Ditch Telegram for Piracy.

mastodon.social

Zack Whittaker (@zackwhittaker@mastodon.social)

Ignoring the context.

Don't pirate over Telegram, it's no longer safe in terms of privacy and legal safety.

33 comments

Meh, you never could trust them.
Group chats were NEVER encrypted, so I'm surprised that people are just now figuring out that if it's not encrypted = people can read it.
If it wasn't a 1:1 "secret chat" encrypted message, then congrats, you weren't as opsec-y as you thought you were.
- This kind of confusion illustrated by Telegram users is exactly why it was the right thing to do for privacy when Signal removed support for SMS because it's not encrypted. People still whine endlessly about it, but most users are not very savvy, and they'll assume "this app is secure" and gleefully send compromised SMS to each other. All the warnings and UI indicators that parts of the app were less secure (or not at all in the case of SMS) would be ignored by many users, resulting in an effectively more dangerous app. Signal was smart to remove those insecure features entirely.
  
  Yeah. You can't offer a half-secure and half-private platform and expect your average person to be able to figure out which half is which, which leads to crazy misconceptions, misunderstandings, and ultimately just a bunch of wrong and misleading information being passed around.
  I'd argue, though, that Telegram probably did this on purpose, and profited GREATLY from being obtuse and misleading.
- That's why I stopped using it. They require a phone number, phone numbers require kyc with an ID around here, and there's just too much illegal shit on there.
  It's of course possible to get a more pseudonymous experience, but honestly, what they offer isn't worth the hastle.
Telegram never was private, group chats never were encrypted (and that's not an opinion: the feature simply is missing). If anything, they are just removing their false and deceiving claims. That they remained there for so long is something I can't wrap my head around.
- They were cutting files in smaller parts and spreading over multiple locations and countries. At least that was the claim in the early days, so anything illegal would require lawyers on many jurisdictions sending the same letter (e.g. DMCA takedown)
  Ironically, it did work but now that Durov is in jail channel admins would do good to take precautions.
What kind of system that depends on centralized servers can ever be secure from government snooping?
That kind of architecture is completely hopeless in that regard.
Is a encrypted, distributed, P2P architecture realistic though?
- XMPP with the OMEMO extension is close, no? While Matrix isn't distributed, it is decentralised like Lemmy and Mastodon, and E2EE by default. That could be the closest thing to what you mean?
  
  I'd argue XMPP is less ideal than Matrix because groups are located on a single server, which makes them easier to take down than Matrix' replicated state.
  Running any P2P/decentralized protocol over I2P seems to be the best for privacy and censorship-resistance. I2P already works great for torrents, except for it's speed and lack of users/seeders.
  @zabadho@ani.social
  The problem always comes down to usability and barrier to entry. Telegram is popular because it's great to use, and doesn't moderate much. More private services rarely (never?) reach the level of usability most people expect, often simply because of it's architecture.
Telegram was never safe. All anyone ever had was their word that some chats are end-to-end encrypted.
After their CEO being detained and arrested in France because of the illegal activity on his platform, it was a matter of time.
- The guy has a history of making something that looks good and then selling it to governments. I'm surprised people took the bait for the second time.
  
  Could I ask what the first time was?
They could turn on end to end encryption and the fact that they aren't doing that is telling imo.
Every time something like this gets posted a bunch of snobby elitist types come out to point and laugh and talk about how obvious it is that the thing wasn't safe. Well what is? What's the special secret you're keeping from everyone else? If you don't have one to share, STFU with the smarmy attitudes.
Can someone start a Signal group? That's encrypted and safe for sure. You can use usernames and have public groups.
Anti Commercial-AI license
- The best way would be using SimpleX do doing such stuff
Signal is not better than matrix in any way... or xmpp
- Xmpp is not encrypted. So sorry but without that, your sentence makes no sense at all.
  
  Have you seen an XMPP setup these days that doesn't have installed all the extra stuff to allow encryption, voice and a lot of other bells and whistles?
  
  I had no idea XMPP wasn't encrypted, JFC that's garbage
- Why do you say Signal is no better?
  Edit: misread as comparing to telegram, not matrix.
  
  Signal being centralized just ruins it compared to matrix.
But if you just interact with the channel and just download isn't it ok? I mean I ain't hosting it. Or you reckon even users might get in trouble depending on your country?

33 comments