It was a many months transition, and it’s finally done
Fun thing, you can actually make a backup of all* your messages, groups, contacts, etc. So before leaving you can have all of your data in case you need that one contact or something
The final red flag was as that allegedly Russian authorities were messing with people’s deleted messages. Not for the first time there are news that they could read, modify, delete, see location, and etc. Screw it, this is unsafe, I’m out.
Also, these days telegram is really at the state of a pile of garbage, bloated, buggy, and shady messenger.
Why did Telegram get so popular in the privacy scene compared to Signal in the first place? To my knowledge Signal came out first and never had a history of breaches or leaks.
I can’t speak for the privacy scene but in my country it’s pretty popular merely because of anonimity (which boils down to not having to use a phone number) and Discord-like server/groups. For porn and other NSFW content, it is pretty popular.
Ah I did not know Signal required a phone number compared to Telegram not requiring one. Thanks.
At least they have usernames now…
deleted by creator
Telegram, while often hyped as high privacy/security got popular because it was/is fully featured and isn’t Google or Facebook. That’s it
It’s less invasive, less annoying, and can do all the stuff like gifs and stickers. So it was very easy to get people onto compared to pretty much anything that was actually private or secure.
Once enough people started using it, it snowballed into its own monolith of bloat.
The UI was also very fast and transparent – not a lot of stuff separating somebody from the other people in their conversations, which was pretty solid even compared to other messaging apps of its day. Most people didn’t feel the need to fact-check its privacy and security claims because it worked good enough for them!
Maybe because it offers public chats and channels? Something other apps lack.
Also the best desktop experience out of all apps I’ve tried.
Telegram came out a year earlier in that signal, and because immediately popular amongst young people and drug dealers in Russia
Besides the ease of registration, the sync between devices make it easier. It can be frustrating not to be able to easily backup/restore/sync all your chats just like Whatsapp or Telegram. Yes, privacy/security, but i believe not everyone is chased by a state actor and you might want to have the option, as an opt-in maybe.
The final red flag was as that allegedly Russian authorities were messing with people’s deleted messages.
I don’t know about “Russian authorities”, but the fact remains that if you can login anywhere and see your messages, then your
publicprivate key is stored in the server.Since Telegram requires authorization from an extant connection, I don’t know if that means your public key isn’t stored on the servers and it’s being sent from the authorizing device, or if that device is merely authorizing the Telegram servers to transmit that key to the new device.
Since they have a full e2e chat feature (Private Chats), I’m going to assume the latter.
So anyone who can get those keys can gain access to your chats.
I still say Telegram is far superior to anything from Fuckbook/Meta, because it’s not integrated into everying you do (even those of us who’ve never once been on Facebook, and yet have ghost profiles), not to mention the Facebook app integrated into Android on many vendor phones.
Even so, know Telegram for what it is - not ideal, just better than WhatsApp, and a step along the path to moving to more secure and privacy-respecting apps.l
Comparing telegram to WhatsApp is something really 2015 😅
Now we have many alternatives, and let’s just switch, fb and telegram both suck compared to signal, simplex, session, or even matrix (wait for the new matrix’ update where they add some new encryption stuff)
I never got with these russian authority claims. Telegram is not based in russia, sure its founders are born in russia but they have taken citizenship of France for a long time now, its based in saudi arabia. I never saw a single proof of them giving data to russian authorities, they were banned in russia for that iirc but eventually got unbanned due to mass adoption. At this point these russian claims just seem racism to me.
It’s the usual foreign fearmongering. It’s never phrased this way if the subject is a western company (even though we know they cooperate with the US government).
- I never said that telegram collaborates with Russia (I don’t know if they really do, but tg is pretty insecure, and Russian govt is happy to crack it)
- They were banned in Russia until they realized why would they ban it if they can read it (unbanning of something in Russia is another sign of something shady going on)
- I’m Russian myself, so your gaslighting won’t work, also are you Russian or Slavic too? 🤣
- Show me the proof, don’t talk on hunches
- They really didn’t care, they are banned in Iran too which is their 3rd biggest market. They got unbanned because Russia failed to unban it, there are no cases known yet in which telegram handed over users data to Russian authorities https://www.reuters.com/article/idUSKBN23P2DY/
- I am not Russian
The final red flag was as that allegedly Russian authorities were messing with people’s deleted messages
I’m gonna need a source on that, since the creator himself was persecuted and telegram had layers of fake companies to stop Putin from getting to it.
Here’s what I found:
Over the past year, numerous dissidents across Russia have found their Telegram accounts seemingly monitored or compromised. Hundreds have had their Telegram activity wielded against them in criminal cases. Perhaps most disturbingly, some activists have found their “secret chats”—Telegram’s purportedly ironclad, end-to-end encrypted feature—behaving strangely, in ways that suggest an unwelcome third party might be eavesdropping. These cases have set off a swirl of conspiracy theories, paranoia, and speculation among dissidents, whose trust in Telegram has plummeted. In many cases, it’s impossible to tell what’s really happening to people’s accounts—whether spyware or Kremlin informants have been used to break in, through no particular fault of the company; whether Telegram really is cooperating with Moscow; or whether it’s such an inherently unsafe platform that the latter is merely what appears to be going on. … Elies Campo, who says he directed Telegram’s growth, business, and partnerships for several years, confirmed this general characterization to WIRED, as did a former Telegram developer. In other words, Telegram has the capacity to share nearly any confidential information a government requests. Users just have to trust that it won’t.
https://www.wired.com/story/the-kremlin-has-entered-the-chat/
I have been living under a rock, what happened to Telegram?
It is not considered a good alternative as a messaging app for privacy folks and because the source code is not open, it is not E2E encrypted by default (you need to start a secret chat or something to make your conversation encrypted) if I remember correctly.
I must agree on the bloated part. Telegram was awesome before Pavel got greedy and added more and more stuff that are just not related to any chat service, for an example payments and crypto.
I installed Snikket on my server few weeks ago and are now trying to move everyone to it. It seems to be a very slow process, though.
But I might keep Telegram only for the porn channels. Mighty good stuff!
By the way. Do you have the source for your claim that Russian authorities were messing with people’s deleted messages?
XMPP, 🙂
Oh, yeah, the porn channels are really good indeed
I’m thinking if I can access them from some telegram channel mirror
Well, Telegram already have a preview feature for every public channels. Just copy the direct link to the channel and add
/saftert.me/(or choose “Previous channel” without opening the link in Telegram) and you’re good to go. If only Pavel will add an RSS feed to that feed. That would be mighty-mighty awesome!More work to save the media files, though. You have to inspect the element and get the direct link to the image through
background-imagefor thetgme_widget_message_photo_wrapclass. Much easier and takes less time to just save it inside Telegram, as of now.Good advice, but I will look into converting some to RSS and read in an RSS reader
I just one a solution for that: RSS-Bridge. Just tried it through one of their instances and it works really well. At least for some of the channels.
Russian authorities usually just hijack login sms confirmation codes. This is a common practice in Russia. Not denying that something else shady might be going on, but I do know mobile providers there don’t even bother to ask why - they just provide shit on demand.
Probably this might be related to why tencent removed cloud backups from WeChat. It used to be like telegram, when you login it loaded all the previous messages, now when you login using the sms confirmation code you need to ask (with a different chat app!) three friends to send you a session specific passcode and then all the previous chat history is wiped clean.
(It was a problem to login back to me as I didn’t have three friends)
Back to Facebook messenger?
Good for you. I still don’t know how to move my friends and relatives to Signal. Any tips with that?
One day I said that in the future I will only be available via Signal. If not there then there is still SMS. And so far everyone I have contact with regularly installed it eventually.
That’s exactly right.
Easy! Just replace their usual SMS app with Signal, and then every contact they have that does use Signal is private and secure!
Oh. Wait. That’s exactly the functionality that Signal removed in their effort to ensure that Signal is never widely adopted…
Install a family XMPP server like Snikket or otherwise. Show them the benchmarks of how little battery & data plan drain is used from Conversations forks. Explain how bloated Electron apps are & how you don’t wish that on your loved ones vs. Dino, Gajim, or a TUI client. Sidecar a Movim server so y’all can share long-lived, non-ephemeral posts instead of losing memories like photos in some long group thread. Let them know their data is safe with you as the operator instead of some massive for-profit corporation—and if they don’t trust you, they are empowered to start their own server to interop.
(This tactic has yet to work for me, but I will keep running into that wall til it breaks 😃)
Do what I did. Let everyone you care about on TG that you’re closing that crap, with your reasons for doing so. Inform them of your moving to signal, session, whatever. Be clear that, otherwise, they can try calling you and wish them good luck. Close TG on the day you set as deadline. I did that and whomever didn’t get a Signal or Session account has to call me. I’ve never looked back.
Like that, also, a few months prior to the deletion turn off the notifications, and come there every few days, so people need to wait for your reply for days, and when you come you say “oh, I’m not using tg, I switched to signal/session/simplex/bird mail”
These are allngreat suggestions. Another huge advantage is that this help detoxify from the constant pinging with others.
Keep bugging them. I almost exclusively use signal for messaging these days and it’s fantastic. It took longer to convince some people than others
What happened with Telegram? I’m unfamiliar with those particular rumors.
… But also definitely not a fan of it in general. Their app has had terrible encryption (when it’s even used) for a long time.
There have been rumors from its start. I have no idea of their validity. Like anything, it’s hard to find the truth.
As for its encryption, while I dislike it’s not open source, and it’s deserving of some criticism, there have been no reported cracks of it that I’m aware.
That said, it seems to store your
publicprivate key on the server (though I’m not sure of this), which is not ideal, for sure.The “no reported cracks” thing is a red herring. You can make an intentionally broken cryptography system and claim it’s unbroken too.
And even if it was sound, it doesn’t really matter because the messages are decrypted by the server for all desktop and group chats, and probably most one-on-one chats too.
What the issue with them storing the public key?
Aside from not storing anything you don’t absolutely need to store, there shouldn’t be an issue there.
Typo
A lot of speculation that does end with this in the article:
"After discussing her case with experts, Matsapulina now believes her Telegram messages may have been compromised by a form of spyware. When she was told that a hacking device would need to be physically nearby to infiltrate her phone, a memory resurfaced: At times before her arrest, she had noticed an unmarked truck with a dome on its roof parked outside her building. She had even jokingly mentioned it to friends on Telegram. Now, she remembered, as the police were banging on her door that morning, she’d spotted the same mystery vehicle parked outside. By the time the police stormed her home, the vehicle was gone.
Matsapulina has since started using Telegram again."
Most messaging apps are vulnerable on the client side with spyware, no matter what E2EE exists along the way.
Am i the only one who doesnt use telegram for porn
Nah.
I use it for drugs.
deleted by creator
Deleted the app and account recently as well. I’m hoping that having the account deleted means that people don’t try to use it to message me there.
People who had you listed will just see “Deleted Account” instead of your name, and a little ghost as your avatar.
They will still see your chat history though.
where did you moved to? i tried matrix but their android client (element) is terrible compare to telegram’s.
Try checking out Element X. It’s made to replace Element stable once it’s complete.
deleted by creator
It happened too many times already, telegram has a very bad record at this point, some security mistakes happen every month, c’mon, this is a really bad idea to use telegram at this point
It happened too many times but I can’t find a single case, please enlght me. I will use telegram because it have a lot of features, good ui and easy to use
You should really search, I tried to compile all I could find, but I’m here to stop using tg, not going back to tg and scroll Russian opposition channels for all the mentions of stuff like that
There are some articles in English that describe the events, but most of them are in Russian
Also, from the search it’s really hard to find anything because a lot of stuff about the war
Here are a few topics:
- Telegram leaking location
- Telegram leaking IP address
- Deleted many years ago chats/messages were recovered remotely (just recently)
- Telegram is delaying source code publishing
- The source code’s build has a different hash and a few mb smaller than the release
- Their data sharing reports are empty although they were openly giving data to authorities in e.g. Germany
Compilation of different technical vulnerabilities and issues of telegram(in Russian):
- https://habr.com/ru/articles/206900/
- https://habr.com/ru/articles/252911/
- https://xakep.ru/2018/10/31/telegram-plain-text-chats/
- https://habr.com/ru/articles/460655/
- https://habr.com/ru/articles/744316/
And in general, Russian government unbanned tg after it realized it can read it. I wouldn’t trust anything that was unbanned in Russia or China
And one more article that lists issues of telegram: https://emisare.medium.com/так-ли-безопасен-telegram-f5a3128a1311
I’m already tired of doing this, I didn’t even start on activists and how they get hacked and stuff
There was just a fine on telegram yesterday for not “complying” with Russian authorities which is another proof they are doing great. https://tass.ru/obschestvo/20188921
