Should I stop using Telegram?
Should I stop using Telegram?
I'm from Mexico, and the most used chat application is WhatsApp. It's used for EVERYTHING. I use Telegram only for contacting my family members (both my parents and my brother). They also use it only for this family chat. All my (and their) contacts use WhatsApp instead.
Now with the news that Telegram will collaborate with Twitter, I feel that I should delete it. Not that Zuck is any better than Musk, but still...
Also I don't think it's worth the effort to teach my parents yet another messaging app, like signal.
Collaborating with Xitter is not the most distasteful thing Telegram has done. Its marketing model has been to consistently lie to people about being encrypted when that's only true in very limited cases. It has also catered to criminals by attempting to make it difficult to comply with legal demands for information, while holding that information for its own purposes.
Signal, on the other hand is always encrypted and does its best to hold as little information about users as possible.
Also I don’t think it’s worth the effort to teach my parents yet another messaging app, like signal.
What is there to learn? Every popular messaging app has pretty much the same UI.
Isn't it good for a communication company to be noncompliant with people's conversations?
It usually wasn't conversations that were at issue. People would engage in criminals acts, such as trading child sexual abuse media in large unencrypted group chats. Law enforcement would find links to those chats, join them, and observe criminal acts, leading to court orders to Telegram to disclose whatever identifying information it had about the offenders, such as phone numbers and IP addresses.
Telegram intentionally split storage of that kind of information across jurisdictions that do not cooperate so that it was effectively impossible to obtain orders for all of them. They bragged their marketing materials that they have never complied with a court order for user information. Taken as a whole, I see that as intentionally facilitating child abuse.
Signal's approach is pretty much the inverse; rather than hoard data about users and shield people they know have done evil, Signal has ensured that it does not know the contents of any conversation, nor anything about users other than when they created the account and most recently accessed it.
there's no learning curve with Signal, it's almost exactly like whatsapp.
but how to find groups?
For public groups you probably want something like Matrix.org instead. Also open source, also supports E2E encryption
There's a search bar which will filter your conversations, and you can create a new group with new message (pen icon) ->new group
Can you use signal?
I'd take Telegram over WhatsApp as I find Telegram, ignoring privacy concerns, is an excellent messenger. Much better than WhatsApp
But, Signal's pretty great.
I hate Facebook but isn't WhatsApp end to end encrypted by default? I know telegram is not.
Yes, but it's not open source and it's Meta so I don't have a lot of trust there. Plus you can always just activate the Secret Chat feature on Telegram for E2E encryption that I'd just more than WhatsApp's.
End to end encrypted doesn't mean they don't potentially store a copy of the keys somewhere. With proprietary software, you never know what it's actually doing since you can't verify the code does what it says on the tin.
facebook bought it for billions, they gotta recover the money somehow?
Switch to Signal. It's not like there's anything to learn, the UI isn't all that different from WhatsApp
I've heard good things about Signal, maybe try that?
Telegram was developed by Russians and HQ is in United Arab Emirates. They have always been sketchy af.
Telegram's owners are at odds with the Russian government though, hence the move to another country.
There's plenty of problems with Telegram without having to resort to Russophobia already.For example their chats aren't even E2E-encrypted by default and afaik there's no way to have encrypted group chats either.
If you get rid of Telegran, at least you'd only have one shitty messenger instead of two.
Also I don’t think it’s worth the effort to teach my parents yet another messaging app, like signal.
My friend, just set up Signal on their phones, put it in place of the Telegram app and watch them not even notice anything changed.
Not if they're the kind of users my parents are. An update moves a button from the bottom-left to the bottom-right and suddenly "the app you gave me is broken again".
Also, don't sneak-change things on other people's phones.
Here’s another comment endorsing Signal.
I really distrust telegram. There are some many dark patterns around it and the server is closed source so I'd say the distrust is very well deserved.
has there been cases where telegram chat been leaked/compromised?
Many. One particularly awful case is how at the beginning of ruzi invasion of Ukraine a lot several Russian resistance figures were compromised through Telegram due to it using phone numbers for security which are incredibly insecure and needless to say in control of the government.
I personally avoid telegram for anything sensitive or personal. Because there is no end to end encryption. You should move to Signal.
I’ve been all in on telegram for some time now. Signal just doesn’t feel like it’s iterating fast enough. Few years ago, telegram was blazing through and signal was just a disgusting UI meant to make you feel good that you’re using encryption. That has changed.
The xAI news is a pretty big nail in the coffin. But literally every other alternative is shit. WhatsApp is fully owned and definitely farmed by Zuck for data. Their claims of encryption have eroded by everything they’ve done in AI.
Signal is definitely said to be encrypted. But you can bet there’s a back door in there. Specially with all the recent scrutiny on it in the news, hackers are figuring out ways in.
What’s even left to use?
Sorry, don’t have a solution for you. But the world is ready for another messenger - one that actually cares about people and brings features that people like. Heck, I’ll even pay for it, just like I’ve been paying for telegram.
As someone who actually works in a security conscious environment, there is no and never will be perfect security. All you can do is layers.
Think of it as two perpetually competing things: effort and motivaion. One is your security, the other is how valuable your data is for hackers, companies or an overmilitarized government (eg any developed nation).
If you're dealing in highly illegal stuff, you will likely get all the attention, which you'd need to be paranoid about. In our current politics its fair to say being for human rights can come near that soon. In average circumstances, only data brokers and other capitalists will try to attach to your data which in turn leak it to the government without a warrant btw.
Security layers work like this: you build individual layers of independent security measures which might be breached but only reveal the next layer which slows down any attacker. Think front door, room door, safe. The important detail is that you don't put all the keys under the front door mat.
Example: you should (obviously) not post your address, bank account, email, etc on the public web. Its not much but doing that you would absolutely not need to care because you're already sharing it for free and will likely be ruined soon.
Then you might want to be selective of your tools. Messaging, data storage (ie cloud), AI, social media. Posting pictures of you and your family on vacation or at home for everyone to see is just asking for brokers to gobble it up.
In private messaging, the word private is very relative. On certain phones, the phone itself reads your screen and tries to suggest things based on the messages you write. On that base, you really dont need to bother about anything other than the script kiddie on the starbucks wifi. You can bet that the phone will share that info if you let it.
So if you need actual privacy because you might say something that isnt exactly legal but not highly illegal as to warrant busting down your door: you might want to switch OSs first on both your phone and computers. It's not perfect but running mint and lineageos (or graphene) you at least dont have the monopolist on data collection directly embedded in your phone. Apples ios does read your screen last i checked so they're out if you want privacy.
Then you can bother about a messaging app. Meta is out. Forget it. Signal is what most people with privacy needs use since it is easy, open source, provided by a nonprofit. The biggest issues are that it is centralized so technically they could be taken down or maybe implement a backdoored encryption. But at that point most efforts will be for naught so lets assume that is not the case for now.
People with technical interests use matrix, which is also used by the german military, decentralized and rather popular in some countries. It's not perfect either since the metadata still leak afaik which means someone can try to identify you and guess your texts in some cases. But of course it is insanely different from whatsapp in terms of control and probability of a breach through meta.
You can use a variety of other messaging apps like simplex chat or even decentralized wireless communication like meshtastic. Its literally impossible to know all the different avenues you can take. So that at least makes it fucking complicated to get all your data, provided you dont back it up on icloud or google. You can even route your messages through hybrid networks of wireless and wired networks if you wish.
Then of course you can pack it all inside a vpn which will depend on your strategy and maybe vendor. Just vpning home helps to make your messages very hard to decrypt at the starbucks but if someone listens on your isp, they can still see who you might be communicating with.
Then there is the matter of google services and push notifications. If you want real privacy, you dont use google services at all and either a privacy concious provider or even nothing. That would mean no outside notifications and only regular or manual checks.
Well said! I’ll add that OP should consider their “threat model”, that is, who you’re trying to defend against.
Different attackers may require different defenses. Your comment about security in layers is apt here.
French gov also uses a matrix fork
As for WhatsApp, it's true that being Meta they collect everything they can, mostly metadata, but don't they still implement the same end-to-end encryption as Signal? So, at least the actual content is your messages and calls should be truly private, i.e. out of reach even of Meta (and let's say, all of this using a phone with no google e.g. graphene or lineage or calyxos). Please correct me if I'm wrong.
Specially with all the recent scrutiny on it in the news, hackers are figuring out ways in.
I'm assuming you mean the US gov't debacle? It's already been proven that they were using a fork, not the genuine Signal app. The fork was built with a back door. As far as I'm aware (and please correct me if I'm wrong) Signal has yet to be hacked and is currently among the most secure options.
It's almost like the US gov't might benefit from convincing its citizens that the fully encrypted messaging app is dangerous so they should just go back to Whatsapp and Telegram.
BS. The US govt actively tells people to use Signal. Take what you will from that.
And there was a recent report about groups and QR codes. And another about CDN. Look em up.
Signal just doesn’t feel like it’s iterating fast enough.
Development is always a lot harder when you need to consider all the privacy aspects. When you don't, you can be Telegram and give fancy features real fast.
you can bet there’s a back door in there
I mean you can educate yourself about cryptography and find the "backdoor", the source code is out there for both the server and the client. And I assure you there are a lot of people in academia who would love to do that and get lots of citations, but no one has ever done so, so maybe there is none? That is if we don't consider all the security audit commisioned by Signal itself on its app/server.
Despite being in the hands of the zuck, whatsapp is more private and secure than telegram, and not because of any collaboration with X/twitter, it's been that way forever... so go ahead and use it (but if you can, signal is even better on that front).
WhatsApp is more secure by design, but one suspects that Meta is up to something. But I suppose to whatever extent it's possible to trust Meta, they are nonetheless likely a better guarantor of your security than Telegram is
Meta don't need to see your chats to get a lot of value out of WhatsApp.
They can see who you message (the phone number) and from there they can probably ~90% of the time identify who that person is via Facebook/Instagram databases. They can see who you message when, and how often you message them, and what time of day you send and recieve messages - all of that is very valuable to help them create an advertising profile for you.
Exactly
If you care about these things best would be to use a chat application like Jami which won't end up like WhatsApp.
Threema. And don’t forget, real privacy and security, with centralized services, is never free. The app is tested by third party and is open source. And, you don’t have to share your phone number, unlike with Signal.
You no longer have to share your phone number in signal. They added a unique user identifier a while ago that you can share to add new contacts. This is not permanent by the way, you can change this user identifier anytime.
You could use Delta Chat if you wanted...
the email binder?
It has a large Spanish speaking community too
Element is ideal but no one uses it, Signal is still good and mostly similar to WhatsApp so easy to adopt. Telegram is utter garbage, bin it immediately in favour of one of the two above. Even if you swap it for WhatsApp it would be better than keeping Telegram.
If you're familiar in any capacity with self hosted tech. Id suggest checking out matrix servers. I setup one for family and friends a few months back. Currently it's only running on a 2 core 8 gig ram vps with around 15 regular users, and ticks over fine. It's routinely used as a phone chat client like WhatsApp, as well as for voice channels instead of discord.
You can utilise multiple different clients; but I would suggest element, as they're the closest to WhatsApp, and therefore the easiest for people to adopt. (Afaik, it's the only matrix client with voice & video call support too).
Matrix servers run on the concept of decentralised federated servers, with the idea that as the technology expands, admins can federate with other matrix servers and allow cross communication (in much the same way the fediverse works).
No.
I downloaded telegram about a year ago when I first heard about it. There is a feature to find and talk to people in the same area as me. It was all just escorts with nudes as their profile pics. I'm honestly surprised Google and Apple allowed it on their stores.