Read: https://duckduckgo.com/?t=ffab&q=Telegram+founder+arrested&ia=web
watch: https://www.youtube.com/results?search_query=Pavel+Durov+arrest
research and judge for yourself
Read: https://duckduckgo.com/?t=ffab&q=Telegram+founder+arrested&ia=web
watch: https://www.youtube.com/results?search_query=Pavel+Durov+arrest
research and judge for yourself
Have been watching this
Iām barely familiar with Telegram (donāt use it, donāt trust it) but my understanding is, some of the arguments for the arrest Iāve read appear to have at least āsomeā validityā¦
For example, comparing with Signalās model, they just have by design an extremely limited amount of user data (like registration date, last comms date, etc) that they do share with law enforcement, and then immediately reveal the disclosure to the public once they are legally allowed to. In Telegrams case, my understanding is that they have/save a metric ton more of user data, then just refuse to share them with law enforcementā¦?
Is my understanding correct?
Am I completely wrong?
Could someone possibly well informed on the matter enlighten us and share their thoughts?
Telegram and Signal both have limitations when it comes to privacy, and neither can be fully trusted due to their centralized nature. For instance, Signal still requires a phone number for registration, which undermines its privacy claims. Even though theyāve introduced usernames, the initial requirement for a phone number is a significant privacy concern. This contrasts with platforms like Matrix.org, where users can register without a phone number, demonstrating that it is possible to operate without such requirements.
The phone number issue is more than just a minor inconvenienceāmost people register their numbers using their real identity. Even if someone uses a burner SIM, thereās often a trail leading back to them, such as being recorded on camera while purchasing it. This makes the notion of true anonymity on Signal questionable.
Moreover, Signalās ties to U.S. government funding, specifically from organizations like the CIA, raise further doubts. How can one fully trust a platform that has received support from an entity known for surveillance and intervention in foreign affairs?
Given these factors, Iāve come to the conclusion that total privacy is an illusion. Thereās always some aspect of the system that can compromise your anonymity, no matter how cautious you are.
This is my understanding too. Also, only āsecret chatsā on Telegram are encrypted, everything else can be read by Telegram staff.
So with Signal, they hold very little info on users and have no access to the content those users post. With Telegram, they have much more info on users and can read/view most content posted by those users, be it cute pictures of monkeys or monkey torture vids
Agreed with everything you said, but:
This doesnāt mean we shouldnāt take steps to increase our privacy. When people make statements like this, it completely undermines the idea of having any privacy whatsoever.
IMHO, when it is said, it should always have, āBut do your bestā.
Absolutely. I believe most people in this forum or within the Linux community value privacy, control, and freedom at their core; otherwise, they probably wouldnāt be here. However, it feels like weāre moving toward a world where, no matter how vigilant we are, thereās always somethingāwhether we realize it or notāthatās logging our data. True 100% privacy is, unfortunately, an illusion. But even with that reality, itās essential that we continue to fight for privacy wherever and however we can.
The same goes for both Tor and the internet itselfā¦
I understand and respect your reasoning, but this didnāt answer any of my questions
Also in that same essence of your precautions, Telegram drops the bar even furtherā¦ Telegram was banned in Russia and then lifted the ban after Durov agreed to cooperate with the gov
Pavel Durov, was prepared to cooperate in combating terrorism and extremism on the platform.
.
āRoskomnadzor is dropping its demands to restrict access to Telegram messenger in agreement with Russiaās general prosecutorās office,ā it said in a statement.
(source).
@r0ckhopper for the record, I aint clicking that linkā¦
Edit:
For some added and current perspective, Roskomnadzor just banned Signal tooā¦
The link is to an article at Ars Technica, the long established science & technology website. The subject matter of the article is gruesome, however
Ken Thompson was ahead of his time.
signal is open source. if the CIA were to backdoor signal, it would have been caught in one of the multiple audits that signal has had. the NSA initially created SELinux and TOR. doesnt mean the projects are now compromised, it just means that sometimes these projects are also used by these institutions because they are good.
Signals phone number registration is an issue but no other private messaging service has a userbase large enough for people to pay attention. its already a hassle getting people to switch to signal. the more obscure the service, the less people are likely to agree to use it.
Matrix and their Element client are still extremely unstable and almost unusable from my experience. The refresh is very very slow when you open the app and encrypted messages constantly take several hours till you can read, them for some reason.
Just because it is open source doesnāt mean that a backdoor canāt be implemented. See the xz utils backdoor.
Because it is open source though, backdoors can be discovered. See the XZ Utils backdoor
The XZ Utils backdoor was discovered by a PostgreSQL developer. An employee of Microsoft no less
I saw somewhere that even āsecret chatsā werenāt fully encrypted or āserver encryptedā rather, meaning it was not E2E anyway. But that could be wrong.
It wouldnāt surprise meā¦
Sadly so, the xz backdoor was discovered mostly by luckā¦
The fact it is opensource didnāt really help that much in this (the xz) specific case at all, as the malicious code was in a binary blob.
So, the bigger picture problem is ANY inclusion of binary blobs in git repos or dependencies of the build process.
And from a very lazy search, it appears that Signal-Desktop git contains some binaries as well.
I didnāt go through them one-by-one and I donāt have the expertise to analyze them anyway, but it appears that at least in theory, the argument @winnyace made standsā¦
which is why i mentioned the multiple audits that signal has had over the years.
Open source or not, Signal is just as untrustworthy for me - Patriot Act ā¦