Many in the crypto and privacy community mistakenly trust Telegram because it’s “end to end encrypted”, but there are huge issues including not hiding the metadata, censorship, centralization, and phone numbers.
Send this video to your friend that asks why you won’t join: https://video.simplifiedprivacy.com/why-telegram-sucks/

  • @totallynotarobot@lemmy.world
    link
    fedilink
    1081 year ago

    Can we stop doing videos as news and opinion please? They’re an inefficient, annoying, and intrusive way to communicate this kind of information. If it doesn’t need to be visual, it is in video format only for monetization reasons, which I’d think would be more concerning to this community.

  • 1bluepixel
    link
    fedilink
    731 year ago

    A cringe video made by someone selling a Blockchain messaging solution.

    • @ShadowRebel@monero.townOP
      link
      fedilink
      -101 year ago

      We sell self-hosted XMPP services and Session usernames. We did not make Session. What’s cringe is your lack of research or knowledge

  • Dark Arc
    link
    fedilink
    English
    39
    edit-2
    1 year ago

    Wow, not to pick on the narrator, but this comes off like the worst small town used car dealership TV advertisement I’ve ever seen.

    Here’s a real rundown I’ve put together over the years:

    Pavel Durov’s argument is that there should be a high functioning UI/UX experience for “non-secure” communication, and when you need it there’s something much closer to Signal’s very secure client-to-client encryption.

    Arguably Telegram secret chats are even “close enough” to cloud chats an adversary might not notice you’re doing the “super secret things” (making it harder to identify what to target).

    MTProto Cloud: https://core.telegram.org/file/811140746/2/CzMyJPVnPo8.81605/c2310d6ede1a5e220f

    MTProto Secret (Wrapped in MTProto Cloud): https://core.telegram.org/file/811140633/4/hHw6Zy2DPyQ.109500/cabc10049a7190694f

    They also provide verified builds even on iOS (though it’s a bit of a hack, not “really” quite the same thing).

    The only things that can really be said about Telegram’s secret chat crypto are that:

    1. It’s not “the default”
    2. It’s their own crypto (i.e., they broke “rule #1” and “rolled their own”)

    Ultimately though, it’s been just shy of 10 years since Telegram entered the scene, and nobody has actually broken Telegram crypto in any meaningful way – AFAIK, to this day. Still, there are hypothetical holes in the crypto when scrutinized vs something like signal. So, is it as good as Signal or Threema? Eh, probably not, is it good enough for the average person that isn’t target by a nation state? I’d say probably.

    • @library_napper
      link
      -41 year ago

      I think you missed the most important part: all accounts are tied to a phone number

        • @library_napper
          link
          31 year ago

          I dont know what happened, but unfortunately that article is misinformation.

          I was excited to sign up for telegram without a phone number, but the very first thing it asks you when you open the app is to enter your phone number. It won’t let you proceed without it.

          • Dark Arc
            link
            fedilink
            English
            1
            edit-2
            1 year ago

            It’s not misinformation, but it’s also not free. You have to “get a fake number” of sorts from the Fragment blockchain.

            I don’t know much about those specifics because I live in the US, and fragment doesn’t work here (due to conflicting views with the FEC). In theory, a VPN might let you do what you want even if you are in the US.

            https://fragment.com/numbers

            • @library_napper
              link
              21 year ago

              That article was written in Dec 2022. either something was lost in translation or Telegram ditched the idea.

              As stated before, you cannot use telegram without a phone number, which is a threat to security, anonymity, and privacy.

    • N-E-N
      link
      fedilink
      91 year ago

      Yep, E2E isn’t sufficient to ignore it being made by Meta, I def still trust Telegram more

        • N-E-N
          link
          fedilink
          71 year ago

          Cause telegram has better UX, supports logging in on my 2 phones, can send uncompressed larger files, more appearance customization, etc

          I love Signal too but Telegram is also great

          • @PeachMan@lemmy.one
            link
            fedilink
            31 year ago

            Fair enough, the features are nice. I just want people to know that they’re compromising on security by using Telegram. But if you don’t have any REAL reason to be paranoid, then you don’t really NEED to use Signal.

            • N-E-N
              link
              fedilink
              11 year ago

              Ye that’s how i feel. I scarcely send anything that I’m truly worried about and when I do, I’ll use their Private Chats or Signal

              P.s. I also love Telegram stickers tbh. Silly I know but they’re great

          • @PeachMan@lemmy.one
            link
            fedilink
            41 year ago

            So it removed a feature that had nothing to do with privacy and added a feature that doesn’t matter if you don’t want to use it? Wow how dare they.

            • @applejacks@lemmy.world
              link
              fedilink
              21 year ago

              I used to be a big proponent of Signal.

              It was incredibly easy to have friends and family download the app and replace their SMS app with it.

              Almost zero change or learning curve on their end, and we all got increased security when we used it.

              Telling your parents to download yet another new app to talk to just you is a no-go and sabotaged their goal of increasing security for people at large.

              • @PeachMan@lemmy.one
                link
                fedilink
                71 year ago

                SMS is INCREDIBLY insecure, and it doesn’t surprise me that they dropped it. It risks giving a false sense of security to anybody who doesn’t understand encryption (like, you know, your parents). They’ll think that any conversation in Signal is secure when most of them probably aren’t.

                Signal isn’t “yet another new app”, it has been around for a decade and it continues to be the gold standard for E2E encrypted messaging. The fact that SMS still exists and people are stupid enough to use it does not mean Signal needs to maintain a feature that made their product inferior.

  • regalia
    link
    fedilink
    241 year ago

    Stop posting videos and post well written articles.

  • @partizan@lemm.ee
    link
    fedilink
    111 year ago

    Thats why Element(Matrix) is the way. Ideally selfhosted+federated, but even the default matrix.org is much better than most other chat apps.

    • @EngineerGaming@feddit.nl
      link
      fedilink
      41 year ago

      Why Matrix and not XMPP? XMPP is also flawed, but much less bloated, easier to selfhost and doesn’t have so many people being on central instance like matrix.org (there are other arguments as well).

      • regalia
        link
        fedilink
        3
        edit-2
        1 year ago

        Because there’s not a single good app for XMPP and nobody uses it.

        Their bleeding edge app is Conversations which costs money (already unviable), and the app looks like it’s designed in 2012.

        • @EngineerGaming@feddit.nl
          link
          fedilink
          1
          edit-2
          1 year ago

          It does NOT cost money on F-Droid. You don’t even need to install the market itself, you can get the app from F-Droid’s website (though then you’d have to check for updates yourself). For me, it was a chance to get mom to F-droid.

    • It may be once sliding sync and proper key handling of room history for new members get implemented.

      Right now sync is very slow, the apps are heavy weight too (as I know at least partly because of how sync works today), and if a new member joins an encrypted room, they will not see the history even if you set it that way, because the clients that know the keys won’t send to theirs.

  • @Microw@lemm.ee
    link
    fedilink
    91 year ago

    The only thing Telegram has going for itself is that it’s Non-Meta and Non-Western.

    Anyone who has a closer look at Telegram’s reputation knows that their privacy claims are dubious. If you want end to end encryption, even WhatsApp is better. But these things depend on your individual threat model.

      • Dark Arc
        link
        fedilink
        English
        91 year ago

        Yeah, end to end encryption in a closed source app can’t be proven outside of the company and the company can’t be held accountable by the public even if it gets a third party audit at some point because it can always just change the source.

        Open source, client side, end to end encryption is the only serious standard.

        • slazer2au
          link
          fedilink
          11 year ago

          open source can also change over time. The only time you can trust it is when it does have an independent third party audit and even then they have very specific language saying what they found and in what version.

    • N-E-N
      link
      fedilink
      11 year ago

      Telegram can be E2E, no reason to switch to Meta’s app for it

  • @ReversalHatchery@beehaw.org
    link
    fedilink
    English
    51 year ago

    Who thinks in the privacy community that Telegram is end to end encrypted? They were largely mislead. That’s an option, that even prevents sync of the chat between your devices.

    The thing is, Telegram has some shady things, but until Matrix becomes usable this is one of the very few usable options. And until then, use Telegram FOSS from F-droid.

      • @ReversalHatchery@beehaw.org
        link
        fedilink
        2
        edit-2
        1 year ago
        • Huge resource usage by clients
        • Huge sync times (not just first time, but also if the client was offline for a few weeks)
        • New room members in encrypted rooms can’t read old messages even if you have set it up that way

        Fortunately they are working on all of these, and as I just found out recently, they also have an alpha version app now that makes use of the new efficient sync, which I expect to fix 2 of the above (the resource usage is partly because of how sync works now)

  • Gamey
    link
    fedilink
    51 year ago

    I try to explain that to people all the time, they only use E2E for so called secret chats and comply with every country as soon as a ban is on the table, there are even reports about a case in Dheli where they did so for Audiobook piracy!

  • elouboub
    link
    fedilink
    51 year ago

    Why isn’t this video uploaded to peertube instead of some dude’s personal bog?

    • Possibly linux
      link
      fedilink
      English
      101 year ago

      Because its just that. All it is a personal blog. It is not a valid source

  • KrisND
    link
    fedilink
    English
    41 year ago

    I like mixing it up, even mid conversation, between Threema, Signal and Session. Put the puzzle together feds xD