• 0 Posts
  • 5 Comments
Joined 5 months ago
cake
Cake day: June 10th, 2024

help-circle
  • telegram is not safe enough, but for some reason it is preferred by drug dealers. The lives of these people literally depend on the messenger.

    Most people are technically illiterate. On top of that, most criminals are idiots (otherwise they’d have calculated risk/reward ratio rather than only looking at the reward side of things). The reason it is used by drug dealers is (1) Telegram is convenient, (2) Telegram is not moderated so they accumulate there due to “moderation selection”, (3) Law enforcement didn’t care enough to do anything about that. Now that (3) has changed and (2) is on shaky grounds, I expect a lot of them will move elsewhere.


  • Signal chats can read messenger developers with basic hack (add one more person in chat and collect messages on disk)

    How exactly do you think that would work? To add a new recipient the client needs to explicitly encrypt messages with a key available to that recipient. What command in the Signal protocol would trigger that action without first establishing trust in the recipient? (FYI when adding a new device, there is a key-exchange and verification process, which requires access to some other device with keys already on it).


  • Tell me how Durov, or someone else get access to my one-to-one crypto chat, if I compile mtproto self from github?

    As a separate statement: they can’t (probably).

    In context of the discussion: they don’t need to, because secret chats are so inconvenient and fussy that they are seldom used. There is a lot of crime happening in public groups/channels, in “private” groups chats that can not be encrypted, or in 1-on-1’s that are not secret. Telegram has the ability to stop all of that with just some moderation, or turn messages over to the authorities, but they don’t. Which is precisely why Durov is in custody right now. If he actually made a messenger with good, convenient end-to-end encryption, he would be in the same situation with Signal authors, who have perfect deniability since they can’t read anything their users have sent up until this point.


  • Bullshit.

    If you want protect yourself for random network administrator on your network line, of course.

    Telegram and Signal both use TLS. They are identically secure from transport-level attacks.

    If you want protect from anyone (government for example), of course not.

    Of course yes. If you want a more private group chat, or an actually useful 1-on-1 encrypted chat that works across multiple devices, Signal is the only option (out of the two, there are way better alternatives like XMPP and Matrix). For 1 device-on-1 device E2E chats, Signal and Telegram are about the same level of security, except Telegram’s protocol sees less scrutiny from the crypto community.

    As telegram. If you think that some drug dealers create public chats with sell drugs, so… you are wrong. All work with darknet. In telegram all of them use only private one-by-one crypto chats.

    LOL. I see drug ads on the street all the time. The one time I checked, it pointed to a publicly available Telegram bot.


  • If Signal was to pull a MITM, it would have been noticeable as it requires active intervention in the protocol (it hasn’t been noticed yet), it would destroy all plausible deniability for them going forward, and it wouldn’t be possible on existing chats (once the key exchange between two parties happens, it’s impossible to do MITM). Telegram can just straight up read your messages, past, present and future, do whatever they want with them, with no way for anyone to check if that happens. It’s two different tiers of communication security.

    To quote another commenter,

    You clearly have no idea what you’re talking about.