I know Lemmy hates telegram but it should be common knowledge that all platforms process requests from authorities.
The repeated posting of this story the last few days seems artificial.
I don’t really have any special hate for Telegram myself, and I never saw it as a secure communication platform. I have more problem with Signal because people treat it like it’s paragon of privacy and security.
Many Signal alternatives also have security issues of their own, often making them less secure than Signal. This includes Matrix and XMPP. In the blog post regarding XMPP+OMEMO, the author replies to a question about which would be better than Signal, Matrix, and XMPP with this suggestion:
Anyone who cares about metadata resistance should look at Cwtch, Ricochet, or any other Tor-based solution. Not a mobile app. Not XMPP. Not Matrix.
In regards to Ricochet, not having a mobile app version makes it difficult to recommend to less tech savvy people.
Sure, every platform has its own set of problems, and it’s fine to make an informed decision that you’re willing to accept the deficiencies of a particular platform you’re using. The issue I have is with people pretending that Signal doesn’t have the problems that it has as we can see happening in this very thread.
I’m with you there. This wasn’t meant as an argument against your statement. I brought up the issues regarding Matrix and XMPP as they are often recommended as alternatives to Signal, and after learning about this blog in a previous conversation I had about this topic, I thought it would be a good resource to bring up so people can be informed about those platforms and some alternatives that may be better than Signal while being metadata resistant.
And now you know why we’ve been telling you not to use Telegram.
What seems crazy to me is how many people they managed to convince that they were private when they most definitely are not.
Any criminal with half a brain knew what’s up
Brain dead normies lapring edge lord on there were just useful idiots for their handlers
I hear signal is not a good alternative. What is a good one, then?
https://lemmy.ml/comment/15999861
In the blog posts I read where the author, a security engineer, audited and/or reported vulnerabilities with two E2EE chat protocols commonly recommended as Signal alternatives–Matrix and XMPP–both had implemented half-baked solutions or refused to solve the issue at all in some regards, and both had evangelists that gave dismissive responses. The XMPP chud dev gave a laughably childish response, and the Matrix dev even admitted the team being aware of the olm vulnerability and deliberately refused to fix it for years. Not that Signal cultists are any better and not negating the legitimate security and trust issues with the Signal platform, but Signal is still a decent platform for most people’s threat model, though it would be nice if there was an alternative that could compete with Signal to recommend to most people instead. If you care about metadata resistance and your threat model involves high stakes if your assets are compromised, the blog author suggests Tor-based solutions such as Cwtch and Ricochet Refresh.
I imagine Signal is probably fine unless you’re doing some real weird shit.
It doesn’t have to be “real weird shit” though for it to be a problem, coordinating about protests or other political activism on Signal is sketchy because of the phone number requirement, and just having your phone number be associated with another suspect phone number from inferred conversations is enough to potentially get you in trouble. Or if some national anti-abortion or anti-LGBTQ law happens and they put serious effort into enforcing it, activity on Signal, which is not anonymous, could be used against you and people you had conversations with. Yet I’ve seen multiple groups who shouldn’t be using Signal use it anyway and people thinking they’re anonymous on the platform because it keeps getting recommended. SimpleX and Cwtch have weaknesses also, but both of them take anonymity more seriously than Signal does.
This better not be a “computers received pentagon funding when the first Vaccum tubes were being made”.
Signal is an excellent choice. Literally forces cops to get a warrant for your phone and hope you didnt purge your messages after a few days.
If you want anonymity on top of that than simplex
Depends on your threat model. Signal is fine if you just want to communicate with average joe. If you want something more anonymous look into secureX,
Matrix, simplex, xmpp.
Where are you hearing this?
Welp then I think we have to sue them to oblivion S/ But really can’t blame most people whose Are Accustomed to using TeleGram And WhatsUp
This is a difficult topic for me. On the one hand, I believe everyone has a right to privacy and we need to fight for that right. On the other hand, I’m enough of an adult to understand that law enforcement needs to be able to effectively investigate criminal activity. There has to be a middle ground there, somewhere. I just don’t know where that is.
giving the pigs and the feds more powers isn’t gonna help anything lol
If they actually wanted to do something about child abuse they’d go after the conserative scum who have historically supported it and still do. Its the ones that vote for far right parties, are anti higher-ed, pro homeschooling, anti secularism, pro religious indoctrination, anti feminist, anti age of consent laws, anti sex ed, anti criminalisation of marital rape, anti combating domestic violence, pro child marriages etc instead they are constantly trying to attack human’s right to privacy which only exist on paper.
But isn’t advocating for the privacy of criminals the same as advocating for the crime, itself? Sure, let’s go after the politicians…but are you REALLY okay with letting child molesters, etc. hide their activities from law enforcement online? Like I said, there has to be a middle ground. We just need to find it.
The moment you dissolve rights to privacy for X scenario, you open dissolution for Y and Z as well
The moment you protect criminal behavior, you become complicit in their crimes.
Just look at the Patriot Act. Did it catch a single terrorist?
“If you’re not with us, you’re against us”
I think this is the moment you’re overreaching.
Alternatively what you’re saying is that all gun manufacturers should go to jail for multiple counts of homicide.
“Child molesters etc” have been online since the internet has existed and very little is done about it. They have also been active offline and very little is done about that too. If they wanted to go after them they would. They don’t, because it is not in their interest to. The threats they will go after are people they disagree with and who their higher ups want targeted. You are always in more danger from authorities than “bad guys” are.
There’s no middle ground. Either we’ll have privacy or we won’t.
It’s the warrant process and true encryption. If the cops think you’ve done something bad, they go and get a warrant. The provider turns over what they have, which should just be account info and metadata. Then the cops do good old fashioned police work and get a warrant for your personal stuff which they’ll seize and analyze.
