Are you both bots? How can anyone read that crap and say it's a great breakdown?
It's a single widely known issue, and it can literally be summed up in one short sentence: by default it doesn't use end-to-end encrypted chats, which are also far inferior in functionality.
I've never seen a pro-telegram propagandist, but you anti-telegram propagandists are swarming and very tiresome.
We are in a privacy community. A privacy community with a specific website that makes recommendations on messenger apps. And yet, OP is asking for an opinion on comparisons between Signal (recommended by the guide) and Telegram (which isn’t even in the guide). Why would this be necessary if they weren’t thinking Telegram could be a private and secure messenger too? Even tho it’s not recommended on privacy guides. Draw whatever conclusions you want to fit your own world view. But just because others do so differently, doesn’t mean they’re bots. That’s a very lazy way to view the world. And that is also just my opinion. If you wanted to discuss the points of the article, I’m down. But if you’re coming in here to be reductive because you have a differing opinion, then this is all I’m going to be saying to you.
I guess it's too hard to consider real people with real opinions might populate a niche website with small userbase and an active anti-advertising attitude.
I guess it's also too hard to just look at an account and decide if it seems spammy or if it seems like a real person, and easier to just cast aspersions because they… annoyed you?
I dislike Signal because of the abandonment of SMS as an option. Without that, it's on par with (not really ahead of) most other secure messengers. Session is pretty decent, and I am curious if SimpleX will take off.
Anyways. Not a Session fanboy by any means, but I cam still see that (given the two options asked about) session is the clear winner. But your take on this all is hilarious.
it's not simply the fact that SMS is gone, it's also the administrative decision that caused that. Session will likely have some gaffes administratively as they get larger, but for now, I don't know of any I particularly dislike.
@bastion Anonymity is useful, sure. But if you're going to use an IM app like the majority of people do, you're going to use it to contact friends and family, which means that the account isn't anonymous.
You should also know that Session lacks forward secrecy (a very important feature imo).
True. And although perfect forward secrecy isn't a huge deal, it is potentially useful, if (for example) you have the encrypted messages backed up, then deleted from your phone, and someone gets access to both your backup and secret key (somehow).
If a hacker had access to the private long-term key, though, odds are extremely high that they have access to the message database of decrypted messages that signal keeps around to show your history - so kinda moot at that point. There are some useful niche cases for it, though.
There's a physical necessity to keep all of the information necessary to decrypt messages in the app's folder.
Anything the signal app shows you can also be seen by an app with access to Signal's data on that device. This is true of any E2E encrypted messenger service.
Of course, this is disallowed by the OS, but if you have physical access to that device, you have and can access that data. That includes the database of all of your messages on that device, and the key to decrypt them.
PFS prevents someone using the key your device has on it from decrypting earlier cyphertexts. But if they have access to that key, they almost inevitably also have access to the database that signal keeps all of your messages in.
Thus PFS only works in practice if you delete the data from both the sending and receiving devices. PFS is useful, but it's usefulness is fairly limited in typical scenarios. But, if someone sniffed the cyphertext and then you read the message and deleted it/had disappearing messages on, and they later hacked your phone and got the key, you'd be safe and they couldn't decrypt the cyphertext they'd sniffed earlier.
It's just… …it's a really niche scenario, and most people (except the very paranoid) aren't regularly deleting every message.
I don't like to participate in pointless discussions, but I'll at least clarify it to avoid more silly replies.
-I call the other user a propagandist just for using the other user's language, obviously the correct thing would be hater.
-The article is crap and I criticize the nonsense of praising it. This is not a defense of telegram, nor being against criticizing it.
-I called them bots in a mocking way for their conclusion to the article.
Are you both bots? How can anyone read that crap and say it's a great breakdown?
It's a single widely known issue, and it can literally be summed up in one short sentence: by default it doesn't use end-to-end encrypted chats, which are also far inferior in functionality.
I've never seen a pro-telegram propagandist, but you anti-telegram propagandists are swarming and very tiresome.
We are in a privacy community. A privacy community with a specific website that makes recommendations on messenger apps. And yet, OP is asking for an opinion on comparisons between Signal (recommended by the guide) and Telegram (which isn’t even in the guide). Why would this be necessary if they weren’t thinking Telegram could be a private and secure messenger too? Even tho it’s not recommended on privacy guides. Draw whatever conclusions you want to fit your own world view. But just because others do so differently, doesn’t mean they’re bots. That’s a very lazy way to view the world. And that is also just my opinion. If you wanted to discuss the points of the article, I’m down. But if you’re coming in here to be reductive because you have a differing opinion, then this is all I’m going to be saying to you.
I guess it's too hard to consider real people with real opinions might populate a niche website with small userbase and an active anti-advertising attitude.
I guess it's also too hard to just look at an account and decide if it seems spammy or if it seems like a real person, and easier to just cast aspersions because they… annoyed you?
Anyway, thanks for standing up for us both.
lol.
I dislike Signal because of the abandonment of SMS as an option. Without that, it's on par with (not really ahead of) most other secure messengers. Session is pretty decent, and I am curious if SimpleX will take off.
Anyways. Not a Session fanboy by any means, but I cam still see that (given the two options asked about) session is the clear winner. But your take on this all is hilarious.
@bastion @Infiltrated_ad8271 But Session doesn't support SMS too. Why do you consider it superior if that's the reason you dislike Signal ?
Two reasons:
@bastion Anonymity is useful, sure. But if you're going to use an IM app like the majority of people do, you're going to use it to contact friends and family, which means that the account isn't anonymous.
You should also know that Session lacks forward secrecy (a very important feature imo).
True. And although perfect forward secrecy isn't a huge deal, it is potentially useful, if (for example) you have the encrypted messages backed up, then deleted from your phone, and someone gets access to both your backup and secret key (somehow).
If a hacker had access to the private long-term key, though, odds are extremely high that they have access to the message database of decrypted messages that signal keeps around to show your history - so kinda moot at that point. There are some useful niche cases for it, though.
Not a dealbreaker for my by far.
@bastion > message database of **decrypted** messages that signal keeps around to show your history
What are you talking about ? Where did you get this from ?
There's a physical necessity to keep all of the information necessary to decrypt messages in the app's folder.
Anything the signal app shows you can also be seen by an app with access to Signal's data on that device. This is true of any E2E encrypted messenger service.
Of course, this is disallowed by the OS, but if you have physical access to that device, you have and can access that data. That includes the database of all of your messages on that device, and the key to decrypt them.
PFS prevents someone using the key your device has on it from decrypting earlier cyphertexts. But if they have access to that key, they almost inevitably also have access to the database that signal keeps all of your messages in.
Thus PFS only works in practice if you delete the data from both the sending and receiving devices. PFS is useful, but it's usefulness is fairly limited in typical scenarios. But, if someone sniffed the cyphertext and then you read the message and deleted it/had disappearing messages on, and they later hacked your phone and got the key, you'd be safe and they couldn't decrypt the cyphertext they'd sniffed earlier.
It's just… …it's a really niche scenario, and most people (except the very paranoid) aren't regularly deleting every message.
I don't like to participate in pointless discussions, but I'll at least clarify it to avoid more silly replies.
-I call the other user a propagandist just for using the other user's language, obviously the correct thing would be hater.
-The article is crap and I criticize the nonsense of praising it. This is not a defense of telegram, nor being against criticizing it.
-I called them bots in a mocking way for their conclusion to the article.