In recent years, WhatsApp has become one of the most popular messaging apps worldwide, connecting billions of people across the globe. However, beneat

Is Telegram really that bad and should i look more into it or is sticking to signal really the best option?

  • Melody Fwygon@lemmy.oneEnglish
    6·
    1 year ago

    Telegram is legitimately bad, it’s only saving grace being that it is STILL BETTER THAN DISCORD! It’s main “Sin” is rolling it’s own Encryption Algorithm; which has been proven to be less than 100% airtight and secure.

    Sadly your average user does not care about privacy above all else. They only care about privacy in as much as it can factually and emotionally affect their daily lives. TL;DR: You have to incentivize them to care, and they will often refuse to move, or outright dislike a platform, if a specific feature they love or depend on doesn’t exist, even when it is 100% not critical to the application’s function.

    • dngray@lemmy.oneMEnglish
      1·
      1 year ago

      which has been proven to be less than 100% airtight and secure.

      I don’t believe that has been proven. There has been criticism of it 1, 2 from prominent cryptographers though.

      Telegram’s MTProto protocol isn’t obviously broken in a practical way, concedes Matt Green, a cryptographer at Johns Hopkins University who has consulted for Facebook on encrypted messaging systems. But it’s uniquely “weird,” he says, in a way that suggests its inventors don’t understand tried-and-true cryptography practices and raises his suspicions that it may yet have undiscovered vulnerabilities.

      Their response was even more dodgy trying to somehow inject some sort of “nationalistic”, “america bad” into it:

      Telegram’s Ravdonikas argues that “Telegram encryption relies on classical algorithms, because we consider some approaches promoted by US-based cryptographers after 9-11/the Patriot Act (which your sources refer to as ‘state of the art cryptography’) questionable."

      At the end of the day math is math regardless where it comes from. Secret chats also only work with the mobile client, have to be manually turned on and do not work for group chats and as it’s a centralized server you can’t host your own.

      And with RFC 9420 aka Messaging Layer Security (MLS) being standardized, it’s likely all the good messengers will use that.

  • chi-chan~@lemmy.worldEnglish
    3·
    1 year ago

    Signal considered the best between those 3 apps.

    • Signal have E2EE. Facebook decided to copy the idea to Whatsapp. AFAIK, attackers have always gained access only by other methods.
    • Telegram created their own protocol, MTProto. E2E is only enabled on private chats. By default private chat exist only on the device they were created on. So a lot of people don’t really use them.

    So, in terms of encryption alone, Signal/Whatapp are safer.

    I don’t know about you, but for me, the last company I’ll trust with my information is Facebook.

    So if you can, use Signal.

    If not, decide who you trust more. Telegram or Facebook.

    • CrypticCoffee@lemmy.mlEnglish
      0·
      1 year ago

      Just to clarify. I thought WA had e2e encryption before Signal but got bought out by Facebook, so Signal developed including with e2e encryption and open source code (at least initially) as an alternative. Is that correct?

      • pranqster@infosec.pubEnglish
        3·
        1 year ago

        The Signal protocol (née TextSecure protocol) was created by Moxie Marlinspike and Trevor Perrin and Signal messenger (née TextSecure) was built from the ground up with e2ee. WhatsApp was acquired by Facebook without e2ee and Moxie later worked with them to integrate the Signal protocol for WhatsApp. Hope that clarifies.

  • constantokra@lemmy.oneEnglish
    1·
    1 year ago

    If you can.actually get people to switch, you should look into simplex chat. It has a lot of really good features, you can run a CLI application on any servers you might have to send you notifications really easily, and it’s being rather actively developed. A quick look at their website will show you how dedicated to privacy they are.