Permanently Deleted
balsoft @ balsoft @lemmy.ml Posts 4Comments 328Joined 1 yr. ago
Permanently Deleted
Signal chats can read messenger developers with basic hack (add one more person in chat and collect messages on disk)
How exactly do you think that would work? To add a new recipient the client needs to explicitly encrypt messages with a key available to that recipient. What command in the Signal protocol would trigger that action without first establishing trust in the recipient? (FYI when adding a new device, there is a key-exchange and verification process, which requires access to some other device with keys already on it).
Permanently Deleted
Tell me how Durov, or someone else get access to my one-to-one crypto chat, if I compile mtproto self from github?
As a separate statement: they can't (probably).
In context of the discussion: they don't need to, because secret chats are so inconvenient and fussy that they are seldom used. There is a lot of crime happening in public groups/channels, in "private" groups chats that can not be encrypted, or in 1-on-1's that are not secret. Telegram has the ability to stop all of that with just some moderation, or turn messages over to the authorities, but they don't. Which is precisely why Durov is in custody right now. If he actually made a messenger with good, convenient end-to-end encryption, he would be in the same situation with Signal authors, who have perfect deniability since they can't read anything their users have sent up until this point.
Permanently Deleted
Bullshit.
If you want protect yourself for random network administrator on your network line, of course.
Telegram and Signal both use TLS. They are identically secure from transport-level attacks.
If you want protect from anyone (government for example), of course not.
Of course yes. If you want a more private group chat, or an actually useful 1-on-1 encrypted chat that works across multiple devices, Signal is the only option (out of the two, there are way better alternatives like XMPP and Matrix). For 1 device-on-1 device E2E chats, Signal and Telegram are about the same level of security, except Telegram's protocol sees less scrutiny from the crypto community.
As telegram. If you think that some drug dealers create public chats with sell drugs, so… you are wrong. All work with darknet. In telegram all of them use only private one-by-one crypto chats.
LOL. I see drug ads on the street all the time. The one time I checked, it pointed to a publicly available Telegram bot.
Permanently Deleted
If Signal was to pull a MITM, it would have been noticeable as it requires active intervention in the protocol (it hasn't been noticed yet), it would destroy all plausible deniability for them going forward, and it wouldn't be possible on existing chats (once the key exchange between two parties happens, it's impossible to do MITM). Telegram can just straight up read your messages, past, present and future, do whatever they want with them, with no way for anyone to check if that happens. It's two different tiers of communication security.
To quote another commenter,
You clearly have no idea what you’re talking about.
There’s user to server encryption, just not e2e.
That's exactly what the comment said: The only encryption that applies to most chats on that platform should be transport encryption via TLS
. It's about the same level of encryption as Lemmy PMs.
The fact that Telegram doesn't cooperate with French authorities doesn't mean that it doesn't cooperate with other authorities or sell your data to the highest bidder. They have all the technical means for it.
Don't use a regular Telegram chat if your life depends on the messages being private. Use XMPP, Matrix with E2EE, or at the very least Signal. Heck, even WhatsApp is (reportedly) better, as it claims to provide E2EE and that's been checked by some security professionals who have been given access to the source code. If you absolutely must use Telegram for something like that, only use secret chats.
Telegram is categorically less encrypted than Signal for most chats. It's mostly the same level of security as Facebook Messenger, Instagram DMs, even Email (SMTP/IMAP over TLS) or SMS: it only encrypts communications between the client and the server. Telegram can read everything you send in regular chats. The only way to get end-to-end encryption (such that Telegram technically can't access your communication) is by starting a fussy and inconvenient "secret chat". It can only be done between two people (so no E2E group chats at all), only when both are online at the same time, and it only works on the devices on which the secret chat was initiated and accepted; in other words, as a frequent user I've only used it once for some really sensitive personal information. Even then Telegram still has access to a lot of metadata about messages: phone numbers of both parties, when the messages are sent, how big they are, etc.
I'm not saying that cooperating with intelligence/LE agencies is always an ethical, or even a good choice, but Telegram demonstrably had the ability to do so.
Navalniy and his team openly supported the annexation of Crimea (and destruction of Ukrainian and Crimean Tartar culture).
Not really: https://www.nytimes.com/2014/03/20/opinion/how-to-punish-putin.html ; this is just days after the annexation. I'm no fan of Navalny for various reasons (his nationalist views, xenophobic comments and narratives, etc), but he was very much against all Putin's shenanigans in Ukraine, and vehemently anti-war.
The recently exchanged “dissidents” also showed their true colours by supporting the annexation of currently occupied territories in Ukraine.
What are you on about? Name one of them who supported the war. Most of them were jailed due to their anti-war positions.
Upon further inspection, it's almost definitely AI. Look at the better-quality original: https://in.pinterest.com/pin/937874691150982659/
In particular, note the nonsensical reflection in the mirror (which is inexplicably placed on the floor?), weird toilet paper roll, and half-unicorn horn half-third ear thing sticking out from the head.
And if you check out that Pinterest account, it's full of AI-generated crap too.
Which mostly just demonstrates how good the AI has become, to the point where if you scale down the image somewhat, it fools humans and AI detectors alike.
Most people are technically illiterate. On top of that, most criminals are idiots (otherwise they'd have calculated risk/reward ratio rather than only looking at the reward side of things). The reason it is used by drug dealers is (1) Telegram is convenient, (2) Telegram is not moderated so they accumulate there due to "moderation selection", (3) Law enforcement didn't care enough to do anything about that. Now that (3) has changed and (2) is on shaky grounds, I expect a lot of them will move elsewhere.