“Telegram is not a private messenger. There’s nothing private about it. It’s the opposite. It’s a cloud messenger where every message you’ve ever sent or received is in plain text in a database that Telegram the organization controls and has access to it”
“It’s like a Russian oligarch starting an unencrypted version of WhatsApp, a pixel for pixel clone of WhatsApp. That should be kind of a difficult brand to operate. Somehow, they’ve done a really amazing job of convincing the whole world that this is an encrypted messaging app and that the founder is some kind of Russian dissident, even though he goes there once a month, the whole team lives in Russia, and their families are there.”
" What happened in France is they just chose not to respond to the subpoena. So that’s in violation of the law. And, he gets arrested in France, right? And everyone’s like, oh, France. But I think the key point is they have the data, like they can respond to the subpoenas where as Signal, for instance, doesn’t have access to the data and couldn’t respond to that same request. To me it’s very obvious that Russia would’ve had a much less polite version of that conversation with Pavel Durov and the telegram team before this moment"
That’s absurd coming from the founder of a FOSS messaging app who actively decided not to let Signal federate and rejected any other open source Signal client. Not only that, even now you can’t truly use Signal’s new “username” feature. If any of the recipients have your number stored in their phonebook, irrespective of whether you know them or not, the username goes for a toss. This was/is the problem with Telegram’s username feature. Signal knew this and still decided to go ahead with it. Not to mention never doing anything about completely removing the phone number from the account after its creation. This has been, by design, a privacy and hence safety threat, and even after the username feature was implemented, this not getting implemented is very concerning.
Why are they sitting in a sauna?
Build sauna, host interview in sauna, sauna is tax writeoff
Damn that’s brilliant.
Depending on country you may be able to subsidize only part of the sauna as a business expense if it’s a sauna at your home office, but actually hosting interviews in it would for sure help your case in claiming it to be operated for business.
I don’t know how it is in the US though.
No windows, therefore quiet, and good acoustics.
What is not mentioned… there’s no privacy when the device itself is compromised. For instance, Android phones can read and phone home data from your notifications. In that case, any messenger app wouldn’t be private from Google’s eyes.
…and once you get to “AI” with system level access that is supposed to scan for “bad content” (like with Apple’s supposed “CSAM scanning” and Google’s Android System Safety Core), all bets are off.
All of the major platforms owned by corporations (including Apple) are or will be compromised.
The only way out is degoogled Android (for now) or, better, a true Linux device.
There’s a commonly used Russian metaphor “to not see the forest behind the trees”.
What you are calling a device is in fact a system. It’s a local system, that you are carrying in your hand, but it’s functioning due to a very complex global system which is not. That device in itself is like a 1960s’ town in complexity. In itself, but there’s also the global system.
And these are a result of quite a lot of people employed by various organizations with hierarchies and dependencies. And most of the power in those organizations doesn’t want you to have privacy and autonomy as much and when you want. If you want those, you should produce your own hardware and everything above it. Or build organizations interested in your full privacy and autonomy which will do that. It’s about structure, so just creating a few of them (a goal hardly reachable in itself) with manifests saying “we want to be good” won’t change anything.
So, if you were wondering why contemporaries of Stalin’s regime were reluctant to divorce it with Marxism and call it something else, - that’s similar to this. They really wanted to believe there’s a Marxist superpower, just like some people wanted to believe Google is a good corporation, and before that some people wanted to believe Apple is a counterculture corporation, and so on. And, at various moments in time and space, in various dimensions, sometimes these were. Just like in some ways the British Empire was really bringing civilization to the world.
The more life and diversity there is, the likelier we are to have good things. That doesn’t mean we’ll ever have full privacy, full autonomy, fully civilized, peaceful and honorable world, and so on. We won’t.
I think that metaphor is quite universal because it’s also used very commonly in English and Estonian at the very least.
It’s common in Russia. It’s common a lot of places, but it’s common in Russia
But yeah, I’ve used that and the inverse depending on the context plenty of time.
Well, that something common in Russia as a metaphor is also common in Estonia wouldn’t be a surprise, but in English seems a bit less common. Anyway, that wasn’t the point of my comment.
It’s been documented to have been in use in English in the 16th century
I think it’s just so old that it’s more or less ubiquitous
As much as I’d like to favor foss and federated messenger apps, telegram isn’t as much garbage as whatsapp:
1.The client is somewhat open source and have forks like Forkgram, Materialgram and unoffical clients like Telegrand.
2. Telegram isn’t E2EE by default but at least it doesn’t lie about it and have E2EE secret chat when nessesary, that means crucial chats stay on your device and the rest stay on their database recoverable and syncable across devices.
(Yes, whatsapp supposedly is E2EE but we can’t know for sure, it’s closed-source.)
3. You can use telegram as a cloud service with only 2GB per file limit, unlike whatsapp.
(There’s even a third-party app that utilise this as a cloud gallery.)
4. Even tho telegram has ads in large channels, telegram isn’t funded by a greedy big-corp and it doesn’t datamine you, ads are based on the channel’s topic.Yes, in terms of privacy, telegram isn’t the best option, Signal, Session, XMPP, Matrix, or SimpleX have better privacy features, less linkability and E2EE by default but telegram is very mainstream and got more publicity, making it the whatsapp alternative it advertises itself as-is.
Publicity doesn’t make a better messenger app, but for what it tries to do, it’s adoptable for simple users, doubles as cloud storage and is more secure than the garbage being whatsapp.Immigrating users to different apps is a headache on it’s own, but if they know of telegram and it’s not privacy invasive, that’s not bad.
Isn’t it possible to verify WhatsApp encryption with packet sniffing?
Yes, but how would you know Meta doesn’t have a copy of your encryption key (ex: when you sign up) and keeps a copy of your encrypted messages somewhere?
AFAIK your encryption key resides as whatsapp’s data folder but since whatsapp is closed-source you can’t guarantee that whatsapp gave the encryption key to Meta’s server at some point when it was created; (or it was created on their servers and sent to your device.)One would just assume the encryption key is made on your device and never sent to Meta and all the E2EE messages aren’t kept on Meta’s server after they are sent.
Again, Meta is a company that is profiting on targeted advetising and selling user data, how would whatsapp be a free service without any profit?
Also, Here’s someone who saw their whatsapp chat used for targeted ads on them in case you have doubt.
- I can’t find a link to this but I’m sure I’ve read an article about what happens when you “report” a message someone sent to you in WhatsApp. In this case some reviewer at Meta will look at your message and determine if it violated the rules. IIRC the article talked about them most likely being added to the chat but not visible.
- There’s a recent lawsuit that shows that Meta can view your messages through internal systems: https://proton.me/blog/whatsapp-encryption-lawsuit
- Meta’s AI assistant in WhatsApp leaves more questions about privacy. How closed-off is the data used in this AI from other parts of Meta’s services?
Again, as I said, whatsapp doesn’t feel like a genuine messenger app as much as an oversimplified garbage made for tracking users on the background for profiting.
Even the deal of “giving” Llama LLMs (Meta AI) to everyone feels sketchy and look abusive the way it is pushed to users.Likewise all of meta’s services, the only catch with whatsapp that it used to be good and it’s a well-spread application, that’s why they bought it instead of improving FB’s messenger, as meta want to benefit of it’s naive userbase who think whatsapp is “As fine as ever”;
To you, publicity is nothing important and it doesn’t make a good product, to meta however, publicity is “everything” and it shall be all-time high, they have more analytical data about their userbase and have a good idea of what they would do and what decision they would take.
Yeah don’t get me wrong, I despise meta and their facade pretending WhatsApp is private. Your example is evidence but not proof but it does not mean I doubt you because it really doesn’t surprise me. Gmail likes to pretend it’s secure and private too because data in transit is supposedly encrypted but they can still just read absolutely everything in your inbox themselves
Just…
Don’t let them deceive you;If you must use deceitful software like Gmail, Whatsapp, Discord, office or whatever, just try your best not to leak your personal data on them, and if you can hinder the tracking, do so.
If you can use other (preferably FOSS) software, do so, there’s plenty of solutions out there and most of them are free, and sometimes selfhost-able.
Google, Meta, Microsoft or whatever corp can lie about security or privacy all they want, but in the end, they only fool themself thinking their monetary practices aren’t obvious and they can fool everyone, trust is a hard thing to earn and they can’t earn it with fraud.
The product mostly show itself, and you have to go around it to know what’s it’s deal, if you prefer to not do so, you can search if any security researcher or analyst did investigate the product; For example Google claims Chrome browser is “safe” and “secure” dispute them giving so much trackable APIs for websites, and having a horrable default permissions, and don’t forget the “Manifest V3” transition just to remove ads (and trackers) blockers like uBlock Origin.
You don’t need solid proof to know what is what.And then you just type " Foss Chrome Alternatives" or “Private Browsers” on a search engine like DDG where you can find many articles to help you find one (like this) and you’d be done.
Forget about ““Others”” right now, your well-being matters the most.
Why don’t we all just truly go FOSS and use matrix?
They’ve done a really amazing job of convincing the world that this is an encrypted messaging app.
This is a play on people’s naivety. It is an encrypted messaging app in as much as regular messages are encrypted between the client and the server. It’s just that this achieves nothing for the user in terms of privacy unless you can both completely trust the provider (you shouldn’t) and be confident that the back-end can’t be compromised (you can’t).
They do also have “secret chats” that are apparently E2E encrypted, but you’d be mad at this point to give them the benefit of the doubt without at least looking at independent security audits of the client.
Where I am, Telegram is mainly used by alt- and far right figures close to Russia. Facts don’t matter in these circles any more. Feelings do. And Durov knows how to manage those.
These people are foolish to use telegram, it’s just a plain-text unencrypted app. Plus there’s scams and spam all the time on telegram but not on signal.
These people are foolish for reasons far worse than just using Telegram.
Especially after Telegtam started working with authorities and handing out user / chat info.
Unlike Signal, Telegram is successful in getting people to move away from Meta’s Whatsapp.
When you build a backdoor into your “encrypted messenger” its just a surveillance app
The body language in this video is wild.
Body language of the interviewer?
No, both. The interviewer seems extra comfortable at the start but by the end they both seem on the same level. I think in a good way, not sure it’s a good method to get a read on either of them if i know my friends 😆
What about the astrological signs of the people?
I don’t understand his point about restoring your messages to a new phone. How does that prove it isn’t encrypted? Couldn’t Telegram store the encrypted data on their server, send the encrypted data back to you and then you automatically decrypt it because you have the key?
SimpleX is the most private of the big three. No phone number or account needed. Able to self host.
Why did they do it to themselves to name it after the herpes virus tho?
Because the most common transmission vector is via family members? (HSV 1)
E.g. Your crazy uncle or news max loving grandparents
Pardon my French but what the fuck is SimpleX?
A messenger app Musk touted as better than Signal some time ago
It’s a turd of an App, it’s not even close to ready for prime time.
most importantly it has a severe network effect problem. you will not find anyone to message on it
Why you say its Bad?
Herpes. It’s sexually transmitted, and it’s lifelong. You don’t want it.
Geeez, who are the other two?
The answer is Simple!..
X
What are the big three, and what is the bar it’s jumping over to be consider big?
I stopped using Telegram as soon as I learned their chats aren’t E2E encrypted unless you create a secret chat. Their advertising is so misleading. Even WhatsApp is more private than Telegram.
All these apps owned by corporations are just black boxes where you send information and nobody knows for certain what they do with it.
Best case, they parse it, cross it with other data and make it profitable (for them, not for you).
Worst case… Who knows…
I don’t think, at this point, people who use Telegram do it for their privacy. I still use it, but I don’t trust it one bit more than I trust WhatsApp.
