After Delhi High Court ruling, Telegram discloses personal details of users
livelaw.inDon't use messengers that ask for your phone number and aren't end-to-end encrypted.
Use services that store as little data as possible.
If data is stored, it can be given away and I would assume that it will be given away.
Telegram disguises itself as encrypted chat app, when it is actually just a regular centralized plaintext messenger that has an encryption feature that nobody uses.
While Signal does require a phone number to register, they only know your phone number, your date of registration and the date of your phones last connection to signal's servers. Anyone requesting your information from them needs to provide your phone number, so any info they can get is account creation date and date of last connection.
Signal shouldn't ask for phone numbers. I don't give a shit what the justification is.
If you want an anonymous messenger, Signal is not the product for you. If you want a secure messenger that doesn't (and can't) collect any data on your communication, and at the same time (due to the lack of anonymity) prevents spam, then Signal is the messenger for you.
Agree
Disagree
what's up with constraints in general? Why are some things a requirement for other things? let's abolish this.
What about metadata? you can track based on metadata don't have to know the content inside the messages.
Phone number is enough to find who is behind it in most cases.
Yes, Signal is not an anonymous messenger and it is not meant to be. It's a SECURE messenger, that will not reveal metadata or message contents. It DOES reveal who you are, which is intentional and important to prevent spam. Without that feature, Signal would be significantly less useful for me.
Signal is more privacy than anonymous.
There is no difference.
> Telegram disguises itself as encrypted chat app
No. It doesn't. This sentiment is pretty much confined to HN and seems to stem from the whole Moxie non-sense from years ago.
Telegram is a so much more than a messenger. It competes with WeChat, not Signal. It has an incredible API, bots, payments, apps/games, and is host to Onlyfans / Discord-like social groups.
It's time to stop parroting this idea that Telegram is some kind of secure messenger. Yes, it has secret chats, but that is not Telegram's defining feature.
On telegram.org under "Why Telegram" it says:
According to Telegram's own priorization, privacy is its second most defining feature after simplicity.* Simple * _Private_ * Synced * Fast * Powerful * Open * Secure * Social * ExpressiveIt is not by accident that people think that Telegram is focussed on privacy.
> According to Telegram's own priorization,
If you're going to be that puerile then... I had to scroll past their list of available clients and their recent news section to get to this "Why Telegram" section that first mentions the word "private". So clearly, that far down the page, its not a priority.
Back in reality: The word "private" can mean anything. Every app and website that uses https claims to have privacy and security. If you bother to read their FAQ (which is always at the top of the page and, according to your logic, must be very important), there is a detailed explanation of exactly what is and isn't encrypted.
https://telegram.org/faq#security
I can already hear you typing, "but the average person doesn't read FAQs!" Well, the average person doesn't know or care about e2ee either. And the average person doesn't think Telegram is any more or less private than Facebook Messenger, WhatsApp, Twitter DMs, SMS, or email. The average person just doesn't think about privacy in this way.
What does "Why Telegram" describe if not their mission?
If you go to GMail's landing page the first word you see is the word "Secure". There's a picture of a lock and shield. It says "Email that's secure, private..." Therefore, if I use Gmail all my email must be e2ee!
What does "heavily encrypted" even mean?
yes. yes yes. yes. yes
100%. the same reason i avoid whatsapp and signal like the plague. "mobile number" is in itself a big identifier when you are living in a place where you have o do mandatory KYC so that the government knows which each mobile number is linked to the actual human being.
i dont care signal doesnt hold any messages. the government can ask for my number and they can use the xkcd spanner method to do the rest. the point is to AVOID PII in the first place, matrix does this wonderfully. no need for mobile number or email number or your real name.
living in an actual police state, i can attest to how important that is, americans/europeans can hardly imagine.
So what exactly is your threat model here that signal doesn't counter? They need to know your phone number before asking signal about it.
Not the OP but I would guess that there is a large group chat of people talking about something the government doesn't like. The government manages to get their hands on one phone from the group, and then they automatically have all the other phone numbers too.
https://thenextweb.com/news/kashmirs-police-want-people-to-r...
exact same thing. you register your whatsapp group meaning you either get a mole as a member to keep track of the activities or you are made to (unverified) install pegasus style malware on your phone so that the admins can be tracked.
this is exactly https://kashmirlife.net/sleuths-silently-listen-to-clubhouse...
so its not like i am just making this shit up.
remember, clubhouse makes you sign up using the phone so there you go. Now, if the numbers werent there, it would still be possible but not as low effort
In much of the world, for the government at least, that is a given: you can't get a phone number without presenting legal ID, and the issuer of the phone number is required by law to maintain this association. This is true in much of Europe, for example.
So what exactly do you think will happen? The government tells signal "We know that simiones phone number is +1 12345678, give us his registration date!"?
I don't get your threat model.
As far as I know burner phones are still available in the US.
> i dont care signal doesnt hold any messages. the government can ask for my number
Whose number? How are the government going to "ask for your number" ? Signal doesn't hold any data that would let them answer that query if they wanted to.
You realize, with a phone number, all payment details for the SIM can be accessed?
And that from the SIM, you get IMEI, which can be cross ref'd with telecom logs to get geolocation?
Phone numbers are basically a glorified UUID. Also, in most jurisdictions it is required by law that telcos have tight integration with Law Enforcement, and even with the U.S., any type of investigation will start with a pull for the individual's phone number from whereever, cross ref that with SIM financial payment info, cross ref'd with bank accounts/credit card activity for purchase activity. Then cross-ref with Driver's license/civic/court records?
By DEFAULT. Third party doctrine. It ain't protected by the Fourth Amendment. In less zealous states, forget about principled restraint. The phone number is effectively your citizen Id.
When people like me start raising hell about the dangers of UUID primitives, this is what we're trying to protect you from.
No one can be trusted with the view created by the aggregation and cross-reference of this type of info. Every government/legislature/population will eventually "think of the children/criminals" their way to it anyway though, while law enforcement jumps up and down with glee at how complete a picture they can get through their fusion centers. Then it's just a matter of how long it takes for an autocrat to insert themselves into a place of power until the technological marvel that empowers law enforcement to "ensnare the bad guys", has "bad guys" surreptitiously crossed out and replaced with some signifier for a set of people that contains you.
If you don't think that happens, you ain't been paying enough attention. If you wonder why that hasn't been an issue before, it was because part of what puts a check on LE was the burden of physically referencing and cross-ref'ing data, which would put a fundamental cap on the ability for any abuse of power to materialize.
We're losing that check. Quickly.
> You realize, with a phone number, all payment details for the SIM can be accessed?
Sure. But which phone number?
>Whose number? How are the government going to "ask for your number" ? Signal doesn't hold any data that would let them answer that query if they wanted to.
does signal keep your mobile number? just that? not asking about metadata or actual message data, just number associated to an account?
Yes. The government can indeed ask, "Hey, what phone number is 1-555-123-4567 ?" and Signal can tell them it is "1-555-123-4567".
Or, instead of spending $$$ on lawyers to make Signal tell you the answer to obvious questions, which US government agencies have done several times - I reckon I'd do it for $10 per time, minimum order 1000 stupid questions.
I can do other stupid questions, wondering which Telegram user is "@foobar" ? I can tell you it's "@foobar" and for just $10. Now, Telegram can tell you a lot more about this user of theirs, so you might want to get the court to make them do that, but Signal don't know anything about their users so maybe my $10 service is more "useful" for Signal? I guess it really depends what you think the word "useful" means.
https://www.reuters.com/world/india/india-forced-twitter-put...
what are you on about. how could a company compel a government to "pay" them when they can just force them to have a mole on payroll?
You seem to have completely missed the point. Signal doesn't know anything useful for such purposes. A mole, a court order, it doesn't matter.
So I’m this threat model the government knows your phone number, suspects you’ve been communicating with others, and beats a confession out of you… Why is the phone number being used in a chat app significant?
They can still beat you with a wrench to divulge your information even if it’s on Matrix or even pen and paper.
>They can still beat you with a wrench to divulge your information even if it’s on Matrix or even pen and paper.
this does not scale as easily. sure if you are an actual target, your goose is probably cooked anyway but what about the masses? i am just saying, what we call "mass surveilance" and wrench beating dont go hand in hand. mobile number helps them in mass surveilance which can give them more leads.
if that limb is removed, they can still do it but it is a bit harder so the hope is they will focus their time on only serious cases as opposed to everyone willy nilly because it is just so easy
because in a civilized country you won't get beaten, but your phone number can be used to verify that you do have an account on a service which you can then be forced to reveal the contents off.
I prefer privacy over anonymity, which is what Signal does best.
Only Signal leaves your message on their servers totally encrypted at-rest whose keys stays at your phone. No court order can ever hope to compel Signal what was said. The court will instead need one of the parties' phone for that, if it hasn't expire-deleted yet and doesn't have 9-alphanumeric characters or longer password length.
That cannot be said true of Telegram, WhatsApp, WeChat (that I've reversed engineered).
>>americans/europeans can hardly imagine.
Americans and Europeans have the desire to learn this lesson the hard way. They lack the wisdom to learn from others and instead believe their governments are the noble governments that would never violate their rights for power.
Traditionally Americans are quite suspicious of their government. The battles over 1st Amendment free speech and 2nd Amendment gun rights, among many, are a testament that the sentiment is still widely held.
Notably Democrats and their zeal to oppress those who believe in their freedom of speech. (See Twitter saga and US government's lack of control over media of commoners, aka digital public square)
Only China does it better ... the oppression, of speech, that is, as evidence by a video of CCP police roaming subway trains, reading every subway commuters' cellphone for social media content. As if CPP's ability to monitor centralized servers isn't cutting it anymore.
https://mobile.twitter.com/caro4ontario/status/1597588741371...
>>Traditionally Americans
Traditional Americans are few and far between these days. Decades of "liberal" education pushing a rose colored view of strong central governments have changed the American Culture this is why you see younger voters increasingly looking to government not community to solve their problems.
Well, only republicans.
Each party picks something it seems. Republicans can’t seem to be bothered with the 4th amendment and Democrats seem to support it. At least at local levels. At the federal level nobody seems to care.
Both parties largely see the constitution as something they need to get around, and have largely (with full support of the courts) inverted the meaning of the constitution to be not a limit on government power, but a limit on individual rights
In your example where Democrats support the 4th amendment, what except if a random person says you are armed then the 4th goes out the window, except if you are deemed to be rich then the 4th goes out the window, except if you have the "Wrong" opinions then the 4th goes out the windows
Democrats like Republicans only support the 4th, and every other amendment to the point where it supports their narrative and desire for power, the second the constitution is deemed to stand in the way of their power well it is document that should be ignored "for the greater good"
Unless you're thinking of getting an abortion.
I know, right? I heard Americans are born without half of their brain.
I know denial of biology is the rage these days, but Humans are born with very limited brain capacity and develop it over time as they age, maxing out about 25 years of age or so.
One of the reasons why Democrats want 16-year-olds to vote, because only people with limited brain development would support most of their policies ;)
Europeans especially. In my experience, they are extremely ignorant in this regard to the point of child-like naivety, but let them learn the hard way. It's truly the best way to learn after all.
Problem with matrix is ip address. Even with VPN, fingerprinting your messages is a issue. You can't delete your messages, whose copies maybe stored in multiple servers.
Sure, but couldn't you just use a disposable number? (Assuming you live in a place where you can buy SIM cards without showing a personal ID, which is most countries.)
That's a minor inconvenience compared to not being able to communicate with most people who use these mainstream networks.
I'm more worried about the lack of encryption and trustworthiness aspect of them than giving away a phone number.
Most countries require SIM card registration nowadays.
https://www.phonetravelwiz.com/phone-travel-options/sim-card...
> Of the 245 countries/territories with territory-bound mobile operators, 185 countries have SIM card registration laws. 13 will collect biometrics (fingerprints, but some will take a face scan too). 51 countries have no registration requirements.
Which by itself is questionable.
A lot of people talk down on the UK invading privacy, but interestingly we don't require it!
Hmm I didn't think it would be that many. I'm sure there might be workarounds, like ordering online or buying from vending machines at airports, etc., but yeah, it's certainly not as convenient as before.
The problem isn't buying the SIM card, the problem is activating it.
> Assuming you live in a place where you can buy SIM cards without showing a personal ID, which is most countries
I had understood that the majority of countries now required SIM card registration. Plenty of EU member states do (at least Belgium, Austria, Italy, Germany...), so it's not just the usual suspects(!)
The are no disposable numbers in many countries anymore. On the top of that you are just generating even more signal than using a single number.
People have to understand that meta-data about you is almost as important as data.
For example just the fact that your phone has signal or telegram installed is meta-data that helps to identify you. They do not need to know your name.
And for bonus:
https://www.justsecurity.org/10311/michael-hayden-kill-peopl...
you can't get disposable (anonymous) mobile numbers in india. >I'm more worried about the lack of encryption and trustworthiness aspect of them than giving away a phone number.
you can use your own encryption on top of a cleartext model if that is a problem
This is silly. You adopt practice based on your threat model. Threat models presuming the government can just torture information out of you also mean that any system will give you away - you're either completely anonymous or not, but if you use a messenger of any kind from your home internet IP address, then they'll come pick you up.
Telecom companies have full records of who had what IP, for what duration and when as does your ISP. If a phone number will get you pinched (based on no decryptable data) then so will anything else.
Exactly. You need to manage to be indistinguishable from p50 users if you are serious about anonymity. This is much more difficult than using strong encryption and matrix instead of signal.
Very much this. Which creates all sorts of weird problems, like very act of using an unusual messaging or encryption scheme is likely to finger you.
Signal is partly an attempt to normalise a service with strong encryption to provide a crowd it's easier to hide in.
>Signal is partly an attempt to normalise a service with strong encryption to provide a crowd it's easier to hide in.
i am saying remove the mobile requirement and signal is perfect. not until then.
people regularly use VPNs and today,in 2022, that is no longer a fringe action. NORMAL people now use VPNs to bypass geo restrictions.
signal to noise ratio of people using VPNs removes the linking user device to an account to a good extent.
now, in the existing model, whatever method you use, your number is STILL a PII, in whatsapp or signal or whatever.
>then so will anything else.
100% agree but you whatever counter measures you take, your number is still available in whatsapp/signal so there is NO way to prevent that. IF these two did not have the number, then that would indeed be better but not until then
I’m not sure what the threat is that the phone number opens you up to.
That a government will scan all domestic phone numbers against a Signal API to identify a list of users who, at one time, installed Signal and use that list to target you? They can do the same with IP addresses of people using VPNs as well. Something is tied to you regardless.
You’re right that the Signal would allow this by phone number or IP, so it’s an additional angle at the same threat.
TLDR don't use Telegram and Signal as some "alternatives"
Use Matrix clients (Element, Fluffy chat) or Session, Briar (no (video)calls), Delta (no (video)calls), Jami, not recommending Threema because they can tie you through payment and it's centralized
Here simple chart to see what to use and not use (use translate feature):
With those other clients you mention, one of the reasons your communications will remain secure is that --because so few people use them-- you'll struggle to find anyone to message, in the first place.>Use Matrix clients (Element, Fluffy chat) or Session, Briar...Sure, but in that case you can just go with Whatsapp and Facebook Messenger with WA being at least E2E by default, no point even trying some "alternatives" as Signal or Telegram under pretense of security.
With Telegram I can see at least appeal in using it as news source, chat room or for bots, but what offers Signal besides hype about The Current Thing?
Signal uses centralized server with closed source (they hidden code for one year until they finally gave up when users nagged them, nobody knows what they did during that year), Signal requires your phone number, Signal doesn't allow third party apps officially and tried to push some shady crypto, I mean how many red flags you need to avoid such POS app?
I use Telegram as a less 'facebooky' alternative to WhatsApp. Most of my friends and all my family are on it and, as a convenient messenger, it has a lot going for it; fast, 100% reliable sync across all my devices, generous file transfers, ability to quickly ping someone your location, ability to set up and subscribe to channels, etc. etc.>With Telegram I can see at least appeal in using it as news source, chat room or for bots, but what offers Signal besides hype about The Current Thing?...It also has some infuriatingly shite 'features' such as the fact that one party in a conversation can delete messages from the other party's device and [as is oft-mentioned] the fact that comms are not E2E encrypted by default. But, on the whole, I reckon it's the best all-round messenger app out there. Just so long as you're not under any illusion that your comms are in any way secure.
With the amount of fake news being pushed through Telegram groups that are public, Telegram is by far more Facebooky than WhatsApp. Ukrainian war disinformation and crypto scams being a good example of Facebookiness on Telegram.
Fair point. But at least, on Telegram, you have to actively seek out such channels to join and they don't otherwise impinge on your use of the service. It's not like other social media outlets where there's a central site which endlessly shoves crap you don't want to see in your face, every time you visit.
And yes, I know that, strictly speaking 'Telegram != social media'. But, with Telegram Channels, it does kind of cross over into the 'Discordy' end of social media.
I think you are underestimating exponential growth:
I think you are overestimating. I know more Jabber users than Matrix. And the overlap with people I’m in actual contact with, as opposed to people I used to study C.Sc. with, is 0 for both.
Matrix might become the best option, but as of now I seem to recall it having some rather serious issues, ranging from not handling metadata well to malicious homeservers possibly breaking the encryption of users on other homeservers
I might be misremembering though
Matrix is not secure, Fluffy chat even less so than Element (but client is irrelevant it's still insecure)
Threema can be paid with burner Bitcoin. So I would say that Threema is fairly secure.
Good luck buying bitcoin with cash. I mean it is possible, but hardly anyone does it, thus you can't really anonymously pay for Threema, you have to jump through way too many hoops to use Threema compared to other apps, which is why it's difficult to recommend it.
Signal is the most secure messaging app out there.
It is not. Session and Matrix alone use the same protocol Signal uses without needing your phone number or google play services.
I run Signal just fine without Google Play Services. I am using e/OS which doesn't have it bundled.
I disabled it, it complained a lot and images/media wouldn't load.
Install the alternative APK that doesn’t use Play Services. https://signal.org/android/apk/
I believe I installed that but what I need is probably microg like the sibling comment suggests.
e/OS comes with MicroG as replacement.
You might want to read up on how Matrix works and what the spec says.
(I won’t comment on Session, I’m not familiar with the finer details there.)
I don't use it these days but please enlighten me or show me the specific section you are talking about. Specifically, I was referring to libolm.
This is a starting point: https://nebuchadnezzar-megolm.github.io/
Looks like they were addressed: https://matrix.org/blog/category/security
Glad it had nothing to do with libolm itself but how it is used/not-used. I thought they had 3rd party audits for this.
Signal requires a phone number which is linked to identity and precise location.
> which is linked to identity and precise location
I live in a country with strict KYC on phone numbers - my signal account uses a phone number from a different country in the world, not associated with any person in a country I have never been to and activated in a very odd location once only before being destroyed.
If you actually care about security / privacy to the extent of hiding from state actors then it is trivial to do. If you are cosplaying as a privacy enthusiast, then different matter and we can all bang on about open-source, audits, 14 eyes, tor, monero.
> activated in a very odd location once only before being destroyed.
Phone numbers are recycled so eventually it will become someone else's phone number unless you continue paying for it.
I hope you bought your phone with cash in that case, since even without providing phone number it's easily indentifiable in network back to you even without SIM card through IMEI when registering to network.
True. That does not affect the message integrity and message confidentiality though.
So let me ask you this: What’s your threat model? Does your threat model require you to hide your location from the Five Eyes?
In my opinion "secure messenger" should protect from any actor. If we start making exceptions then it cannot be called secure anymore.
Signal requires extra information that is not necessary for exchanging messages. That is at least suspicious. If you are fine with giving away your number you can just use WhatsApp or Telegram.
“If you are fine with giving away your number you can just use WhatsApp or Telegram.”
Those projects do not have the same high standards as Signal has. Especially not Telegram. I use Whatsapp for convenience/social reasons, but I definitely prefer Signal for the additional security. Telegram I don’t use at all.
I don’t believe it’s reasonable to throw out the baby with bath water, just because Signal requires a phone number for registration.
Protection from “any actor” would of course be nice – but do you really believe that threat model is reasonable?
Would using Session, Matrix or OMEMO protect against any actor whatsoever?
If we want to base our discussion in reality, I do believe we need to talk about threat models in more detail than “I want protection from any threat actor”.
Let’s take an example:
If I send a message to a friend I don’t want any script kiddies, ISP, cloud provider or advertising agency to be able to read it. I don’t want any passive eavesdropper to be able to read it e.g. by slurping up all traffic from my nearest IXP (i.e. dragnet surveillance). However, if Five Eyes/Mossad/MUST/FSB really wanted some intel on me, they would probably be able to retrieve it if they were willing to spend some resources. But probably not by decrypting my Signal messages. There would be other, far cheaper ways to retreive the info.
Your phone number and messages can easily be leaked if there is a vulnerability in your smartphone OS or Signal app. However if you use a messenger not requiring a phone number, then attacker gets only the messages.
Also as I understand you have to give your number to your contacts to be able to chat with them. For comparison, Telegram allows adding contacts without sharing a phone number. So in Signal all contacts know your real identity and your location.
I’m not convinced about the reasonability of this threat model where leaking messages is fine but leaking the telephone number means game over.
However, I do understand that sharing one’s phone number is problematic for some users.
With that said: Until Signal implements user names in their system, please note that the user is not required to sign up for Signal with their primary telephone number. One could use Google Voice or a prepaid SIM card for example.
as i said, the MOBILE NUMBER IS A PII and the government needs just that bit to extract you from your home and subject you to anything they deem necessary in order to silence you. this is not a fairy tale i am larping about. "sealed sender" or whatever BS tech you throw at the wall doesnt make you secure. if your number can be found out, your goose is cooked.
Feel free to explain your threat model.
We are quite many where the threat model does not depend on hiding our phone number from the government.
yeah.... let me present some material
https://gulfnews.com/world/asia/india/kashmir-lockdown-arres...
https://thenextweb.com/news/kashmirs-police-want-people-to-r... >Kashmir’s police want people to ‘register’ their WhatsApp groups
https://www.dailyexcelsior.com/police-crackdown-keypad-jehad... >Police crackdown on ‘keypad jehadis’
https://kashmirobserver.net/2022/01/11/jk-police-launches-cr... >J&K Police Launches Crackdown On People ‘Misusing’ Social Media
"misuing" means writing material that is critical to the ruling party.
https://www.greaterkashmir.com/chenab-valley/authorities-in-... here, the police simply take your name/number and pick you up from the street. open and shut case in an hour.
Why should whatsapp/facebook/twitter help them? 1. they have business interests in india and they NEED to please the government if they want to survive in india so there are no court orders or anything needed. the police have carte blanche to demand any information and for them, name/number is good enough because the data is available with them.
an example from my own home. A family member was active on twitter last year and would get into "twitter debates" and that nonsense. they would use their own name because of the websites ask for "firstname/last name" and normally people don't care about that. anyway, during one such online fight, a random opponent apparently told them "you wont listen to me so i will have police explain it to you" or something to that end. 3 days later the police comes home "enquiring" about them. we had a hard time "explaining" the situation and some money exchanged hands after which we were off the hook. "never again they said, later"...
afterwards, i did a checkup of their account and they had 2FA activated on their number which i strongly suspect was passed on to the police. again, no "evidence" but my own anecdata.
>Feel free to explain your threat model.
i am "living" this threat model so the techniques used in iran for example used by dissidents or anti-government protestors or in china by anti-ccp protestors for example, i am going through that myself and PII in any form is dangerous.
sure, lets say i don't use my real name in twitter or use 2fa and twitter gives my "ip address" or something. they would have to corelate that information with a separate demand with ISP.... not low hanging fruit as much. mobile numbers, well they have dumps and mobile numbers dont change hands a lot.
OTOH, if i use my selfhosted matrix for example, the provider, some random DMCA ignore ones would laugh at them. even if they asked for payment, i pay from crypto so what will they get? and its not like the webmaster of my own server(read me) would not give any details to any demand from even PM of india so short of blocking my server IP,what can they do?
The only threat that comes from Signal using phone numbers is that if the police arrests someone you are communicating with, and police somehow unlocks their phone (https://xkcd.com/538/), then they can see what you and them wrote as well as your phone number and therefore know who you are. I agree that in some situations, for example anti-government activists, journalists communicating with whistleblowers or criminals, this is bad. For these situations, Signal is not the solution.
ROFL
Signal uses centralized server with closed source (they hidden code for one year until they finally gave up when users nagged them, nobody knows what they did during that year), Signal requires your phone number, Signal doesn't allow third party apps officially and tried to push some shady crypto, I mean how many red flags you need to avoid such POS app?
The Signal client has always been open source: you can inspect precisely what the client is sending to the server (if you trust the source). If you're not sending undesirable information from the client to the server, no amount of closed source-ness of the server is going to get that from you.
Signal has always been transparent about what information get sent to the server: https://signal.org/blog/private-contact-discovery/
Even if some adversary is doing some kind of correlation to glean metadata from your traffic, they are definitely doing the table stakes here to preserve privacy and not just send your information off willy-nilly.
yes, we can transparently see that it is a failure of a solution due to having our phone number and check this out: Signal's application isn't the only participant in Signal's application we don't want having that
speaking of dense exotic matter https://en.wikipedia.org/wiki/White_dwarf
Backdoors are funny that way, sometimes the client operates correctly but a weakness in implementation can be abused by the server. Not that i know or think this is happening but they do insist on that phone number at all costs which these days is more identifying than a finger print which allows targeted exploitation if the server facilitating connectivity was hostile for whatever reason.
“Signal doesn't allow third party apps officially”
Feel free to explain how that affects message integrity/message confidentiality in a negative way.
This.
As Signal is on a centralized Google Cloud instance, it can easily be shut down by the providers and that is that.
> nobody knows what they did during that year).
They (and Moxie) were too busy shoving their private cryptocurrency scam project in Signal to later get as many users using it as possible to then pump and dump the coins on exchanges.
Signal is a complete joke.
The fact that it can be shut down easily has nothing to do with how secure it is. I too dislike the fact that it is centralized, and the cryptocurrency thing, but from this to say that Signal is "complete joke" - it's not just a long way, it's non-sense.
deltachat now integrates nicely with jitsi and similar solutions to provide a video chat feature
Which ones don't ask for a phone number?
Jabber/XMPP, Matrix are the obvious answers.
I'll get my mum right onto it
In all fairness, I got my entire non-technical family onto xmpp/jabber with Snikket (which is a highly opinionated packaging of existing xmpp server and clients with minor tweaks). They scan a QR code to download the app and join the server. It is e2ee out of the box and the experience is quite comfortable and seamless, even for a non-technical person.
Can they use it to chat with classmates from high school? Given my parents generation (Boomer, born 1948), they're mostly all on Facebook, so they either use Facebook groups+Messenger, SMS, or email (yikes!). Family chat is just on a giant SMS chain, which admittedly is awkward as there are several "sub-chains" with some people removed.
Or is my family just weird in their chat preferences?
My folks are in the same age group and don't care for FB. Not sure that is representative of boomers as a whole, but the family generally likes the idea of communicating on a private, secure chat system.
In my experience, elder folks prefer familiarity and convenience above all else. My parents were born in the '50s and hate to relearn their phones.
There are varying degrees of “non-technical”, and you lost most of my family at “scan a QR code”
I know it's an anecdote, and I'm the founder of the Snikket project, but I rolled out an early version to 10+ family members during lockdown. The majority of them were remote and ages from <5 to >80. I emailed them the invitation link, and that was about it. They all managed to sign up with no issues.
Scanning a QR isn't actually necessary. That flow exists for when you open the invitation on e.g. a desktop or laptop, and you actually want to set up Snikket on your phone/tablet. The invitation page guides you through you what to do in that case, you don't need to know what a "QR code" is. But most people just open the invitation directly on their phone, and it has a magic link to install the app.
In some ways it's easier, because you don't need to go through the SMS verification and stuff that the phone-number-based platforms require. I know various APIs and hacks have made that flow easier over the years, but it's still an extra step for non-technical people to get lost in. It's also an obstacle for people who want to use a tablet, such as my children who are too young for phones.
In any case, I'd encourage people to be less defeatist about the adoption of more open alternatives (intended or not, that's how I read your comment). It is possible... my own family average no more or less technical than any other. They manage to use WhatsApp without help, and they manage to use Snikket without help. And of course I'm not the only person using it successfully.
My mother has no idea how to check her email and doesn't use it. She also doesn't know how to text. Or check voicemail. It's just another point of anecdata, but this is my bar for "non-technical."
I too have struggled to establish private communications with nontechnical folks.
I think the best bet would be to create a device with the sole functionality of establishing an encrypted voice line to you. Essentially, a plastic brick with an on button, speaker and microphone. No screen, no UI, just on/off. Like a walkie-talkie, but for infinite distances.
I don't know how it would have gone remotely, but no issue in-person. I opened an invite QR on my device, asked parent to open camera, and point it at code. They get the gist that the app name is Snikket, they get notifications of messages and calls, and the layout and icons are pretty similar to every other messaging app. I am going to attempt it with an in-law who only just stepped into the smartphone era this month, has no familiarity with a smartphone interface, and is the least technical person I know.
I thought this was a skill that most people had now that most restaurants only give QR codes for menus?
My dad finally retired his 2008 flip phone last year, but before that a QR code would have been no help to him. I visited them recently, and not a single restaurant (business at all) had QR codes in their town.
Probably depends on where you are, I’ve only seen that option once or twice, and that was in addition to a proper menu.
I've only seen QR code menus in big cities and the southwest U.S.
There is no technical barriers that can not be overcome to allow the use of XMPP by normal non-technical users. GChat for years was XMPP until google got a market share they desired and choose to take their users off an open protocol in favor of their own one (which they then killed a few years later )
Technical barriers are not usually how non-technical people choose technology - it's usually based on things like UX and how many of their friends already using the service.
I got my entire immediate family on Matrix without too much difficulty. The only big issue happened when my mom got a new iPhone and it cloned the old Element install from her old iPhone, causing two devices to have the same set of identity keys and we had to reset them.
Your ISP and mobile provider still know :) your gadgets have registered IDs in the hardware.
Every mechanical thing we come up has a decode-able sequence.
DIY filter bubbles each of a unique configuration, decoupled from someone else’s monolith is the only way to be sure.
It’s reverse Highlander; there cannot be only one. It’s fine, we were never all going to get along anyway.
> DIY filter bubbles each of a unique configuration
Wdym, can you please explain? Decoupling is the only way to be sure of what?
I add IRC to the Mix
IRC is not end‐to‐end encrypted.
In theory you can use OTR[1] but I've yet to see an easy way to use this from a phone.
I remember IRC very fondly, but I feel it has a lot of baggage that makes it difficult to bring into the modern era.
This blog post (not mine) explains it quite well: https://jlu5.com/blog/im-tired-of-irc-heres-why
OTR doesn't do groups. So it isn't really applicable to IRC. At this point, I am not really sure that end to end encryption is generally applicable to groups. The identity management problem quickly spirals out of control. I note that Telegram doesn't even try. I think the best that can be done is a scheme that makes everyone entirely trust the moderator of the group.
>At this point, I am not really sure that end to end encryption is generally applicable to groups.
You encrypt the message with all the public key's from persons in the group, what's the problem? You do it the same way with Mail...aka pgp.
You don't need OTR just plain old gnupg:
Each participant needs to verify each and every other participant. So for 2 participants that's 2 verifications. For 3 participants that is 9 verifications. For 4 it's 16. The square of the number of participants. With just 30 participants that works out to 900 verifications ... and who actually knows 30 people on the internet? Even if you could do the verification in a technical sense it wouldn't mean anything.
If you get a whole bunch of people together in real life for a meeting then chances are one or more of them is going to leak what happened. The problem is to a great extent inherent.
Man you never hear of a trust-chain? How do you think end to end encryption works otherwise?
And no you don't need to verify each other keys, since every one has his public key you obliviously trust, you just try to make an excuse for not knowing how e2e works.
You could use a secure encrypted IRC-like protocol like Pest[0], though.
[0]: https://pestnet.io
Comes up with a privacy error atm. Guess their server got bit hard by HN?
Cached copy here: https://web.archive.org/web/20220915015328/https://pestnet.i...
Reminds me a bit of SILC: http://www.silcnet.org/
Still going to struggle with UX on a phone though...
neither is XMPP by default
This one looks interesting: https://simplex.chat/
"Session": it's a Signal fork which uses Tor
It's a Signal fork that uses Oxen, a Tor fork. It also changes a lot under the hood with regards to encryption, and I'm not smart enough to know if the changes are good or bad.
There's not a truly solid secure anonymous implementation that I've found.
Matrix (with the Element client), Wire and Threema are a few options that don't require phone numbers, offer end-to-end encryption and have mobile clients. IIRC, the chats also sync across devices (with some duration limits measured in weeks) on all these platforms.
Threema
Threema doesn't require a phone number.
Yes, but afaik Threema also doesn't have publicly discoverable channels, which is the feature that was used here.
Sooo, not really an alternative (at least for the user whose data got subpoena'd).
End-to-end encryption doesn't protect you from this, since any recipient can report illegal material to the authorities and trigger an investigation of the sender.
I’m that case, literally nothing will protect you from this. Any recipient can put anyone in any conversation.
There can be TOR-like systems that with an ideal implementation make it impossible to obtain any metadata about the sender.
Agreed, ideally you have both, e2ee and no linked phone number.
> Telegram disguises itself as encrypted chat app
Where does it do this?
LOL! Yeah, but your at-rest message remains UNENCRYPTED on Telegram's servers.
They are referring to in-transit message over Internet as virtually indecipherable: Nothing a court warrant can't get directly from their servers.
But they are encrypted. I think you're looking for e2ee, which it advertises only for Secret Chats.
Transport encryption does not make it private. Optional e2ee is as good as no e2ee. And they rolled their own crypto... For some reason my non-technical friends still would be very surprised to learn that Whatsapp is more private than Telegram.
I don't think you understand how Telegram encrypts its chats. MTProto is also used to encrypt Cloud Chats at rest. It's not just transport. Cloud Chats are not e2ee because the keys are held by Telegram.
Moxie also "rolled his own crypto". "Rolling your own crypto" is typically used disparagingly by those who claim moral or intellectual superiority over the competition. The Signal Protocol was rolled by someone, yes? The version of MTProto that had vulnerabilities discovered was deprecated many years ago.
> the keys are held by Telegram
This is where the privacy promise falls apart. From a user's perspective on-disk encryption makes no difference, because there is no real enhancement of privacy for them. If a third party holds the key, they hold the key. If you put something into the hotel safe, the hotel could still steal it from you. As far as I can tell, most TG users are not aware or do not care, but for those who are not aware, but actually do care, this should be made much more clear.
> Moxie also "rolled his own crypto"
Besides Moxie being a bit dubious himself, the more interesting question is: was there something that was already verified by many people that could have been used instead?
I’m interested to know about what makes Moxie a bit dubious, can you share more information? I have to say I’m slightly fascinated by the character, but it’s true it doesn’t tell anything about why I should trust him.
I have to say that I find him fascinating too, but there are a few things that raise my suspicion, but of course do not convict him of anything:
The way he is attacking this alternative Signal client and rules out interoperability:
https://github.com/LibreSignal/LibreSignal/issues/37#issueco...
Signal was a word before he decided to turn it into a brand.
The signal server source code repo was not updated for a year. Communication intransparent.
https://www.androidpolice.com/2021/04/06/it-looks-like-signa...
I am not even against crypto integration, but I found the choice of MobileCoin odd. Instead of integrating an existing privacy coin or working with the community, he decided to integrate MOB and to be one of their "advisors":
https://techcrunch.com/2018/04/24/mobilecoin-moxie-marlinspi...
I think you are being far too uncharitable and you've simply gotten the facts wrong a number of times, which I've needed to correct you on.
Use another messenger if you like but e2ee encryption is not some moral imperative that must be done. There are always trade-offs. I appreciate Telegram for the purposes I use it for. If I want e2ee, I turn on a Secret Chat.
> I think you are being far too uncharitable
I just think that Telegram tries to position itself as some kind of subversive and secure messenger (successfully so), which it isn't and I find that dubious. I can see that many people prefer it for its user experience, which is fair, but people should not be lured by a false sense of security.
> e2ee encryption is not some moral imperative that must be done.
It is not a moral imperative, but a protection against many evils, that most people probably would benefit from if used consistently. I've got low tolerance for trying to artificially limit e2ee though.
Rolling your own crypto is bad, unless you’re an authority on crypto. Moxy certainly is. Also, Signal Protocol isn’t an encryption algorithm. As far as I know, it still uses AES and Curve25519 for the actual encryption.
That’s exactly why it’s deceptive.
Most people think of “private” as between the conversation parties, not everyone in the conversation, the company, and any government with leverage on them.
Encryption at rest prevents from some intrusion attacks but does absolutely nothing against a warrant if the government has leverage.
It doesn't claim that it's immune to requests from authorities, as far as I can see.
Pavel Durov seems to be proud of never having disclosed user data to authorities and mentions it every time he disses another messenger. Guess he can't do that anymore now.
(Just to clarify: I like Telegram. I just don't like Durov very much and the way he positions Telegram as the superior messenger in every way, even though it obviously isn't when it comes to encryption in particular.)
It is not the first case for Telegram. So, Durov will continue with his show... they claim that Telegram is e2e encrypted, but don't mention that needs to be activated per chat
I'm a little bit sad because I'm sure if they invested some effort into it, they could make all chats e2e encrypted while still allowing sync with their server. They "just" need to figure out a way to safely exchange the private key between devices. I know it's not completely trivial, but if anyone could create a good user experience for this, it's certainly Telegram.
It’s possible and how to do it is public. Signal has encrypted group chats across devices already and is open source.
I'm really late with the reply and it doesn't really matter anyway, but how Signal is doing it is not what I would like to see. It would be less of an issue if you can backup and restore your Signal chats, but as of right now, it's impossible (at least on Apple devices). I use Signal because lots of my friends prefer it, but I don't like that losing my phone would mean losing my complete chat history of all my chats. Maybe I'm not their target audience, but I think Signal is already mainstream enough that chat backups and restores should be a thing.
What I was expecting from Telegram (although it doesn't look like they plan to do this) is synced, E2E encrypted cloud chats. So any new device I add has access to all the previous message history, and is independent of all other devices.
They don't claim this. They claim Cloud Chats are encrypted, which is true and only claim e2ee for Secret Chats, which is also true.
But a court can easily get UNENCRYPTED message while in at-rest stage directly from the hard drive on their server.
Don't worry, you're safe from hackers, deep state, and foreign nation-state from eavesdropping on ya over the net through their awesomely robust and intensely-touted advertised EE2E capability.
> It doesn't claim that it's immune to requests from authorities
I did not claim that.
When I wrote:
> Telegram disguises itself as encrypted chat app
I meant exactly that.
> Telegram disguises itself as encrypted chat app, when it is actually just a regular centralized plaintext messenger that has an encryption feature that nobody uses.
Best description of Telegram that I've seen so far.
I do trust Signal to keep the phone numbers safe with their methodology for doing that, but probably wouldn't anyone else.
So that basically means don't use any messenger.
There are options. Matrix, Session, Threema, Wire...
Wire? Didn't they get bought out by some shady company a few years back?
I used to work at Wire. As far as I know there was no shady buyout, just new investors who were less lax about wanting Wire to actually make money. So they started reorienting at big corporate clients.
The technology itself wasn't changed and Wire was still involved in exciting things like MLS (https://datatracker.ietf.org/doc/draft-ietf-mls-protocol/) when all this was happening (~4 years ago).
No, most. Like Signal for example. Even without security you can't migrate between android and iphone or have multiple devices with the same account. But they have crypto amd stories now lol.
All the hating on Signal but for me it's the best and fits my threat model. I live in the UK and by all accounts I'm pretty unremarkable - I want privacy but not overly worried about anonymity, I also wanted something that I could persuade family and friends to use.
Signal works perfectly in my use case, my friends and family happily switched over to it where when I tried to help my parents set up Matrix it was super verbose and required them to remember long passwords, etc. (of course they shoul dbe using a password manager, but one step at a time!).
Signal is great until your family member's phone breaks, and you have to explain to them that their messages are gone forever. Allow us to choose to enable backups, Signal!
PLease no. If someone compromises one of the contacts in a large chat group's google password or whatnot, they now have the entire message and media history from me to the chat group? This is exactly why iMessage is so useless for security - one compromise on one person's apple ID and all their groups have all their messages compromised going forward.
That works the same for signal as well, if a person's phone is compromised they have all their chat. What are you talking about? Even signal folks repeatedly have iterated they don't protect messages when a device is compromised.
Disappearing messages are what you want here.
I expect it would be easier to compromise a group member's phone than someone's Google account.
I have backups enabled actually. Sure, it's a pain to manage compared to WhatsApp, as you have to manually download it off your phone, but Signal has an option for automatic daily backups.
They are encrypted with a key you have to note down somewhere though, so if you don't prepare for it the messages are, in fact, gone forever.
Your backups are useless if you want to use a different platform they support. You have to use android or iphone for life. And you can't use them on desktop without a mobile app and you can't have multiple sessions and you have to use your phone number. Right... very private.
Manual backups are no backup.
I've restored Signal backups before. It was trivial and fast.
Signal has made the choice that their users will not be people like you or your family. No automatic backups or recovery or migration capability. They also dropped sms support. They are better than telegram for sure. I recommend using an apple device and imessage for the average person who just wants private communication and isn't concerned about targeted nation state attacks and the like. On android, session might be ok but I wouldn't know, for security I don't see what signal has that they don't and you don't need google play services to use them but i have no idea if they are even unfriendlier than signal. There are other apps that use the underlying crypyo signal uses, so it really is a feature comparison.
I regret getting friends and family to use signal.
*after giving them your phone number and everyone you want to message and the entire social graph from anybody with your number stored in their device's contacts list
F, for Failure
> Don't use messengers that ask for your phone number and aren't end-to-end encrypted.
Don't use messengers that ask for your phone number. Period.
I sympathize with the sentiment, but the vast majority of my contacts already use other messaging systems that are identified by phone number such as SMS and WhatsApp—they don’t even use email, at least not for “text messaging”‐like things. In practice I’ve found that Signal has been the most successful privacy‐respecting messenger that my friends communicate with, which I attribute in large part to its policy of populating contacts lists by phone number, as well as its fad‐chasing features like stickers and GIF search.
After they announced removal of SMS I installed Johann's fork after few years (been using it for few years before but gave up with extended family after PIN nag screen fiasco which was last drop) to use it as SMS app only to find out that Signal is still missing such basic features as select multiple threads at same time and Archive or Delete them, you have to do it one by one, reminds of days when users for years requested basic feature to send more than one photo at time. Signal is total UX failure. I use it now just for SMS and didn't promote it to people to contact me, anyway there is basically only one person which I don't have on other messenger anyway.
"Network effects" is an euphemism for "peer pressure".
so you like to run around and force all your contacts onto a new better messenger du jour? Messaging is by definition a social activity, so unless you sever most connections and just message yourself, you do end up using whatsapp, telegram, shit some of my family still uses skype! so all this well-meaning advice "just use..." is ridiculous in practice.
This fragmentation of the communication space is the problem that the new EU regulation for messenger interoperability tries to attack. I agree with this idea and also with the idea to make it mandatory only for platforms above a certain size.
To me it makes sense. We had centuries where people could send a letter from one country to another country, both with their own postal services. Why can't we send a message from iMessage to Whatsapp without installing another company's spyware?
However, I do not agree at all with the EU's plans for Chat Control.
Well said.
Pondering why your refactoring of "Network Effects" has a lot of truth;
The supposed property that the attractive influence of a network is proportional to its size, rather like gravitational agglomeration, turns out to be largely false in practice.
My observation is that people don't join a network because "all their friends" are on it. That's a myth. But they do find it hard to leave because one or two highly weighted friends (family, parents living abroad etc) are on it.
You could probably say "network effects is just marketing" too. I think the idea of "organic growth" is also largely a myth. Massive amounts of marketing hype and billion dollar influence operations herd the masses, and also default settings and bundling. It's hard to avoid Google, Facebook or Twitter when your phone and browser come pre-configured with them.
In English that translates to "Don't use messengers that ask for your phone number and don't use messengers that aren't E2EE" => "Use messengers without phone numbers and with E2EE". So no, I think your weaker condition is not as good. E2EE is a good thing.
How many times does it have to be said - Companies are not immune to court orders, CEOs wont do 10 years hard time so that your phone number or ip address or even unencrypted content isnt handed over in a police investigation in return for $5.99 a month.
> CEOs wont do 10 years hard time
They can knowingly launder billions of dollars for drug dealers plus terrorists and not even face a day in jail, comments like this make me chuckle.
The only "CEO"s facing jail are the people with 100 employees who shouldn't even have the title in the first place.
All of a sudden, it seems really stupid that telegram stores all their data unencrypted and waiting for a court order. I expect them to fight this, because they have a very good track record there, but the moment they capitulate the floodgates will open.
You expect them to fight this after they have now disclosed all of the data? That's quite a high amount of optimism from you.
Have they disclosed the data? I think the title of the article is misleading. In the content, it says that they have been ordered by a court to disclose the data, but not that they have (they have in other cases though).
The article goes on to say:
> Justice Prathiba M. Singh in the order dated November 24 said the names of admins, the phone numbers and IP addresses of some of the channels as are available with Telegram have been supplied.
Of course, I can't independently verify this, but the article claims pretty clearly that the data has already been provided.
I am not defending Telegram, but as a social media application (and a private chat option), Telegram is only complying with existing laws. Copyright materials are a taboo on ANY electronic medium (including the open web). We just had a major issue around the Z-Library. Each time anything of this sort happens, I see the Signal users coming out from no-where. These news aren't a big deal, and numerous public channels have faced the axe. Most of them have changed tactics by going "private" by rapidly changing their invite links or using bot services to "verify users" before they join. Public groups earlier sharing copyright materials are "banned". There are numerous bots that connect to torrents and upload content to Telegram. Z Library still serves content; Nexus bots have just rolled out a feature to connect your bot (through API token). Signal serves a specific niche of users, and I think polarising arguments (or moralistic stands) are only to play to the gallery.
Telegram (and other messaging apps for that matter) should allow accounts to be created without a phone number, and ideally stop saving the IP addresses of users.
Govts would pretty much get the app delisted from app stores for violating the law as soon as the app got some traction.
This is partly why Govts are so persistent about data-localization norms while in the past companies got away by storing data in a more privacy-friendly country. Here too, Telegram tried to make the argument that the data is stored in Singapore, but the courts got their way.
Telegram is convenient, the bot feature's great. But some things about it suck and they're prone to government interference privacy-wise.
One of the more recent E2EE private messaging apps with metadata shredding and no registration requirement for is https://xx.network/messenger
It's available for Android & iOS.
F-Droid users can build Android version from the source (https://git.xx.network/elixxir/) and load it themselves.
There's no registration and the app doesn't collect your phone number, device ID and similar crap. Is it mature and polished? No, it has its quirks and rough corners. But it won't let you down on security and encryption.
There are so many buzzwords on that landing page. "quantum leap in privacy", "ultra-private messaging", "quantum-resistant and decentralized." And then you get to the best part: "built on the xx network blockchain". Web3 still out here trying to happen. Don't forget to buy some xx coins while you're there!
Does Telegram have a branch in India? What is the teritorial limit of the Indian court decision? Internet is very tricky in this regard, but an Indian court has no jurisdiction over entities that are in other countries (this is also a very complicated matter).
Indian court has the jurisdiction to ban all Telegram activities in India. So if they want Indian users they have to comply.
It would have been neat if one could make an app on top of telegrams API to do e2ee , afaik that breaks telegrams API tos
What data do they disclose?
It’s in TFA
Did anyone already say that Telegram is Russia's KGB operation?
Imagine if our water service was like the Internet: We'd distribute potable water by shooting it way up into the sky and just having a constant municipal drizzle/rain/downpour everywhere. Every house would have some buckets to collect enough potable water to use.
Then the sewer system would be a bucket brigade: You fill a bucket at home and bring it over to your neighbor, and they pass it on in a long stinky chain of wastewater until it gets to the treatment plant or the ocean.
There would be no such thing as faucets, pipes, or protected water sources. It would just be a cycle of spraying it all into the air and bucket-brigading back to the source.
And that's today's Internet.
Rain, solar, wind harvesting make sense though.