Telegrsm is not secure anymore. USA have all the keys of the encriptions of telegrsm.
this post was submitted on 29 Jan 2025
107 points (98.2% liked)
Asklemmy
44615 readers
1397 users here now
A loosely moderated place to ask open-ended questions
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
founded 5 years ago
MODERATORS
citation?
I wouldn't say USA has all the encryption keys, but the fact that it is actually possible to have a backdoor is reason enough for me to not use it. Signal complies with all search warrants, giving all the data they have to law enforcement. They have never given any data to law enforcement, because they do not have access to it. Telegrams approach is to simply to spread the data to several servers in different countries, so if law enforcement wanted access they'd have to submit requests to each country (some of which wouldn't comply).
It really depends on who your friend is, and who they are trying to defenf against.
If the US ( or Russian / Chinese) government really wants to access an internet-connected device, they can do it; what app you are using doesn't even matter. For example, most people use the default Google keyboard, which could be compromised.
If the concern is about local goons / employers / coworkers, then both Telegram and Signal are more than enough to stop them prying.
As for whether to use Signal or Telegram, Signal has end to end encryption enabled by default, while in Telegram you have to switch it on for each chat. On the other hand, Telegram has the best UI among messaging apps hands down.
Pegasus really negates a lot of security too.
Compromising one of the devices is always game over. The only way to be Pegasus-proof is to not communicate digitally.
Even if you switch to an offline keyboard, the new "ai" assistants in Windows, iOS, and Android? Can read your screen, microphone, and etc. I'm not really sure what you should use unless you use coded language. Even then, there's just too much information about you out there anyway. Best bet would to be have conversations in private away from any electronic devices or use something like tails.
Telegram is not end to end encrypted. Repeating it's not. Only private mode or something like that is.
You don't say? A cloud-service I can access from all devices plus API and bots is not e2e-encrypted with zero knowledge? I'm shocked. That's what "secret chat" is for. Literally.
They chose this way as the regular Joe and Jane don't care for privacy but for comfort. You can never ever have both. Nowhere.
I love tgram for it being so open. And e2e when I need it. I don't need privacy for when my smarthome sends me notifications about a light I left on or something 😁
WhatsApp is E2EE and it does maintain some of the "cloud" functionality, at the expense of the device transfers being a pain and potentially you losing your message history if you don't have a backup.
Yep, and this allows for proper content moderation. Telegram can actually just find and report creeps to authorities
That too. Sadly the restrictiveness was badly abused. Noone really wonders but...that's why we can't have nice things.
Well then use the secret chat if you want your chat to be secret from any prying eyes
I meant the restrictiveness towards governments. The pesos and Nazis fucked that up, tgram had to do something or have their ill repute grow even more.
Telegram seems to be a popular option for groups of such orgs. Other apps have the same risks tho. It's a bit if a mess
In my view, by far the biggest reason to switch is that Telegram doesn't end-to-end encrypt chats by default.
Yes you can start encrypted chats specifically, but i'll bet 99% of chats on telegram aren't encrypted - meaning whoever has access to the telegram servers can read all the messages.
Signal claims to end-to-end encrypt all chats by default, and if you want to be 100% sure you can in theory read the source code and compile the app yourself. this means signal cannot read any of your messages, even if police asks them to or servers get seized. That's a massive advantage in privacy.
Additionally, E2E chats don't sync between devices (and iirc you can't use them on desktop at all), and group chats can't be encrypted at all.
Signal very recently made syncing between devices possible:
https://signal.org/blog/a-synchronized-start-for-linked-devices/
I was talking about Telegram. Syncing messages between devices has always been possible on Signal, just not the ones from before you connected the extra device.
load more comments
(1 replies)
load more comments
(3 replies)
Telegram for random public chatter/file storage(with password lock), talking to strangers without giving them your number. Signal for personal/private conversations.
Spread your data (encrypted or not) around, so a single entity doesn't own your digital life. Your device can handle 2 apps and don't give them permissions willy nilly. Geez, every one of these posts just wants to start a flame war.
In Telegram, you never have to expose your phone number. If you like walking into traps then of course you can.
But can make minimal efforts to not be a degenerate avoiding this obvious easily avoidable trap.
How to avoid exposing your phone number
Make a group called i'm not a complete utter idiot. Whenever you have a friend wanting to connect, make a group link, send it to them, have them join. After joining have them send a message in the group. Just, "Hi". Nothing more. Less is more.
Look for that message and click on the person's name. You are now connected. Send them a personal message, "Hi!".
You can also add them as a contact without sharing your phone number.
Your friend will probably be a degenerate and expose their phone number. Teach them how to go into settings to always hide it.
Try not to call them a degenerate, degenerates hate that.
Also try not to think of them as a degenerate, they will already know that and be proud of it and not understand why you don't share their enthusiasm.
So control what thoughts you project into the ether. If you have to change the topic in your mind to something involving flowers singing birds and clouds.
If you have a safe, but cannot open it, do you own the contents inside? Signal has no way of accessing your data, I would argue they don't own it.
Signal supports username based chatting.
Telegram rolls their own crypto. That should be the biggest red flag by far. I say this as a telegram user
Signal pretends not to.
I prefer Telegram's honesty.
We are Telegram and we are here to help. And to make it more fun we will send all your communications to Russia for a change.
Oh man! Where do i sign up /nosarc
The encryption method they use was made up by them, and the chats aren't even end to end encrypted by default. Which I would argue is a larger red flag.
This 1 + 1 = 2 logic is boring. It's trying to escape out of a wet paper bag over and over again. Whatever your 1 + 1 = 2 logic is their is another guy who can drive a bus staight thru it. Every single time.
In a year from now you will find out you are completely mistaken and just repeating nonsense. Every freak'n time.
Just for once, do the wrong thing. Make the wrong choice on purpose.
Instead of seeing never ending red flags. Today see purple flags. And tomorrow orange. Cuz why do flags always have to be red?
You can be right or you can have fun.
Do the wrong thing sometimes. Live a little.
While there may be better options out there, from a purely security standpoint.
The real world, with non-tech people needs solutions that are easy, fast and as close to foolproof as possible.
I choose Signal, because my mum, my sisters and brothers (none of which are tech people) can all go to their app stores and install Signal, it works and it is easy. Signal is private BY DEFAULT, I don't have to remind them to turn on security for each chat, there is voice and video chat for individuals and groups, I can use it to send files. It is really good. Secure communication is their primary goal.
I have been using Signal since it was called TextSecure and I only had one contact using it.
Yes it sucked when they dropped SMS support; but these days about 98% of my messaging goes through Signal. Any SMS is usually from my doctor/dentist/bank.
I never really trusted Telegram, too many compromises. Secure communication is not their primary goal.
The real world, with non-tech people needs solutions that are easy, fast and as close to foolproof as possible.
Nope. Grandma gets a smartphone
Meaning they are hopeless and it's impossible for them to emulate a techie.
It's a fools errand.
Just stop trying to pretend Grandma is something more than completely unimportant and forgettable and hopeless and more likely than not merely a pest.
I'm so tired of entertaining Grandmas.
load more comments
(8 replies)
Telegram doesn't even encrypt group chats. And it doesn't encrypt private convos by default.
load more comments
(3 replies)
There’s a lot of answers itt but heres a simpler one:
If you want to prevent people in power from having access to communications there are two methods employed, broadly speaking:
The first is to make a very secure, zero knowledge, zero trust, zero log system so that when the authorities come calling you can show them your empty hands and smirk.
Signal doesn’t actually do this, but they’re closer to this model than the second one I’m about to describe. Bear in mind they’re a us company so when the us authorities come to their door or authorities from some nation the us has a treaty with come to their door signal is legally required to comply and provide all the information they have.
The second is to simply not talk to the authorities. Telegram was closer to this model than signal, using a bunch of different servers in nations with wildly different extradition and information sharing mechanisms in order to make forcing them to comply with some order Byzantine to the point of not being worth it.
Eventually the powers that be got their shit together and put hands on telegrams owner so now they’re complying with all lawful orders and a comparison of the tech is how you’d pick one.
The technology behind the two doesn’t matter really but default telegram is less “secure” than default imessage (I was talking with someone about it so it’s on the old noggin’).
I really like this explanation. Not many are aware of how telegram was designed to make it as cumbersome for authorities as possible by splitting their data across different nations.
view more: next ›