this post was submitted on 24 Aug 2024
389 points (98.5% liked)
Technology
59578 readers
3165 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
There is no encryption by default if you haven't noticed. There only the pseudo-E2EE which has been proven to have critical weaknesses: https://eprint.iacr.org/2015/1177.pdf
Yes it can, every proper E2EE messenger works like that. Signal, Threema, hell even WhatsApp uses E2EE by default.
Signal has had group chats for many years now. WhatsApp uses the same encryption protocol and it also works just fine. Stop spreading misinformation, and use Signal if you want an actual secure, end-to-end encrypted, open and transparent messenger.
Those are not critical, just some aspects being below some arbitrary expectational values. Also it seems there is still no proofs those vector attacks are being used at all.
They chose to target convenience over max security. Shoving strongest options to every user by default is agaiantt that. Reasons include: no history is being saved in this mode, and the desktop client doesn't support it.
Just because it was implemented by others doesn't mean it's a way to go for everyone. From what I understand, e2e in group chats means that there is going to be a transaction of keys between all members of the chat on adding any new member, and/or on new message, which excessively increases the burden on clients and servers in case of big active chats.
You can ask telegram to implement that, but you can't blame it for keeping it behind some gates. Telegram got implemented e2e between 2 users before other messengers got it working in any form of group chats.
I'll think about it if they ditch electron.
Ah yes, definitely go with a messenger that has known vulnerabilities in its crappy encryption protocol, instead of one with an actual secure E2EE implementation.
You can still make encrypted backups of encrypted messages, as can be seen on WhatsApp or Signal
I don't know what you mean, both Signal and WhatsApp have managed to ship desktop clients with full E2EE support for years now. Only Telegram is too incompetent to do that.
Just stop lying. Telegram Secret Chats have been introduced in 2017, both Signal and WhatsApp have had E2EE (including for group chats!) for much longer. Signal has had (encrypted) group chats in 2014, back when it was called TextSecure: https://signal.org/blog/the-new-textsecure/ And WhatsApp followed in 2016.
Are you mad that Signal is focusing on privacy and security by improving their encryption protocol, instead of wasting time on some UI garbage? This shows your priorities really well. Keep using unencrypted Telegram, for the cool stickers and convenient cloud backup, and keep in mind that Telegram can read all of your messages, as well as hand them over to governments.
Feel free to go any way you want. I'm not asking you to use telegram.
Spend time for that, and keep them where? Maybe also need a feature to sync them between mobile and desktop?
Not an implementation issue but a trust issue.
https://telegram.org/evolution see October 2013.
Whatsapp had them inctorudec in 2016.
I'm perfectly fine with that. More apps using electron means less chance for my pc to run garbage applications on a regular basis.
Keep in mind that any person in your secret chats can read your message, copy or screenshot it and hand it to anyone else. Those people know much better if you're doing anything sketchy (or something actually good but against their beliefs), than an app developer.