Ignoring the context.
Don’t pirate over Telegram, it’s no longer safe in terms of privacy and legal safety.
Meh, you never could trust them.
Group chats were NEVER encrypted, so I’m surprised that people are just now figuring out that if it’s not encrypted = people can read it.
If it wasn’t a 1:1 “secret chat” encrypted message, then congrats, you weren’t as opsec-y as you thought you were.
That’s why I stopped using it. They require a phone number, phone numbers require kyc with an ID around here, and there’s just too much illegal shit on there.
It’s of course possible to get a more pseudonymous experience, but honestly, what they offer isn’t worth the hastle.
Every time something like this gets posted a bunch of snobby elitist types come out to point and laugh and talk about how obvious it is that the thing wasn’t safe. Well what is? What’s the special secret you’re keeping from everyone else? If you don’t have one to share, STFU with the smarmy attitudes.
Telegram never was private, group chats never were encrypted (and that’s not an opinion: the feature simply is missing). If anything, they are just removing their false and deceiving claims. That they remained there for so long is something I can’t wrap my head around.
They were cutting files in smaller parts and spreading over multiple locations and countries. At least that was the claim in the early days, so anything illegal would require lawyers on many jurisdictions sending the same letter (e.g. DMCA takedown)
Ironically, it did work but now that Durov is in jail channel admins would do good to take precautions.
Telegram was never safe. All anyone ever had was their word that some chats are end-to-end encrypted.
What kind of system that depends on centralized servers can ever be secure from government snooping?
That kind of architecture is completely hopeless in that regard.
Is a encrypted, distributed, P2P architecture realistic though?
XMPP with the OMEMO extension is close, no? While Matrix isn’t distributed, it is decentralised like Lemmy and Mastodon, and E2EE by default. That could be the closest thing to what you mean?
I’d argue XMPP is less ideal than Matrix because groups are located on a single server, which makes them easier to take down than Matrix’ replicated state.
Running any P2P/decentralized protocol over I2P seems to be the best for privacy and censorship-resistance. I2P already works great for torrents, except for it’s speed and lack of users/seeders.
@zabadho@ani.social
The problem always comes down to usability and barrier to entry. Telegram is popular because it’s great to use, and doesn’t moderate much. More private services rarely (never?) reach the level of usability most people expect, often simply because of it’s architecture.
I’d argue XMPP is less ideal than Matrix because groups are located on a single server, which makes them easier to take down than Matrix’ replicated state.
That is true, but it’s never been a problem in my relatively long experience with XMPP: some server software can be used as a cluster and distributed, making it highly available (basically, the whole of WhatsApp runs on a fork of ejabberd), and the comparatively tiny resource usage of XMPP contributes to its stability.
XMPP does have a spec for F-MUC (distributed rooms somewhat like Matrix, many years before Matrix) and my rationale as to why it never picked up despite a whole decade of “competition” from Matrix is that it’s a problem that just doesn’t need solving. The price to pay for it is hefty: Matrix resource usage (bandwidth, CPU, RAM) is insane, its protocol complexity makes it a single-vendor implementation (which is risky on very practical grounds), and it’s not even bulletproof for the niche use-case it set to tackle: in the end, your identity server on Matrix remains centralized.
You can tell that I’m partial to XMPP, but that’s only after having been a service operator for years, with my original expectations largely favouring Matrix.
I just signed up for Matrix because you mentioned it.
I installed the Element front end, because that seems to be the most popular.
It looks like IRC, which is fine if that’s all you need.
It also appears that anything beyond text has to be hotlinked, which is understandable, given that the amount of data transmitted for redundancy between home servers is exponential with the number of home servers.
Really very similar to Lemmy, where the identity of each group is tied to a particular server, e.g. lemmy has !anime@ani.social but Matrix has #anime:matrix.org
So what happens if matrix.org goes away or decides the server admin wants to be hostile to #anime?
Really very similar to Lemmy, where the identity of each group is tied to a particular server, e.g. lemmy has !anime@ani.social but Matrix has #anime:matrix.org
So what happens if matrix.org goes away or decides the server admin wants to be hostile to #anime?
Same thing that happens when a Lemmy instance goes away, right?
thats a possibility, that is why either you sign up with a provider you trust or run your own server. that is the appeal of distributed network.
What kind of system that depends on centralized servers can ever be secure from government snooping?
With properly implemented E2EE it can be less of a problem because at least the message content isn’t readable to them. Metadata though
Telegram has NEVER been safe and private.
Evidently it was.
Encryption shmencryption, there was a reason people used TG and not WhatsApp and it’s because the former just very clearly doesn’t glow and it’s why Durov was arrested and not Zuckerberg. The technicals are only a part of it, the politics are arguably far more a part of it.
I wonder how many terrorist (and “terrorist”) plots that were foiled were from compromised telegram messages. How many Ukrainian airstrikes were called from similar sources. My gut says a whole lot more than people think. Since nothing is encrypted, one backdoor is all the NSA needs to read everyone’s group messages. Like the much lamer version of Crypto AG, because in this case it’s an open secret.
Why would they go through all the trouble when they could simply join the channels by posing as people who belong?
After their CEO being detained and arrested in France because of the illegal activity on his platform, it was a matter of time.
The guy has a history of making something that looks good and then selling it to governments. I’m surprised people took the bait for the second time.
Could I ask what the first time was?
As some people poined out, I was talking about VK. A Russian social network that ended up in the claws of Russian government, which in turn ended up in massive political repressions of it’s userbase for posting “wrong” things.
He then made Telegram and used Russian government’s attempts to block it as a PR campaign. I guess that’s what made it so appealing at first, but now French government stepped in and we are going all over again.
They could turn on end to end encryption and the fact that they aren’t doing that is telling imo.
I think a invite only matrix server would do the trick, and better than signal, they don’t want large groups.
Can someone start a Signal group? That’s encrypted and safe for sure. You can use usernames and have public groups.
Signal is not better than matrix in any way… or xmpp
Xmpp is not encrypted. So sorry but without that, your sentence makes no sense at all.
Have you seen an XMPP setup these days that doesn’t have installed all the extra stuff to allow encryption, voice and a lot of other bells and whistles?
I had no idea XMPP wasn’t encrypted, JFC that’s garbage
I mean you can (client side). But the protocol is agnostic of any encryption.
Why do you say Signal is no better?
Edit: misread as comparing to telegram, not matrix.
Signal being centralized just ruins it compared to matrix.
But if you just interact with the channel and just download isn’t it ok? I mean I ain’t hosting it. Or you reckon even users might get in trouble depending on your country?
