I see i can find a foss version on f-droid, and that’s something not a lot of social networks can have, i don’t really like all the crypto bullshit and ads testing they’ve been up to lately, but still looks better to me compared to what Reddit have done lately or what other platforms have done in these years…
I don’t know about their privacy feature, but i wouldn’t trust their chat as for as far as i knew they were not end to end encrypted some time ago (except for secret chats).
Anyway it still looks like one of the at least still decent platforms out there, or am i wrong?
I put it in the same boat as WhatsApp. Better than SMS, but I’ll be sticking to Signal.
Removed by mod
+many for Signal.
deleted by creator
Telegram is neither private nor secure. Its not encrypted bu default. Normal texts as well as group chat is stored unencrypted on its servers.
For everyday use with friends, family and work (assuming these folks already have your number), Signal may be the best thing out there as its open source both on server and app levels. Signal is also end to end encrypted (E2EE) with decryption keys stored on device.
For anonymous communications Session and SimpleX may be better as they are both E2EE and doesnt requie a phone number as an identifier.
Just chuck out Whatsapp, Telegram and all the other closed sourced garbage apps.
What about Matrix?
Unless you want to run communities there I wont bother with it. I feel everything from setting up accounts (anonymously) to getting people to join, works better in SimpleX and Session. I’d even be happy using SimpleX as my everyday messenger. Matrix is a little clunky and the fact that all conversations get duplicated on the primary Matrix servers is cause for concern.
With Signal and SimpleX, servers are used only for relaying messages beteeen users - messages which are encrypted on the device.
In the end you are going to be sacrificing something, and the last thing you’d want to sacrifice is privacy and security.
If I was pushed to list my go to, it’ll be Signal for chats with people I know: because its open source, battle-tested against adversities, and can be set up by anyone who understands how ro use Whastsapp / Telegram.
For communitties (and even as a daily text solution beteeen collaborators or anyone you dont want to exchange numbers with), I’d use SimpleX as it has a lot of in-built anonymity and decent privacy (so far - its a fairly new project).
Theres just too much fuzziness round Matrix for anyone to trust it.
deleted by creator
Signal is also end to end encrypted (E2EE) with decryption keys stored on device.
And how decryption key gets to other device 👀?
It’s a “basic” Diffie-Hellman key exchange that’s been a solved issue since before mobile phones were even invented
[
. ]Think of it like this:
I give you a lock that only I have they key to open it. You can secure (read encrypt) any message with it by placing it in a box and locking it with my lock, send me the box and - because I’m the only person in the world with the key to open it, we can say you’re sending me a secured (encrypted) message. It doesn’t matter if anyone can intercept this lock because all they’ll be able to do is send me secure messages from their inbox. Now, in the digital world this lock we’re giving each other is a cryptographic “public key” that you can lock a million things with (messages, images, videos) and send them to me via the internet. We can thus exchange public keys and securely message each other.
I’ve simplified it a lot, as Signal actually uses something called the “Extended Triple Diffie-Hellman” (X3DH)
[
, but I hope this explains how it works. You can read more about it here ][
][
]https://www.signal.org/docs/specifications/x3dh/[
]https://security.stackexchange.com/questions/45963/diffie-hellman-key-exchange-in-plain-english
Signal is also end to end encrypted (E2EE) with decryption keys stored on device.
And how decryption key gets to other device 👀?
The company’s CEO is Pavel Durov, the very clown who built russian alternative to Facebook, VKontakte, and then practically sold it to russian government with all it’s users. And russian government, being itself, repressed anyone who liked “wrong” stuff there. So, Durov being no stranger to selling things to governments, in my opinion, deserves zero trust.
He didn’t voluntarily sell it to the Russian government.
Didn’t he basically get ousted and kicked out of Russia since he didn’t wanna sell VK?
Yes
You don’t know, what are you talking about.
https://lemmy.world/comment/1556530I’m perfectly aware of what I’m talking about. He lost control of company’s shares to government-affilated people and they fired him. What an unpredictable turn of events. I don’t really care if it happend due to stupidity or malice, considering the amount of public stunts he pulled off at the time, I doubt you can call his course of action straightforward.
Even when he was fired, they did it with his own resignment notice he submitted as April Fool’s joke. The guy is a literal clown, I have no idea why you’d entrust him with your data.
Being encryption needs to be enabled highlights how Telegram is trying to increase users who want privacy & security but don’t exactly know how to go about it. Granted, the option makes it a step up above sms, but that’s not saying a lot…
Just use Signal or Matrix.
It’s better than Whatsapp & Co since it’s FOSS. It’s worse than Matrix and XMPP since those are federated (and Matrix has e2ee). It’s about tied with Signal, Signal is FOSS but hostile to third-party clients, in exchange it has encryption on by default.
Telegram is known to occasionally hand out users’ data in extraordinary circumstances, but that’s pretty rare overall. It’s not the choice for super sensitive communications, but it’s decent as a better alternative for SNS. It’s very popular in Russia because it has public one-to-many channels and unlike VK and etc it mostly doesn’t censor stuff. I’ll never use Whatsapp, I have no reason to use Signal because nobody I know uses it and Matrix is better, Telegram is alright in my book.
Also it’s possible to buy anonymous telegram accounts, not sure that’s possible for Signal.
Telegram is known to occasionally hand out users’ data in extraordinary circumstances
Source? And what circumstances? AFAIK it never happened.
Thanks, though the article also says that Telegram states they didn’t share any data because they have never stored it (like IP).
Somewhere between WhatsApp and Signal. It has FOSS clients, hands over user data only under extraordinary circumstances (terrorism and child abuse, afaik), and runs on pretty much any hardware. The last two points make it very popular in eastern Europe and most of Asia. The main problem with Telegram is that normal chats are not end to end encrypted, and instead use a weaker encryption algorithm. Secure chats are e2e encrypted, but are not on by default.
Overall, it is used by opposition parties in countries like Russia, Belarus and Iran for day to day stuff, so it is fairly secure. Of course, if you are a reporter or activist who has a lot of enemies, you could get something even more secure.
Overall, it is used by opposition parties in countries like Russia, Belarus and Iran for day to day stuff, so it is fairly secure
I think this is overselling the “privacy” aspect of storing your personal messages on a server where the admins have complete access without you ever knowing if/what they’re doing with it.
Make no mistake, Telegram is as “private” as Facebook. They have access to all your data and as that data grows, it grows in value. It’s only a matter of time before they directly or indirectly exploit this (or get compromised) and all your “privacy” is out the window.
No hate towards Telegram, I’m sure its a great platform, but people should at least be aware that it’s basically the Pepsi to Facebook’s Coke.
It isn’t perfect, but I think there is a difference between a company that currently gives user data to advertisers and authoritarian governments, and one that hasn’t done any of that so far. There sure is a ‘trust me bro’ element, but they have had to relocate from Russia to Dubai because they refused to hand over opposition politicians’ chats. That’s a pretty big commitment to privacy.
It’s one step better than whatsapp, fb messenger and viber. I use Signal with my family and friends, it’s a middle ground between the big ones and XMPP.
Do a search online of Telegram turning over user to government, they store your contacts and info.
For absolute privacy and security, stick with SimpleX for creating a different random ID for each contact you message, no 2 users will see the same ID from you.
As a secondary option, use Molly which is a modified version of Signal to remove proprietary dependancies.
Dang, I was hoping Molly still supported SMS…
I prefer SimpleX to Signal, Telegram and Matrix tbh.
I wouldn‘t use it for messaging, but as a social media platform it seems to be working pretty well.
deleted by creator
They are seriously suffering from NIH (not invented here) syndrome. So, you can theoretically build your own Telegram client, but you can’t re-use any standard components to do so. WhatsApp on the other hand doesn’t open their clients, but under the hood they are just using mostly standard components (Noise protocol, modified XMPP protocol, Signal protocol), so it’s not actually that difficult to build your own WhatsApp client by just piecing together these components.
FluffyChat (Matrix) . No phone linking . Encryption . Period . The only backdraft is others users needs to register in matrix and when I tell other to do so they ask me if I’m talking about the movies
Private home server. Bridges.
Show them they can have all their chats in one app.
They will beg you for an account.
Then you can talk to that person only within matrix. Rinse, repeat. They begin to move over one by one.
I posted the following review on Play Store about FlullyChat (22 March 2022).
I am trying, I really am, to sign up to matrix but no matter all the captchas, the verification emails and agreeing to the terms my account doesn’t exist and requires me unspecified “additional verification”. Even on a different homeserver, using SAML, I with an account actually ready and connected in my browser the app just won’t log in. I got frustrated and left the app.
I actually got extremely mad that day, as it was an already painful day. Can you tell me if Matrix or FluffyChat have become easier to access from the outside?
Not sure from fluffychat how is the registration process. I originally registered from Element app, which is also good. And in that time it was pretty easy, it made me to register on matrix.org . And I used my same account very smoothly in Fluffychat
My opion is I won’t go near it. Matrix via Elementor it’s many other clients is for me and my family.