This is an article written by telegram’s founder and CEO Pavel Durov in 2019 on “Why whatsapp will never be secure”. Your thoughts?

  • Arthur Besse
    link
    fedilink
    82
    edit-2
    11 months ago

    Sure, fuck WhatsApp, but Telegram isn’t even end-to-end encrypted most of the time. Their group chats never are, and their “secret chat” encryption for non-group chats must be explicitly enabled and hardly ever is because it disables some features. And when it is encrypted, it’s with some dubious nonstandard cryptography.

    It’s also pseudo open source; they do publish source code once in a while but it never corresponds to the binaries that nearly everyone actually uses.

    And the audacity to talk about metadata when Telegram accounts still require a phone number today (as they did five years ago when this post was written) is just… 🤯

    State-sponsored exploits against WhatsApp might be more common than against Telegram, or at least we hear about them more, but it’s not because the app is more vulnerable: it’s because governments don’t need to compromise the endpoint to read your Telegram messages: they can just add a new device to your account with an SMS and see everything.

    (╯° °)╯︵ ┻━┻

    Anything claiming to prioritize privacy yet asking for your phone number (Telegram, WhatsApp, Signal, …) is a farce.

    • @[email protected]
      link
      fedilink
      911 months ago

      Telegram isn’t perfect, but it is infinitely better than Whatsapp because it doesn’t belong to Facebook, and also isn’t from the United States. Also it can be used by normies without problem, unlike Matrix or Xmpp or what have you.

        • @[email protected]
          link
          fedilink
          511 months ago

          Matrix not yet untill they implemented proper encryption and security stuff

          SimpleX is pretty cool

      • @[email protected]
        link
        fedilink
        1
        edit-2
        10 months ago

        Simplex - requires nothing, just install. But you connect with other people by sending a code outside of SimpleX. Though they’ve added a directory service for groups.

        XMPP

        Wire (not Wiremin), though it requires an email account, which is easily addressed with a disposable email.

        Signal is very secure from what I’ve read, despite the phone number identifier.

    • Salamander
      link
      fedilink
      311 months ago

      And the audacity to talk about metadata when Telegram accounts still require a phone number today (as they did five years ago when this post was written) is just… 🤯

      Not only that, but I believe that they actively try to prevent VoIP numbers from being used to create accounts.

    • @[email protected]
      link
      fedilink
      310 months ago

      Bravo, bravo, bravo!!

      Dude, see you on the same side of the barricades when the time comes to fight the centralized army of agent Smiths 👏👏👏

    • UnfortunateShort
      link
      210 months ago

      I don’t agree with everything but that last point of yours. Requiring your phone number only means your are not anonymous. There is no need to be anonymous to communicate privately. In fact, it can be counterproductive, since your are much more vulnerable to social engineering.

      • @[email protected]
        link
        fedilink
        310 months ago

        And also not secure if somebody sim swapped you, and then your privacy goes into the hands of the FSB agent who sim swapped you