• @rdri
    link
    English
    010 months ago

    Could you just read the thing? Private and group chats are called cloud chats and the image above describes them. Below is a graph for secret chats.

    • @[email protected]
      link
      fedilink
      English
      110 months ago

      Yes “cloud chat” is not end to end, but only encrypted to the server. That’s what all services to including Facebook and Instagram. If it’s not end to end it’s useless.

      • @rdri
        link
        English
        010 months ago

        Now you’re just denying the obvious. You complained chats on telegram are not encrypted, and that’s false.

        That’s what all services to including Facebook and Instagram.

        Since both Facebook messenger and Instagram messenger use e2e you seem to really mean just Facebook and Instagram websites. And I wonder how could they be functional if they used e2e.

        If it’s not end to end it’s useless.

        It’s not and you probably realize that much.

        • @[email protected]
          link
          fedilink
          English
          110 months ago

          No I’m being serious here.If it’s not end-to-end encryption in groupchat, it’s not private. And Telegram does not provide e2ee in groupchat. Thats the whole issue. Signal does that. Even iMessage does that.If it’s not e2e somebody else does have access to your chats. In this case everybody with access to Telegrams servers, can read your group chats. And that makes it useless IMO. That is not the case with Signal.

          • @rdri
            link
            English
            010 months ago

            Well then it really is “hey one company decided to do it this way so anything less than that is no longer acceptable” for you. For me, it’s not all about absolute security. From my experience, people seeing my messages through the app and people accessing my phone is much more dangerous than people seeing my messages on a server used by the service. I know roughly what e2e for group chats implies and reasons why it’s not implemented everywhere asap. We’ll see where this leads Signal, maybe we’ll also see cases of someone accessing data on Telegram servers etc.

            For now, I mainly use my PC, so not going to infect it with another electron app, or recommend it among friends.

            Even iMessage does that.

            Seems false as I didn’t find confirmations for that.

            • @[email protected]
              link
              fedilink
              English
              110 months ago

              I know roughly what e2e for group chats implies and reasons why it’s not implemented everywhere asap

              It’s not implemented because it requires more resources and Telegram is too cheap to offer that. The same reason Telegram does not encrypt chat by default, but you have to actively choose secret chats. It’s a way for Telegram to save money on server ressources. Both Signal and iMessage can provide e2e encryption for 1-1 messages and group messages and sync across devices.

              Seems false as I didn’t find confirmations for that. All messages between iMessage clients are end-to-end, also groups, it has been so for years, it’s not news. iMessage has other problems, mainly that the private key is synced in iCloud by default (you can turn this off), and that Apple save a bit too much meta data. So iMessage is not perfect. It is still better than Telegram. As you can see here https://security.apple.com/blog/imessage-pq3/ Telegram have not even implemented a post-quantum cryptographic protocol, both Signal and iMessage have that.

              For now, I mainly use my PC, so not going to infect it with another electron app, or recommend it among friends

              We can agree that the Signal desktop app is kind of clunky, and I do hope it gets better in the future. Telegram might provide some usability, but it’s not much better than using Facebook, if your concern is privacy. Mainly because the lack of e2ee in default chats and group chats.

              • @rdri
                link
                English
                0
                edit-2
                10 months ago

                because it requires more resources

                Not just more. Exponentially more, if one is going to host the data on server.

                Telegram is too cheap to offer that

                It’s dumb to call telegram cheap at this point. User base is too large and it handles it relatively well.

                Signal, however, chose to not keep almost anything on servers, which mean it’s literally cheap to serve, and it’s very easy to call them cheap for not offering more features.

                Telegram does not encrypt chat by default, but you have to actively choose secret chats

                This is false. Again, “not using e2e” is not the same as “not encrypting”.

                Both Signal and iMessage can provide e2e encryption for 1-1 messages and group messages

                Again, I have yet to see proofs of iMessage using e2e for group chats. Rather, things I read suggest the opposite.

                but it’s not much better than using Facebook, if your concern is privacy

                Arguable due to many differences. But not going to waste our time on this. Though if your only concern is privacy better don’t use the internet in the first place.

                • @[email protected]
                  link
                  fedilink
                  English
                  110 months ago

                  It’s dumb to call telegram cheap at this point. User base is too large and it handles it relatively well.

                  Apple does it.

                  Again, I have yet to see proofs of iMessage using e2e for group chats. Rather, things I read suggest the opposite.

                  It’s on iMessage wiki and on the first page that comes up when you Google it:

                  We designed iMessage to use end-to-end encryption, so there’s no way for Apple to decrypt the content of your conversations when they are in transit between devices. Attachments you send over iMessage (such as photos or videos) are encrypted so that no one but the sender and receiver(s) can access them. These encrypted attachments may be uploaded to Apple. To improve performance, your device may automatically upload attachments to Apple while you are composing an iMessage. If your message isn’t sent, the attachments are deleted from the server after 30 days. When a passcode or password is set on your iOS, iPadOS, visionOS, or watchOS device, stored messages are encrypted on your device so that they can’t be accessed unless the device has been unlocked.

                  https://www.apple.com/legal/privacy/data/en/messages/

                  But do you have sources that proof that Apple is lying?

                  Though if your only concern is privacy better don’t use the internet in the first place.

                  Nah, I will just use services that use e2e encryption for my private conversations. There are plenty of services that do that, not just Signal. But if you want to use a service that require access to your private conversations, you are free to do that. But why use a sketchy service with headquarters in Dubai that is like “trust us bro, we need access to your private conversations for totally legit technical cloud reasons, we totally wont look or share that information with anyone, pinky promise.”

                  • @rdri
                    link
                    English
                    010 months ago

                    It’s on iMessage wiki

                    It doesn’t say it works for group chats.

                    But do you have sources that proof that Apple is lying?

                    I got some complaints from people unable to leave conversations if they have less than 3 or 4 people, which suggests there are technical differences in how they work with many people. It’s logical to suggest the switch from e2e to shared keys happens there.

                    Also no credible source suggests what you suggest

                    Also trusting apple is not a good thing in my book.

                    But why use a sketchy service with headquarters in Dubai that is like “trust us bro, we need access to your private conversations for totally legit technical cloud reasons, we totally wont look or share that information with anyone, pinky promise.”

                    Apple is more sketchy for me lol.

                    You choose to rely on a service’s promise that it doesn’t host your data. I prefer relying on my experience which says dangers from individuals and conversations are more grave and more likely to be triggered than dangers from services those are being hosted on. I can’t imagine anyone would benefit from spending time on reading or processing my conversations anyway. My messages can get long and it’s not optimal for my devices to spend resources on constantly re-encrypting them for every chat member.