Follow

Switched to Telegram? You need to know this about its encryption
Telegram encrypts all your chats but doesn’t offer the same level of protection as Signal or WhatsApp by default

wired.co.uk/article/telegram-e

Was surprised people suggested telegram as an alternative

@cubicgarden That's one of the reasons why I don't like Telegram. Another reason being that its server side is proprietary.

But WhatsApp should not be "praised" for its encryption as the article does. We can't know for sure that the E2EE that WhatsApp has implemented does not have any backdoor or security holes. There could also be other ways they can spy on users even if the encryption is solid. It could even be keylogging and we can't verify that! We don't have the source code!

@adnan360
WhatsApp is using the signal e2e protocol? But I take the point who knows what else they added or removed

@cubicgarden Yes. I found this blog post:
signal.org/blog/whatsapp-compl

A team from Signal was hired to implement Signal's protocol to WhatsApp. But the resulting implementation is in their hands. They can make changes to it. We wouldn't know, because it's a proprietary system.

@adnan360
Ah good find... So based in signal but that's as far as it goes

@cubicgarden Yes. Depending on past records I can't trust them any longer. Unless they open up the source code, I don't see myself installing any of these proprietary options willingly ever again.

@cubicgarden I think telegram doesn't show your phone number to everyone.

So if your threat model involves the people you are communicating with *knowing* your phone number.. Telegram is good.

Same with "kik". Infosec geeks go .. "OMG the encryption is rubbish", but that's not the actual threat that people want to mitigate.

@cubicgarden
Just to make sure people get this right:
- If you want to encrypt your 1:1 chat, you have to activate #encryption manually for every single #chat individually!
- Group chats cannot be encrypted.

That's only 2 of the many reasons why I think to hat using #Telegram is not a good idea :mastoface_with_rolling_eyes:

@tetrapyloctomist
I also remember the e2e protocol was propitery and has been broken in the past?

Sign in to participate in the conversation
mas.to

Hello! mas.to is a general-topic, mainly English-speaking instance. We're enthusiastic about Mastodon and aim to run a fast, up-to-date and fun Mastodon instance.