#Telegram and #Durov are once again in the media, so I translated my May piece about the service to English:
Telegram is neither "secure" nor "encrypted"
https://rys.io/en/171.html
Calling Telegram "secure" or "encrypted" is misleading, and is journalistic malpractice.
Telegram itself seems to mislead about it on purpose.
Telegram's encryption protocol is suspicious and transmits cleartext device identifiers with every message.
They have been called out for it many times, and refuse to change.
Despite the claims that #Telegram never shares any data or metadata, there are relatively clear cases of them having shared metadata with an Indian court and German law enforcement.
There are strong indications, as reported by Wired, they might have shared message contents with the Russian government, targeting activists in Russia.
By default, Telegram chats do not use end-to-end encrypted mode aka "Secret Chats". End-to-end encryption is also completely unavailable for groups and channels.
@rysiek they are routinely reported as secure/encrypted when they are in the news - I saw several stories repeating this with the news of the arrest in France.
@simonboggis that's precisely why I translated my piece to English.
@rysiek @simonboggis AFAIK #Durov got arrested because #Germany #MLAT'ed #France for #NetzDG violations and he refused to integrate #Govware #Backdoors in compliance with French Law, which is rather a case if #incompetence by #LEA|s than actual #security.
@kkarhan it's worse than HTTPS, MTProto broadcasts cleartext a device identifier.
@rysiek @simonboggis so it's worse than the shittiest #OMEMO implementation...
Yeah, it is weird how articles about Telegram in mainstream press try to paint it as some kind of trusted privacy service.
Has Telegram PR department been briefing press in this way?
@FediThing @simonboggis yes. Media is basically parroting Telegram's marketing language without giving it a second thought.
@rysiek @FediThing @simonboggis Plus they have a cult of toxic fans who "correct" anyone who tries to set the record straight...
@dalias
*State sponsored* toxic fans (assets) on both sides of the Ukraine war
@rysiek @FediThing @simonboggis
@kkarhan @rysiek @FediThing @simonboggis That hasn't been my experience. Signal users who like it also complain about the phone number thing all the time and want it fixed. Rather than lying that it has security properties it doesn't.
@dalias @rysiek @FediThing @simonboggis OFC, the comparison isn't fair towards @signalapp , abeit their #Shitcoin #Scam called #MobileCoin and "selected availability" of it disqualifies them too.
@dalias @kkarhan @rysiek @FediThing @simonboggis I can conccur. I like signal but I will openly say there's improvements to be made.
And I wouldn't be surprised if something else takes it's place at some point.
I mean there's even a fork of their client called Molly that provides more features.
There's session, there's Briar, ...
But I like signal, I hope they improve. The username is a nice step in the right direction.
Possibly quite telling that the Russian government condemned the arrest so strongly.
@FediThing and so immediately. Yes. I find it very interesting.
@rysiek @FediThing
...with Durov supposedly being almost on the run from russia itself.
Do the French have more on him?
@richlv or maybe he is eager not to fall into Kremlin's hands. Who knows?
@rysiek @richlv On Sky News UK today:
“Vladmir Putin took steps to shut down Telegram when it first appeared in Russia...”
“But in 2018 the Kremlin suddenly ended its pursuit of Telegram, where it is now one of Russia's most popular social media apps - even with the Russian military. A leading Russian pro-war blogger joked after Durov's arrest: "De-facto they detained the head of communications for the Russian Army".”
“A rival encrypted messaging app Signal, whose servers, unlike many of Telegram's are not hosted in Russia, was recently banned there.”
@FediThing @richlv yeah. The whole thing is sus a.f.
@FediThing @rysiek @richlv Telegram always seemed suss.
@rysiek@mstdn.social
I usually consider Telegram a social network (the big group and channel things) instead of "secure messenger".
Unfortunately those who use it as social network also tends to use it to chat privately, that's when things become worse