsApp and all other Facebook properties we know a lot and much of what we know is ugly.
But yes, I should find a better way to phrase it.
It also sounded like with Telegram there was some abuse of looking up or deleting other employees chats when threatened. The culture of the company doesn’t seem great.
All of this is kind of irrelevant though. The core issue is unencrypted chats.
This is not a fundamental limitation but a default setting in order to preserve privacy. You can easily turn URL previews for a given E2EE room on by going to the room settings > General > scroll down to Other > URL Previews.
(outside of certain self-referential bubbles - like this site) no one cares anything about encryption, if in public chats I am anonymous and untraceable (example: no one can know my phone number and there are granular privacy settings) this is enough for 98% of people out here
"yes, encryption is useful if I want to send nudes to my partner or if I want to buy drugs but not while I'm asking mom for the sufflè recipe or I'm organizing a dinner with friends" this is what people think, and they are not completely wrong
I said it many times and I'll say it again: this can't possibly work in the real world, period. People are notoriously terrible with passwords already. So terrible in fact that VKontakte (I worked there, both with Pavel and after he was ousted) had, and still has, a department dedicated to account recovery. And those are passwords, short strings that you can actually remember. You can't possibly expect an average person to keep their private key (a file you can't store in your head) absolutely secret and never lose it at the same time.
In my world, the ability to recover your account if you lose everything is a hard requirement for any product that is meant to reach mass adoption.
The ability to revoke access is also a hard requirement. People share their credentials — it's a fact of life. In the usual setup, you can change your password and terminate sessions. But if your private key is your identity, you can't do shit to prevent someone who has gained access to it from impersonating you for the rest of eternity.
I don't think it matters as much for messenger attached to your phone number. Even if you lose all your conversations you still can be reached by the same identificator and most of your contracts are stored in phonebook anyway.
I don't know however any groups that use signal as a replacement for any of the above, so do people have experience in migrating groups from those platform to signal?
What has Russian done that
a) Directly affects the results, such as hacking any system where electronic vote is possible.
b) Any kind of propaganda or lobbying that any other country such as the USA, England or Israel don't also engage to make public opinion more sympathetic to them.
https://twitter.com/wokal_distance/status/149022042327069900...
I don't have data for that. I am just sharing my 5 cents here.
People could "freak out" when they hear "it's Russian" without doing any research from their side. I hope it's not happening often. As a Russian ciz this thought disappoints me sometimes and makes me sad (and our Gov deeds too).
citation needed
1. https://www.reuters.com/world/europe/politician-says-germany... 2. https://www.vedomosti.ru/media/articles/2021/09/28/888523-au...
Yes, this is why Pavel blocked the Navalny bot (providing a very nonsensical explanation for it). Apple's app store is why we can't have nice things. Google Play doesn't matter nearly as much because Android allows sideloading and Telegram already makes use of that. This page https://telegram.org/android has a prominent apk download button and an "if you want a Google Play version instead we have that too, you weirdo" link at the bottom.
[0] https://twitter.com/GossiTheDog/status/986138335319117824
Also I'm sorry I dissapointed you with sources. Yes, it's sarcasm. How would one provide any meaningfull sources to what you are afraid of? Is it even possible?
1. Everyone I know uses it in plain-text, very few dare to (gasp) initiate secret chats (and they tend to lose chat histories every now and then).
2. At one point it had been banned by Russian authorities with a demand to disclose the E2E encryption keys. The ban was quietly lifted with a single report I could find vaguely mentioning some cooperation promises by Telegram’s leadership. What is happening beneath the curtain is anyone’s guess.
3. Last time I checked, the company that runs the servers has undisclosed structure and is liable to be manipulated by whichever entity that gains a hold of them (not even through legal mechanisms, but through direct or indirect fear for personal safety).
4. According to what I heard from friends, solvency/debt issues from the failed ICO attempt made them desperate for money.
It’s not a safe private messenger, period. Even Telegram’s own advocates are switching from their old stance “Telegram is secure” to “Telegram is just best for messaging, who cares about e2e or privacy anyway” (which, incidentally, I don’t know if true in Android land, but at least on iOS Apple Messages has way superior stickers, built-in apps, etc. for those who don’t care that much about privacy).
Telegram server side is open source?
Also, https://t.me/durovschat/515221
Facebook suffers biggest one-day fall in history as shares plunge over 26%
More than $230bn wiped off the value of Meta making stock market history.
Most concerning was a never-before-seen drop in Facebook’s daily user numbers.
https://www.telegraph.co.uk/technology/2022/02/03/almost-200...
Anyway, I think facebook is too big to fail.
I wonder if Telegram would also be more closed if it was #1...
I think it does:
https://core.telegram.org/bots
[1] https://techcrunch.com/2021/11/01/whatsapp-brings-its-busine...
[1] https://faq.whatsapp.com/general/whatsapp-business-api/getti...
I tried to connect it to a tor email local postfix, still wip.
I'd actually pay a monthly subscription for the value Telegram has given over the years. The pace of development is unmatched by any other platform. I know Telegram chats are not end-to-end encrypted by default. Pavel Durov has explained, and I'm sure it's somewhere on Telegram's site too, that a big reason for not doing E2EE is enabling fast search (on the server). And it shows: Telegram has the best search among chat platforms and is even better than search on social network platforms with more features like Facebook. Maybe they have ulterior motives and/or aren't technically able to provide E2EE for all chats. So far, it hasn't had widespread scandals (other than TON) like Facebook/Meta has had.
This is not to claim that Telegram doesn't have design flaws or drawbacks. But no other platform can catch up to its UX and features for at least a few more years, and that gap seems to be widening as time passes. If any platform were capable of doing so, it would've happened already.
Among Telegram's many features (if you use Telegram, check how many of these you know about):
* Phone number hidden from others? Check.
* Username that can be given to anyone or published anywhere for others to contact? Check.
* Multiple accounts on one app? Check. (the official Telegram clients allow up to three accounts)
* Fast and reliable (comparatively) message delivery? Check.
* Client applications for multiple platforms? Check.
* Messages (the default, non-E2EE ones) sync across all clients? Check.
* Send large files? Check.
* Prevent phone number enumeration by others (who randomly add numbers to their contacts list)? Check.
* Granular privacy settings? Check.
* Search messages by text, by person, by date? Check. Global search? Check.
* Use a calendar view to check activity/messages? Check.
* Edit messages after sending? Check.
* Delete messages after sending? Check.
* Message reply threads? Check.
* User mentions and quick navigation to mentions? Check.
* Scheduled messages? Check.
* Audio messages? Check. Video messages? Check.
* Voice chats (like clubhouse)? Check.
* Polls? Check.
* Chat exports? Check.
* Media editor? Check.
* Built-in video player with playback speed adjustment and fast forward/rewind? Check.
* Edit photos after sending? Check.
* Forward messages with fine control over whether it shows as a forward and whether the caption should be included? Check.
* Pin messages? Check. Multiple pinned messages? Check.
* Broadcast channels (one to many)? Check.
* Bots? Check.
* Themes and stickers? Check.
* Message folders? Check.
* Interactive emoji? Check.
* Message read receipts (by user) for small groups? Check.
* Spoiler formatting? Check.
* Reactions? Check.
P.S.: I do not work for and nor am I in any way associated with Telegram, except as an end user.
And of course, at the conclusion of the article, the author shudders of the thought that there could be a communication platform not censored by the government. The horror!