I use telegram mostly because it have great features and its certainly better than any meta apps in privacy and private enough imo. It was easy to get my friends and family on telegram because they loved those features, signal is just... boring.
Memes
Rules:
- Be civil and nice.
- Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.
interestingly it's worse than whatsapp regarding privacy
and how? dont send me a decade old audit on the protocol which telegram abandoned around the same time.
chats are not e2e encrypted by default and group chats are never e2e encrypted. even whatsapp is e2ee for every chat.
And yet no one was able to crack it.
it's not about cracking anything it's about the telegram owners being able to read your messages???
You can use E2E???? !!!!!
not in group chats and most people don't care about it for 1-1 chats as well.
And how does being e2ee by default guarantee you are secure? whatsapp doesnt even encrypt metadata.
I don't like whatsapp either but my claim still holds. e2ee by default for all chats is arguably more privacy respecting than opt-in e2ee for 1-1 chats only. and what metadata exactly does telegram encrypt but whatsapp does not?
e2ee by default only for your data to be used when you back it up. Atleast there have been no data breaches reported in telegram so far
you can encrypt backups in whatsapp but we might agree on whatsapp and telegram being equally bad then
no data breaches reported in telegram so far
yes they hand it out voluntarily, search term: telegram german authorities
only if you are terrorist or do some CP stuff. Besides there are ton of reasons why I should use telegram. Its a lot more featureful, its easy for people to move their and its secure enough for me because I am not a terrorist and I dont sell drugs, thanks.
i have nothing to hide
okay buddy
nitpicking by avg signal fanboi.
average telegram fanboi cope
Just stop using the spyware ones?
That leaves you with element, signal and telegram?
Oh, where to begin. Telegram is wild. It may not be spyware in the traditional sense, but they've already handed over data to the Indian government, left a telephone number scraping vulnerability open for the Iranian government, and gotten caught with "the most backdoor looking bug" with their unwisely handmade encryption algorithm.
Telegram's backend is proprietary software and they (very similarly to Discord for example) can just decide to read your chats whenever they want. It's even worse then WhatsApp in this sense (at least as long as you trust Facebook that they actually encrypt your chats, again, there is no way to know if it's proprietary software).
And yet no one was able to crack it.
Are you even a true nerd if you have so many friends?
Fuck, I actually do have all of them.
I have 2 more :(
After posting I realized an exported PNG is the same size and looks much better. Enjoy.
You should be able to change the image after posting I think
Don't have friends. Problem solved.
Your options are RCS, Signal, or Lemmy mentions. Or losing contact with me I guess but I'm irresistible
"I only talk to other nerds" basically
Nah everyone has RCS these days except people with old phones and iPhones, and even the iPhones are going to be rcs compatible soon
What is RCS?
Remember E-Mail, everyone?
Never heard of her.
she's nice. You should check her out
Add SimpleX and Conversations-i2p
Yep SimpleX works great. Although every time I read the name I think of herpes.
Hahaha, SimpleX on Android is fine, the Desktop client is kinda incompatible with anything (no flatpak, the ubuntu version is kinda broken, no repo, their sync requires a random firewall port to be open)
Interesting. For my desktop, I just installed a binary from the AUR and it works wonderfully.
Yeah I avoid installing stuff to my system but I looked into RPM .spec files and that should be possible too. Flatpak would be the way to go though.
Personally, I do the opposite. I try to avoid flatpaks and the like. And the AUR enables that really well
Welcome to security I guess
Security is a compromise between convenience and safety.
However, simply using flatpaks isn't inherently more secure than using a binary or compiling from source. But it can make it easier to be secure for people that don't want to manage their own sandboxes.
It's also easier for devs so they only have to make one version of their app which in theory should work on all systems. But in practice I find it doesn't always work that way
The AUR is not verified or audited at all, isnt it? So you need to check every release if that script was modified to download something malicious. For sure this works somehow, but idk how.
And sandboxing... flatpak has GUI tooling unlike anything else. Bubblejail is usable.
From a maximum security perspective, you should be checking all the code you install on your computer. No matter if it is foss, audited by some group, or proprietary (if possible). What would stop a bad actor from auditing malicious code and approving it?
As for sandboxing, there's multiple options, not the least of which is containerization.
Again, security is a compromise. More security normally comes at some cost just as less security does.
But back to the topic of the post. You are complaining that SimpleX doesn't work when installed though a flatpak (because one doesn't exist). So perhaps it's not a good software to rely on flatpaks for. Unless you choose to only install software via flatpaks, to which I'd say that's admirable but also perhaps needlessly limiting. Either way it's your choice, but I would suggest some open mindedness of options that may let you use the software you want.
Yeah I tried the ubuntu version through Distrobox, which is way more secure. But they have no repo, and it broke apt lol.
Appimages are completely insecure, there are literally no updates. Its a random bundle of libraries, as old as possible to work on every old kernel, and they are just broken by design (see an old post of mine).
There is flatpak packaging work done and I want to learn that and help, as Flatpak is just the best.