Chat Apps, Government Ties, and Transparency
threema.ch
Over the past days, two popular chat services have accused each other of having undisclosed government ties. According to Signal president Meredith Whittaker, Telegram is not only “notoriously insecure” but also “routinely cooperates with governments behind the scenes.” Telegram founder Pavel Durov, on the other hand, claims that “the US government spent $3M to build Signal’s encryption” and Signal’s current leaders are “activists used by the US state department for regime change abroad.”
  • Possibly linux@lemmy.zipEnglish
    0·
    2 months ago

    I can’t believe people are saying Telegram and Threema might be better than Signal. Signal isn’t perfect but Telegram and Threema are worse.

    • rdri@lemmy.world
      01·
      2 months ago

      Signal is not applicable when you need a public space for people to just have a discussion, like in discord. Signal clients are clunky and rely on cross sync from what I see, while telegram clients are well made and convenient to use. Even Whatsapp went away from electron so I’d choose it over signal any day.

        • hruzgar@feddit.de
          0·
          2 months ago
          1. The Encryption algorithm of Signal is basically the same algorithms proposed by the US gov in 2000. There is no way they would release these encryption algorithms if they couldn’t break them themsleves
          2. If you would see which organisations are supporting Signal (look at where Signal gets all the money), you would also agree with me. There is no way these organasations are supporting them for your privacy. Why would they? The same people who are trying their best to get all your data. Believing this is just pure naivity imo but call me what you want
          • refalo@programming.dev
            0·
            2 months ago

            Please stop spreading FUD.

            1. The encryption used by Signal would not be used if it could be easily broken. It’s fully open source and is regularly audited. People would not recommend it if it were so broken like you say; this is just fearmongering.

            2. lol, lmao even

            • hruzgar@feddit.de
              01·
              2 months ago

              I’m not forcing you to believe anything. Also this is a free platform where I can say what I think. I won’t hold myself back from expressing my view only because the majority has a different opinikn (looking at the downvotes). I personally just wouldn’t trust it. And it also doesn’t have any difference to Whatsapp and co. (encryprion algos are the same) which completely removes the purpose of it even existing (ik open source is still an argument. But they don’t have reproducable builds so even that falls apart) so there really isn’t any reason for me to switch to it or promote it to anybody at all.

    • Dessalines@lemmy.ml
      0·
      2 months ago

      I don’t get it at all. There are plenty of platforms like matrix, xmpp, simplex that don’t require phone numbers tied to your identity. Signal has somehow managed to convince people that it’s a private platform, despite it being a US hosted service that requires phone numbers.

      • to55@discuss.tchncs.de
        0·
        2 months ago

        Say the US government, in a worst-case scenario in which it constantly monitors all traffic that goes through Signal’s data centers, can ‘only’ see phone numbers, IP addresses and timestamps, right? Or am I forgetting something here?

        • Dessalines@lemmy.ml
          1·
          2 months ago

          Metadata and social graphs are more important than message content, esp since not many people have the time to read through individual messages to build meaning.

          Signal stores phone numbers (meaning your identity, and home address), and message timestamps: who texted who and when, and who’s in chats with who else. More than enough to build social graphs and connections, and also figure out where people are through their IP addresses.

          • Brayd@discuss.tchncs.de
            0·
            2 months ago

            Signal can’t see who is texting who. They can’t see which groups you are part of. Those information are end to end encrypted, same as your chats itself, your profile picture, your stories, etc.

            Signal doesn’t store message timestamps either.

            What Signal itself knows of you is your phone number, the timestamp of your registration, the timestamp of your last connection to the server. That’s it.

            Yes metadata is critical but Signal handles metadata very well. Indeed, even though I’m a fan of Matrix, better than Matrix. Matrix is a metadata nightmare due to it’s centralized structure and the way the protocol works.

            • Dessalines@lemmy.ml
              1·
              2 months ago

              Signal can’t see who is texting who. They can’t see which groups you are part of. Those information are end to end encrypted, same as your chats itself, your profile picture, your stories, etc.

              This is completely false. They can absolutely see who is texting who, in fact they need it to be able to route messages. They have message timestamps, and phone numbers stored in their database.

              Question, why do you “trust” signal? You can’t see what code their centralized server is running, unlike matrix which you can self-host and build from source. You don’t have to “trust” matrix, you can verify it for yourself.

    • The Doctor@beehaw.orgEnglish
      0·
      2 months ago

      Unable to decrypt message

      Unable to decrypt message

      Unable to decrypt message

      Unable to decrypt message

      Unable to decrypt message

      Unable to decrypt message