62
I put it in the same boat as WhatsApp. Better than SMS, but I’ll be sticking to Signal.
I'd put it below Whatsapp, which encrypts all messages end-to-end by default (but still mines metadata), while Telegram requires you to specifically start a secure chat for that, which doesn't even work for groups.
+many for Signal.
Telegram is neither private nor secure. Its not encrypted bu default. Normal texts as well as group chat is stored unencrypted on its servers.
For everyday use with friends, family and work (assuming these folks already have your number), Signal may be the best thing out there as its open source both on server and app levels. Signal is also end to end encrypted (E2EE) with decryption keys stored on device.
For anonymous communications Session and SimpleX may be better as they are both E2EE and doesnt requie a phone number as an identifier.
Just chuck out Whatsapp, Telegram and all the other closed sourced garbage apps.
What about Matrix?
Unless you want to run communities there I wont bother with it. I feel everything from setting up accounts (anonymously) to getting people to join, works better in SimpleX and Session. I'd even be happy using SimpleX as my everyday messenger. Matrix is a little clunky and the fact that all conversations get duplicated on the primary Matrix servers is cause for concern.
With Signal and SimpleX, servers are used only for relaying messages beteeen users - messages which are encrypted on the device.
In the end you are going to be sacrificing something, and the last thing you'd want to sacrifice is privacy and security.
If I was pushed to list my go to, it'll be Signal for chats with people I know: because its open source, battle-tested against adversities, and can be set up by anyone who understands how ro use Whastsapp / Telegram.
For communitties (and even as a daily text solution beteeen collaborators or anyone you dont want to exchange numbers with), I'd use SimpleX as it has a lot of in-built anonymity and decent privacy (so far - its a fairly new project).
Theres just too much fuzziness round Matrix for anyone to trust it.
Signal is also end to end encrypted (E2EE) with decryption keys stored on device.
And how decryption key gets to other device 👀?
It's a "basic" Diffie-Hellman key exchange that's been a solved issue since before mobile phones were even invented[0].
Think of it like this:
I give you a lock that only I have they key to open it. You can secure (read encrypt) any message with it by placing it in a box and locking it with my lock, send me the box and - because I'm the only person in the world with the key to open it, we can say you're sending me a secured (encrypted) message. It doesn't matter if anyone can intercept this lock because all they'll be able to do is send me secure messages from their inbox. Now, in the digital world this lock we're giving each other is a cryptographic "public key" that you can lock a million things with (messages, images, videos) and send them to me via the internet. We can thus exchange public keys and securely message each other.
I've simplified it a lot, as Signal actually uses something called the "Extended Triple Diffie-Hellman" (X3DH) [1], but I hope this explains how it works. You can read more about it here [2]
[1] https://www.signal.org/docs/specifications/x3dh/
[2] https://security.stackexchange.com/questions/45963/diffie-hellman-key-exchange-in-plain-english
Signal is also end to end encrypted (E2EE) with decryption keys stored on device.
And how decryption key gets to other device 👀?
The company's CEO is Pavel Durov, the very clown who built russian alternative to Facebook, VKontakte, and then practically sold it to russian government with all it's users. And russian government, being itself, repressed anyone who liked "wrong" stuff there. So, Durov being no stranger to selling things to governments, in my opinion, deserves zero trust.
He didn't voluntarily sell it to the Russian government.
Didn't he basically get ousted and kicked out of Russia since he didn't wanna sell VK?
Yes
You don't know, what are you talking about.
https://lemmy.world/comment/1556530
I'm perfectly aware of what I'm talking about. He lost control of company's shares to government-affilated people and they fired him. What an unpredictable turn of events. I don't really care if it happend due to stupidity or malice, considering the amount of public stunts he pulled off at the time, I doubt you can call his course of action straightforward.
Even when he was fired, they did it with his own resignment notice he submitted as April Fool's joke. The guy is a literal clown, I have no idea why you'd entrust him with your data.
Being encryption needs to be enabled highlights how Telegram is trying to increase users who want privacy & security but don't exactly know how to go about it. Granted, the option makes it a step up above sms, but that's not saying a lot...
Just use Signal or Matrix.
I like telegram but russians.
Still better than using WhatsApp.
I like telegram but russians.
You know, I have friends that say this, but at the same time they're stuck to tiktok like crazy...
You may want to read this, especially the part about what happened with the start of the Ukraine war. https://en.m.wikipedia.org/wiki/Pavel_Durov
I've skimmed through the whole thing, but I'm unsure what you're referring to. A little help, please?
On 16 April 2014, Durov publicly refused to hand over the personal data of Ukrainian protesters to Russia's security agencies and block Alexei Navalny's page on VK.[8] Instead, he posted the relevant orders on his own VK page,[29][30] claiming that the requests were unlawful.
On 21 April 2014, Durov was dismissed as CEO of VK. The company claimed it was acting on his letter of resignation a month earlier that he failed to recall.[8][31] Durov then claimed the company had been effectively taken over by Vladimir Putin's allies,[31][32] suggesting his ouster was the result of both his refusal to hand over personal details of users to federal law enforcement and his refusal to hand over the personal details of people who were members of a VK group dedicated to the Euromaidan protest movement.[31][32] Durov then left Russia and stated that he had "no plans to go back"[32] and that "the country is incompatible with Internet business at the moment".[8]
Thanks!
So you didn't read it initially, you lazy pumpkin?
load more comments
(1 replies)
Career -> Dismissal from VK
He then goes on to found Telegram, with it based outside of Russia. I think their point is he has little reason to be friendly to Russia currently.
Of course, if you’re a dissident you would be putting a lot of trust in a Wikipedia editor.
Telegram is more popular than WhatsApp in several global south countries. I use it with friends around the world, it has better functionality than WhatsApp. I'm not a fan of Meta so as far as "it just works" messaging apps go, Telegram is probably the best alternative to WhatsApp.
It's better than Whatsapp & Co since it's FOSS. It's worse than Matrix and XMPP since those are federated (and Matrix has e2ee). It's about tied with Signal, Signal is FOSS but hostile to third-party clients, in exchange it has encryption on by default.
Telegram is known to occasionally hand out users' data in extraordinary circumstances, but that's pretty rare overall. It's not the choice for super sensitive communications, but it's decent as a better alternative for SNS. It's very popular in Russia because it has public one-to-many channels and unlike VK and etc it mostly doesn't censor stuff. I'll never use Whatsapp, I have no reason to use Signal because nobody I know uses it and Matrix is better, Telegram is alright in my book.
Also it's possible to buy anonymous telegram accounts, not sure that's possible for Signal.
Telegram is known to occasionally hand out users' data in extraordinary circumstances
Source? And what circumstances? AFAIK it never happened.
Thanks, though the article also says that Telegram states they didn't share any data because they have never stored it (like IP).
Do a search online of Telegram turning over user to government, they store your contacts and info.
For absolute privacy and security, stick with SimpleX for creating a different random ID for each contact you message, no 2 users will see the same ID from you.
As a secondary option, use Molly which is a modified version of Signal to remove proprietary dependancies.
It's one step better than whatsapp, fb messenger and viber. I use Signal with my family and friends, it's a middle ground between the big ones and XMPP.
Somewhere between WhatsApp and Signal. It has FOSS clients, hands over user data only under extraordinary circumstances (terrorism and child abuse, afaik), and runs on pretty much any hardware. The last two points make it very popular in eastern Europe and most of Asia. The main problem with Telegram is that normal chats are not end to end encrypted, and instead use a weaker encryption algorithm. Secure chats are e2e encrypted, but are not on by default.
Overall, it is used by opposition parties in countries like Russia, Belarus and Iran for day to day stuff, so it is fairly secure. Of course, if you are a reporter or activist who has a lot of enemies, you could get something even more secure.
Overall, it is used by opposition parties in countries like Russia, Belarus and Iran for day to day stuff, so it is fairly secure
I think this is overselling the "privacy" aspect of storing your personal messages on a server where the admins have complete access without you ever knowing if/what they're doing with it.
Make no mistake, Telegram is as "private" as Facebook. They have access to all your data and as that data grows, it grows in value. It's only a matter of time before they directly or indirectly exploit this (or get compromised) and all your "privacy" is out the window.
No hate towards Telegram, I'm sure its a great platform, but people should at least be aware that it's basically the Pepsi to Facebook's Coke.
load more comments
(1 replies)
FluffyChat (Matrix) . No phone linking . Encryption . Period . The only backdraft is others users needs to register in matrix and when I tell other to do so they ask me if I’m talking about the movies
I posted the following review on Play Store about FlullyChat (22 March 2022).
I am trying, I really am, to sign up to matrix but no matter all the captchas, the verification emails and agreeing to the terms my account doesn't exist and requires me unspecified "additional verification". Even on a different homeserver, using SAML, I with an account actually ready and connected in my browser the app just won't log in. I got frustrated and left the app.
I actually got extremely mad that day, as it was an already painful day. Can you tell me if Matrix or FluffyChat have become easier to access from the outside?
Not sure from fluffychat how is the registration process. I originally registered from Element app, which is also good. And in that time it was pretty easy, it made me to register on matrix.org . And I used my same account very smoothly in Fluffychat
Private home server. Bridges.
Show them they can have all their chats in one app.
They will beg you for an account.
Then you can talk to that person only within matrix. Rinse, repeat. They begin to move over one by one.
I wouldn‘t use it for messaging, but as a social media platform it seems to be working pretty well.
They are seriously suffering from NIH (not invented here) syndrome. So, you can theoretically build your own Telegram client, but you can't re-use any standard components to do so. WhatsApp on the other hand doesn't open their clients, but under the hood they are just using mostly standard components (Noise protocol, modified XMPP protocol, Signal protocol), so it's not actually that difficult to build your own WhatsApp client by just piecing together these components.
I prefer SimpleX to Signal, Telegram and Matrix tbh.
Any platform that requires your phone number to sign up can't be considered private de-facto
That's more about anonymity than privacy though. Take Signal for example. Yes, the phone number makes me identifiable, but what I chat about is very much private.
Nothing that requires your phone number to register or has centralized backend could be considered privacy-friendly.
load more comments
(1 replies)
My opion is I won't go near it. Matrix via Elementor it's many other clients is for me and my family.
I use Telegram the most, as I have most of my contacts on it. Secret chat is there for those that I want to be sure to be private. I have no issues with them as they have proven not to be sharing their data, or selling it (through the absence of that ever coming to light - unlike WhatsApp metadata passed up to Facebook). They are streets ahead on features, and their broadcast channels are really useful. I also push my blog posts to a channel that I have on Telegram. But like others have said, I also have Signal, Matrix, XMPP, etc as I have different friends on different networks. The only messengers I don't have are Meta owned ones, as we have clearly seen what happens to our metadata there in repeated occasions.
view more: next ›
this post was submitted on 21 Jul 2023
62 points (100.0% liked)
Privacy
29777 readers
666 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 4 years ago
MODERATORS