Telegram Founder, Pavel Durov, arrested in France

Read: https://duckduckgo.com/?t=ffab&q=Telegram+founder+arrested&ia=web

watch: https://www.youtube.com/results?search_query=Pavel+Durov+arrest

research and judge for yourself :wink:

3 Likes

Have been watching this

2 Likes

Iā€™m barely familiar with Telegram (donā€™t use it, donā€™t trust it) but my understanding is, some of the arguments for the arrest Iā€™ve read appear to have at least ā€œsomeā€ validityā€¦

For example, comparing with Signalā€™s model, they just have by design an extremely limited amount of user data (like registration date, last comms date, etc) that they do share with law enforcement, and then immediately reveal the disclosure to the public once they are legally allowed to. In Telegrams case, my understanding is that they have/save a metric ton more of user data, then just refuse to share them with law enforcementā€¦?

Is my understanding correct?
Am I completely wrong?
Could someone possibly well informed on the matter enlighten us and share their thoughts?

1 Like

Telegram and Signal both have limitations when it comes to privacy, and neither can be fully trusted due to their centralized nature. For instance, Signal still requires a phone number for registration, which undermines its privacy claims. Even though theyā€™ve introduced usernames, the initial requirement for a phone number is a significant privacy concern. This contrasts with platforms like Matrix.org, where users can register without a phone number, demonstrating that it is possible to operate without such requirements.

The phone number issue is more than just a minor inconvenienceā€”most people register their numbers using their real identity. Even if someone uses a burner SIM, thereā€™s often a trail leading back to them, such as being recorded on camera while purchasing it. This makes the notion of true anonymity on Signal questionable.

Moreover, Signalā€™s ties to U.S. government funding, specifically from organizations like the CIA, raise further doubts. How can one fully trust a platform that has received support from an entity known for surveillance and intervention in foreign affairs?

Given these factors, Iā€™ve come to the conclusion that total privacy is an illusion. Thereā€™s always some aspect of the system that can compromise your anonymity, no matter how cautious you are.

1 Like

This is my understanding too. Also, only ā€œsecret chatsā€ on Telegram are encrypted, everything else can be read by Telegram staff.

So with Signal, they hold very little info on users and have no access to the content those users post. With Telegram, they have much more info on users and can read/view most content posted by those users, be it cute pictures of monkeys :monkey: or monkey torture vids :see_no_evil:

2 Likes

Agreed with everything you said, but:

This doesnā€™t mean we shouldnā€™t take steps to increase our privacy. When people make statements like this, it completely undermines the idea of having any privacy whatsoever.

IMHO, when it is said, it should always have, ā€œBut do your bestā€.

3 Likes

Absolutely. I believe most people in this forum or within the Linux community value privacy, control, and freedom at their core; otherwise, they probably wouldnā€™t be here. However, it feels like weā€™re moving toward a world where, no matter how vigilant we are, thereā€™s always somethingā€”whether we realize it or notā€”thatā€™s logging our data. True 100% privacy is, unfortunately, an illusion. But even with that reality, itā€™s essential that we continue to fight for privacy wherever and however we can.

2 Likes

The same goes for both Tor and the internet itselfā€¦

7 Likes

I understand and respect your reasoning, but this didnā€™t answer any of my questions :stuck_out_tongue:

Also in that same essence of your precautions, Telegram drops the bar even furtherā€¦ Telegram was banned in Russia and then lifted the ban after Durov agreed to cooperate with the gov

Pavel Durov, was prepared to cooperate in combating terrorism and extremism on the platform.
.
ā€œRoskomnadzor is dropping its demands to restrict access to Telegram messenger in agreement with Russiaā€™s general prosecutorā€™s office,ā€ it said in a statement.

(source).

@r0ckhopper for the record, I aint clicking that linkā€¦ :cold_sweat:


Edit:
For some added and current perspective, Roskomnadzor just banned Signal tooā€¦

3 Likes

The link is to an article at Ars Technica, the long established science & technology website. The subject matter of the article is gruesome, however :see_no_evil:

1 Like

An interesting video on this topic.
Edit: A link to the paper being discussed.

5 Likes

Ken Thompson was ahead of his time.

1 Like

signal is open source. if the CIA were to backdoor signal, it would have been caught in one of the multiple audits that signal has had. the NSA initially created SELinux and TOR. doesnt mean the projects are now compromised, it just means that sometimes these projects are also used by these institutions because they are good.

Signals phone number registration is an issue but no other private messaging service has a userbase large enough for people to pay attention. its already a hassle getting people to switch to signal. the more obscure the service, the less people are likely to agree to use it.

Matrix and their Element client are still extremely unstable and almost unusable from my experience. The refresh is very very slow when you open the app and encrypted messages constantly take several hours till you can read, them for some reason.

1 Like

Just because it is open source doesnā€™t mean that a backdoor canā€™t be implemented. See the xz utils backdoor.

2 Likes

Because it is open source though, backdoors can be discovered. See the XZ Utils backdoor :wink:

The XZ Utils backdoor was discovered by a PostgreSQL developer. An employee of Microsoft no less :sweat_smile:

2 Likes

I saw somewhere that even ā€œsecret chatsā€ werenā€™t fully encrypted or ā€œserver encryptedā€ rather, meaning it was not E2E anyway. But that could be wrong.

It wouldnā€™t surprise meā€¦

Sadly so, the xz backdoor was discovered mostly by luckā€¦
The fact it is opensource didnā€™t really help that much in this (the xz) specific case at all, as the malicious code was in a binary blob.

So, the bigger picture problem is ANY inclusion of binary blobs in git repos or dependencies of the build process.

And from a very lazy search, it appears that Signal-Desktop git contains some binaries as well.
I didnā€™t go through them one-by-one and I donā€™t have the expertise to analyze them anyway, but it appears that at least in theory, the argument @winnyace made standsā€¦

which is why i mentioned the multiple audits that signal has had over the years.

1 Like

Open source or not, Signal is just as untrustworthy for me - Patriot Act ā€¦

2 Likes