Ignoring the context.

Don’t pirate over Telegram, it’s no longer safe in terms of privacy and legal safety.

  • schizo@forum.uncomfortable.business
    link
    fedilink
    English
    arrow-up
    3
    ·
    2 months ago

    Meh, you never could trust them.

    Group chats were NEVER encrypted, so I’m surprised that people are just now figuring out that if it’s not encrypted = people can read it.

    If it wasn’t a 1:1 “secret chat” encrypted message, then congrats, you weren’t as opsec-y as you thought you were.

    • Luke@lemmy.ml
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 months ago

      This kind of confusion illustrated by Telegram users is exactly why it was the right thing to do for privacy when Signal removed support for SMS because it’s not encrypted. People still whine endlessly about it, but most users are not very savvy, and they’ll assume “this app is secure” and gleefully send compromised SMS to each other. All the warnings and UI indicators that parts of the app were less secure (or not at all in the case of SMS) would be ignored by many users, resulting in an effectively more dangerous app. Signal was smart to remove those insecure features entirely.

  • JokeDeity@lemm.ee
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 months ago

    Every time something like this gets posted a bunch of snobby elitist types come out to point and laugh and talk about how obvious it is that the thing wasn’t safe. Well what is? What’s the special secret you’re keeping from everyone else? If you don’t have one to share, STFU with the smarmy attitudes.

  • u_tamtam@programming.dev
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 months ago

    Telegram never was private, group chats never were encrypted (and that’s not an opinion: the feature simply is missing). If anything, they are just removing their false and deceiving claims. That they remained there for so long is something I can’t wrap my head around.

  • zabadoh@ani.social
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 months ago

    What kind of system that depends on centralized servers can ever be secure from government snooping?

    That kind of architecture is completely hopeless in that regard.

    Is a encrypted, distributed, P2P architecture realistic though?

    • Fonzie!@ttrpg.network
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 months ago

      XMPP with the OMEMO extension is close, no? While Matrix isn’t distributed, it is decentralised like Lemmy and Mastodon, and E2EE by default. That could be the closest thing to what you mean?

      • Chewy@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 months ago

        I’d argue XMPP is less ideal than Matrix because groups are located on a single server, which makes them easier to take down than Matrix’ replicated state.

        Running any P2P/decentralized protocol over I2P seems to be the best for privacy and censorship-resistance. I2P already works great for torrents, except for it’s speed and lack of users/seeders.

        @zabadho@ani.social

        The problem always comes down to usability and barrier to entry. Telegram is popular because it’s great to use, and doesn’t moderate much. More private services rarely (never?) reach the level of usability most people expect, often simply because of it’s architecture.

        • zabadoh@ani.social
          link
          fedilink
          English
          arrow-up
          0
          ·
          2 months ago

          I just signed up for Matrix because you mentioned it.

          I installed the Element front end, because that seems to be the most popular.

          It looks like IRC, which is fine if that’s all you need.

          It also appears that anything beyond text has to be hotlinked, which is understandable, given that the amount of data transmitted for redundancy between home servers is exponential with the number of home servers.

          Really very similar to Lemmy, where the identity of each group is tied to a particular server, e.g. lemmy has !anime@ani.social but Matrix has #anime:matrix.org

          So what happens if matrix.org goes away or decides the server admin wants to be hostile to #anime?

          • Chewy@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            2 months ago

            Really very similar to Lemmy, where the identity of each group is tied to a particular server, e.g. lemmy has !anime@ani.social but Matrix has #anime:matrix.org

            So what happens if matrix.org goes away or decides the server admin wants to be hostile to #anime?

            A matrix room can have multiple identities/adresses set by the room admin. E.g. the admin of !anime:matrix.org could add another adress for the same room on !anime:myanime.instance. Because the room is replicated on all other participating servers, this would let the room continue to exist on the network (besides all matrix.org users not being able to access it).

            Matrix does have a single “room id” per room, which looks like it gives the original creating home server more rights, which it does not. E.g. !ehXvUhWNASUkSLvAGP:matrix.org

            Any server admin does not have any more rights over a room than another server admin. They can ban the room for their local users, but this does not stop federation as a whole.

            [1] https://github.com/element-hq/element-meta/issues/419
            [2] https://app.element.io/#/room/#synapse:matrix.org/$htJmba92wLTP9AoFg4eEWi9IXpgwvXr6G9Sa-kBsNNs
            [3] https://matrix-org.github.io/synapse/latest/admin_api/rooms.html#delete-room-api

            It also appears that anything beyond text has to be hotlinked […]

            Matrix allows for media to be hotlinked, but it can also be replicated across servers.

            I.e. if I send an image in a room and look at the source (available on many web clients), the image url looks like the following "url": "mxc://matrix.org/qGgUKuZuHcRsWAhSfqKnmtiX". The actual image (and preview) then gets fetched by your server from my server [4], and then gets send to your client.

            It’s important to note that a server isn’t required to download all media. If a user does not read a room, it might not download the media from another server, until the user actually wants to view it (or rather that part of the room history). Or a server admin might clean up the media store to free up space.

            [4] https://matrix.org/docs/spec-guides/authed-media-servers/

            @JackbyDev@programming.dev