• Hot Saucerman@lemmy.ml
    link
    fedilink
    English
    arrow-up
    74
    ·
    edit-2
    1 year ago

    If you trust Telegram you're naive. Here is a great breakdown earlier this year from Kaspersky.

    https://usa.kaspersky.com/blog/telegram-why-nobody-uses-secret-chats/27662/

    Signal isn't perfect either, but their mistakes are far less egregious. They also have removed some of the more egregious mistakes, like needing a phone number (edit: incorrect, see below) or google play services to function. It can be run on a device without Google Play Services because it only uses Google Play Services for push notifications.

      • Hot Saucerman@lemmy.ml
        link
        fedilink
        English
        arrow-up
        9
        ·
        1 year ago

        Earlier this year. It no longer functions as an SMS service and you now have a username instead. I think the changeover was in March or April.

        • quaff@lemmy.ca
          link
          fedilink
          English
          arrow-up
          22
          ·
          1 year ago

          Hm? Not sure which Signal you’re using. But it very much still requires a phone number to use. Usernames are not available just yet. There’s activity related to usernames in the GitHub repository, but no release yet.

          They did remove the ability to send and receive SMS from their Android app. That was about last year or so.

          https://signal.org/blog/sms-removal-android/

        • Rwaterhouse@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          1 year ago

          Usernames have not been released yet. When they are released, phone number will still be required for registration, but you will be able to hide it from other people on Signal.

        • plz1@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          I knew about the SMS thing (Android only), but thought they had yet to release user names as a feature. I see no settings related to user names on iOS. The SMS retirement was to remove the ability to use Signal to replace an SMS app on Android.

          • Hot Saucerman@lemmy.ml
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 year ago

            Forgive me, you're correct. I stopped using it when it dropped SMS, because I had only ever able to get people on it through SMS, but at the time had read plans about eventually dropping the phone number requirement. I mixed those things up in my head.

            From what I understand, they're fully invested in dropping the phone number requirement though, and some more googling says that they've had versions of Signal PNP (phone number privacy) running for a while now.

            You're correct, that part hasn't actually changed over yet, but it's in the works.

            • Rwaterhouse@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              ·
              1 year ago

              They do not at this time intend to drop the phone number requirement, as they see it as an anti-spam measure. Meredith Whittaker has said as much. Phone number privacy is a project independent of requiring phone number at signup, and it just prevents other users from seeing your number.

            • plz1@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              ·
              1 year ago

              It is planned, and “in the works” for at least two years at this point. It’ll happen, eventually.

            • bastion@feddit.nl
              link
              fedilink
              English
              arrow-up
              2
              ·
              1 year ago

              Hehe! I was just bitching about them dropping SMS (and a crapton of users) in another post.

              It used to be the perfect app to get people into secure messaging. Now it's just another chat app to most people, who tend to think "who really cares when you've got WhatsApp etc, that actually have users? Why would I want some obscure app on my phone? More shit to think about."

    • quaff@lemmy.ca
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 year ago

      Thanks for the article. That’s a really good breakdown for most arguments of Telegram propagandists. 🙌

      • Infiltrated_ad8271@kbin.social
        link
        fedilink
        arrow-up
        11
        ·
        1 year ago

        Are you both bots? How can anyone read that crap and say it's a great breakdown?
        It's a single widely known issue, and it can literally be summed up in one short sentence: by default it doesn't use end-to-end encrypted chats, which are also far inferior in functionality.

        I've never seen a pro-telegram propagandist, but you anti-telegram propagandists are swarming and very tiresome.

        • quaff@lemmy.ca
          link
          fedilink
          English
          arrow-up
          10
          ·
          1 year ago

          We are in a privacy community. A privacy community with a specific website that makes recommendations on messenger apps. And yet, OP is asking for an opinion on comparisons between Signal (recommended by the guide) and Telegram (which isn’t even in the guide). Why would this be necessary if they weren’t thinking Telegram could be a private and secure messenger too? Even tho it’s not recommended on privacy guides. Draw whatever conclusions you want to fit your own world view. But just because others do so differently, doesn’t mean they’re bots. That’s a very lazy way to view the world. And that is also just my opinion. If you wanted to discuss the points of the article, I’m down. But if you’re coming in here to be reductive because you have a differing opinion, then this is all I’m going to be saying to you.

          • Hot Saucerman@lemmy.ml
            link
            fedilink
            English
            arrow-up
            4
            ·
            1 year ago

            I guess it's too hard to consider real people with real opinions might populate a niche website with small userbase and an active anti-advertising attitude.

            I guess it's also too hard to just look at an account and decide if it seems spammy or if it seems like a real person, and easier to just cast aspersions because they… annoyed you?

            Anyway, thanks for standing up for us both.

        • bastion@feddit.nl
          link
          fedilink
          English
          arrow-up
          7
          ·
          1 year ago

          lol.

          • post asks which app is preferred
          • a clear winner with lots of reasons why emerges
          • "propagandists!"

          I dislike Signal because of the abandonment of SMS as an option. Without that, it's on par with (not really ahead of) most other secure messengers. Session is pretty decent, and I am curious if SimpleX will take off.

          Anyways. Not a Session fanboy by any means, but I cam still see that (given the two options asked about) session is the clear winner. But your take on this all is hilarious.

            • bastion@feddit.nl
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              Two reasons:

              • it's not simply the fact that SMS is gone, it's also the administrative decision that caused that. Session will likely have some gaffes administratively as they get larger, but for now, I don't know of any I particularly dislike.
              • Session has greater anonymity.
              • Ghazi@mastodon.tn
                link
                fedilink
                arrow-up
                0
                ·
                1 year ago

                @bastion Anonymity is useful, sure. But if you're going to use an IM app like the majority of people do, you're going to use it to contact friends and family, which means that the account isn't anonymous.

                You should also know that Session lacks forward secrecy (a very important feature imo).

                • bastion@feddit.nl
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  1 year ago

                  True. And although perfect forward secrecy isn't a huge deal, it is potentially useful, if (for example) you have the encrypted messages backed up, then deleted from your phone, and someone gets access to both your backup and secret key (somehow).

                  If a hacker had access to the private long-term key, though, odds are extremely high that they have access to the message database of decrypted messages that signal keeps around to show your history - so kinda moot at that point. There are some useful niche cases for it, though.

                  Not a dealbreaker for my by far.

                  • Ghazi@mastodon.tn
                    link
                    fedilink
                    arrow-up
                    0
                    ·
                    1 year ago

                    @bastion > message database of **decrypted** messages that signal keeps around to show your history

                    What are you talking about ? Where did you get this from ?

          • Infiltrated_ad8271@kbin.social
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            1 year ago

            I don't like to participate in pointless discussions, but I'll at least clarify it to avoid more silly replies.

            -I call the other user a propagandist just for using the other user's language, obviously the correct thing would be hater.
            -The article is crap and I criticize the nonsense of praising it. This is not a defense of telegram, nor being against criticizing it.
            -I called them bots in a mocking way for their conclusion to the article.

    • Oisteink@feddit.nl
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      No idea how they use GPS for push messages, but is the thing that you need to select encrypted chat and that it’s not e2ee otherwise?