this post was submitted on 18 Jul 2023
18 points (87.5% liked)

Technology

59377 readers
3934 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Is Telegram really that bad and should i look more into it or is sticking to signal really the best option?

top 24 comments
sorted by: hot top controversial new old
[–] PineapplePartisan@lemmy.world 21 points 1 year ago (1 children)

Telegram is very sketchy and I don’t trust it at all. I’d stick with Signal if you can get your network of people to use it.

[–] feifei@lemm.ee 4 points 1 year ago (1 children)
[–] PineapplePartisan@lemmy.world 8 points 1 year ago (2 children)

Encryption is self-made and they won’t let anyone audit it. Messages are stored on servers along with all the meta data (your phone number, location data, etc). There is no clear funding model to keep it up and running.

The whole org is murky/sketchy.

[–] feifei@lemm.ee 3 points 1 year ago (1 children)

Doesn’t mean it has been hacked or their own employees able to unencrypted data. On the contrary, governments like Iran or Russia tried to ban telegram, since they wouldn’t unencrypt their data. You never hear any complaints from governments about WhatsApp for example, what has a much larger user base and is allegedly end to end encrypted. Yes, sending sensitive information should only be done via private chat, their end to end encrypted message tech. Storing the data in the server has its advantages like accessing all the data from multiple devices.

Up until some time ago, telegram has been funded by Pavel Durov, nowadays it’s funded by a premium tier that unlocks extra features.

It is the messenger with the most features that I know of, blowing everything else out of the water if you don’t care about end to end stuff. And I trust it more that’s WhatsApp or anything from Meta

[–] PineapplePartisan@lemmy.world 8 points 1 year ago* (last edited 1 year ago) (3 children)

All of your assertions would be easily provable if Telegram allowed audits and provided public financials. They do neither. In fact, they just try to talk in loops when it is brought up.

The whole operation is sketchy as hell. Anyone who provides their data to such an org is foolish. At least the Meta’s of the world have to declare their use and it is known and audited.

Telegram wouldn’t even provide a CUSIP or names of the firms that supposedly bought their corporate paper bond.

I’ll stick with Signal. An org whose funding is clear and who has their encryption and security audited by third parties.

[–] feifei@lemm.ee 4 points 1 year ago

What could be other reasons not to do an audit other than it being shady? Maybe they just don’t want to disclose their algorithm?

So far, I trust it more than WhatsApp.

But Signal is definitely the better choice. It’s just sad the people didn’t go with Signal instead of WhatsApp.

[–] feifei@lemm.ee 1 points 1 year ago

What could be other reasons not to do an audit other than it being shady? Maybe they just don’t want to disclose their algorithm?

So far, I trust it more than WhatsApp.

But Signal is definitely the better choice. It’s just sad the people didn’t go with Signal instead of WhatsApp.

[–] feifei@lemm.ee 1 points 1 year ago

What could be other reasons not to do an audit other than it being shady? Maybe they just don’t want to disclose their algorithm?

So far, I trust it more than WhatsApp.

But Signal is definitely the better choice. It’s just sad the people didn’t go with Signal instead of WhatsApp.

[–] feifei@lemm.ee 1 points 1 year ago

Doesn’t mean it has been hacked or their own employees able to unencrypted data. On the contrary, governments like Iran or Russia tried to ban telegram, since they wouldn’t unencrypt their data. You never hear any complaints from governments about WhatsApp for example, what has a much larger user base and is allegedly end to end encrypted. Yes, sending sensitive information should only be done via private chat, their end to end encrypted message tech. Storing the data in the server has its advantages like accessing all the data from multiple devices.

Up until some time ago, telegram has been funded by Pavel Durov, nowadays it’s funded by a premium tier that unlocks extra features.

It is the messenger with the most features that I know of

[–] jeena@jemmy.jeena.net 12 points 1 year ago (2 children)

I did the mistake that I got a bunch of people into Signal which is obviously already really good, but just a couple of month later I switched to Matrix and can't get anyone to move other than my fiance and my dad.

Anyway, the Signal <-> Matrix bridge is quite solid.

[–] Echolot@kbin.social 10 points 1 year ago

Too bad Matrix clients are all kinda meh... Beeper is the only pretty solid one I've come across and it sadly isn't open-source.

[–] gelberhut@lemdro.id 1 points 1 year ago (1 children)

But this bridge kills e2e encryption? And if you do not care about it telegram and WhatsApp are a better choice.

[–] jeena@jemmy.jeena.net 5 points 1 year ago (1 children)

I have a video which explains it in detail: https://tube.jeena.net/w/rYhp4ZT5Ykw1aBGqMr62KG

But in short, yes, but that is only a problem if you don't host your own bridge, because you're in control of the whole chain and everything from the bridge to your client is still encrypted.

[–] gelberhut@lemdro.id 1 points 1 year ago (1 children)

Let me guess: you host matrix server yourself, right? :)

[–] jeena@jemmy.jeena.net 2 points 1 year ago

Yes I do, everyone who can should for their friends and family ^^

[–] Zeus@lemm.ee 9 points 1 year ago* (last edited 1 year ago)

just going to copy here something i wrote on reddit ~~a few months~~ almost a year ago^[context]

i've been using telegram since it was released and ...i don't think i'll be recommending it to new users anymore

it's not just this announcement, but in general they seem to be really pushing the web3/blockchain/nft angle; along with sign in with telegram, payments through telegram, they feel like they're trying to become the western wechat

but as for this in particular; obviously all of those usernames are going to be bought by scammers. why would a user trust them if they're being bought and sold all the time? and why would a legitimate business buy them if most users won't trust them? businesses want consistent branding, not ephemeral minutiæ

nobody is thinking "oh yeah, my bank is the best, it's @bank on telegram" or "i think i'll switch to a new bank, but i don't know which. i guess i'll just message @bank and see what happens" or "i just got a message from @gift! i must have won the lottery!"

plus, according to these messages, they're taking usernames off users that already used them

most of my contacts are on telegram now, so i'm going to continue using it. but even aside from the encryption and privacy issues, i wouldn't encourage anyone to switch to telegram

[–] housepanther@lemmy.goblackcat.com 7 points 1 year ago (1 children)

Honestly, there needs to be something completely open source, self-hosted, and non-corporate before I will do something like use a service anymore.

[–] Cheradenine@sh.itjust.works 8 points 1 year ago* (last edited 1 year ago) (3 children)

What you want then is SimpleX Chat Bonus that there are no identifiers and it's been audited by Trail of Bits. You can self-host or use their servers.

Don't know if I'm doing this right but !simplex@lemmy.ml

Cool! Thanks for that link. I'm going to look into it.

[–] Blaze@sh.itjust.works 2 points 1 year ago

Looks interesting, thanks

[–] mb_@lemmy.world 1 points 1 year ago

Just waiting for the same profile in multiple devices. I constantly use multiple computers and can't be locked out of chat unless I have a specific device on me.

Other than that, SimpleX Chat is really nice.

[–] SinJab0n@mujico.org 4 points 1 year ago

Matrix is another good option

[–] gelberhut@lemdro.id 2 points 1 year ago (1 children)

This depends. If you prioritize security over usability (like good multi-client, simple migration etc) AND you trust that signal server works as promised - then you can use signal or use secret chats in telegram. Otherwise, telegram is not that bad and even e2ee is not supported for usual chats, the history storage (according to dev claims) is spread over several legal areas what makes it harder for authorities to get access to it.

[–] HidingCat@kbin.social 3 points 1 year ago

Yea, I don't use Telegram because of security, I use it because it has a very nice feature list and has the user base to go along with it. Anything that needs security I use Signal.

load more comments
view more: next ›