I think that there is something nasty with this Vice article. A hidden agenda maybe?
It reads like if it is an informercial for whatsapp.
It is very strange that it advise everyone to go to whatsapp and not any other solution and does not evocate all the issues with whatsapp.
For example the fact that enabling automatic backups is strongly pushed on users but these backup are performed on google drive in clear, not encrypted!
And so far, in spite of the telegram issues that are well known, Telegram never betrayed any user to this day as far as I know.
Also it is strange that they use nazi arguments and co. It's not because you don't appreciate some people or ideas that a platform should censor them. Also the goal of the platform is especially to not mess with users data. So I find it very strange to say that it should be uninstalled both because it does not encrypt enough and also because you say that they should look more into their users messages!
Maybe it's just a series of clickbait junk targeting popular apps so that the many happy users of those apps give him plenty of interactions. I bet he's watching the metrics right now.
1. I wouldn't call that obvious. I could claim that any messenger that doesn't use OTP is unsecure, because in comparison they are. So this is a generic complaint that applies to literally all existing communication tooling available to normal folks. Hence, not helpful.
2. Only if you give it access, so also not obvious
There is an extreme amount of difference in security between e.g. the axotlotl prototocol and only transport encrypting to and from the server. The benefits of OTP might become real decades in the future if we develop large quantum computers (or if we become a Kardashev type 2 civilization and suddenly can afford spending the energy required to boil all oceans on earth multiple times over to crack encrypted content by brute force).
Oh, the benefits of OTP are huge right now. Just to mention two:
1. the implementation can be trivial and so there isn't really an algorithm that can be broken or a backdoor in a RNG on your device.
2. Protection against MITM attacks (or anything related to problems with certificates, even bugs in your software)
That's an extreme amount of difference in security compared e.g. the axotlotl protocol.
Now, the authors of Signal are smart guys and of course they used the axotlotl protocol for obvious reasons, namely to increase usability. But you can say exactly the same about telegram too. It only becomes a matter of where you draw the line.
It has nothing to do with Facebook, Google and Microsoft. And to me, that's what matters most, along with open defiance of state effort to force the platform to snoop. They didn't bow to Russia, USA and China.
Before someone brings up Signal, that project was developed in money from US agencies. I wouldn't be surprised if it was a shop operation, like the (backdoor ridden) Swiss encryption hardware company the CIA was running for 40 years.
> that project was developed in money from US agencies.
So was TOR.
I defend Telegram, but this is not on its own a valid argument against Signal, only an encouragement to verify it extremely closely before trusting it.
End to end encryption is a known trade off for cloud-saved chats, and the article makes out like the German police were intercepting DMs rather than what is more likely, having infiltrated a group.
I don't see anything that hasn't been know for a while. Telegram is convenient but not secure or safe. At least not by default. Is it actually possible to make it as secure as something like Signal?
Use Signal if you care about security and safety. Threema is another alternative I hear people talk about although I have not used it personally.
I got my family off WhatsApp for our family chat last year and it has been great. Excellent video and voice call quality imho.
I have used Threema and I like it, but the barrier is that it is not a free app. I've only been able to get fellow nerds to install it.
I like the idea that it indicates the level of safety you have with another person quite clearly. The highest level is when you physically scan one another's QR codes when you meet in person so you know nobody is inserting themselves into your key exchange.
> I don't see anything that hasn't been know for a while.
But known by whom? It seems Telegram has a fame for being secure and trustable enough that the "underdogs" of society who think they have reason to ensure their safety are using it en masse. Spreading education about their misbeliefs might be not so wrong.
Nobody of the hundreds of people I share groups with on Telegram does it for security.
It is all for convenience.
Articles like these make it sound like Telegram is somehow uniquely messed up while it is in fact a lot more secure than email (which can be accessed by at least your provider and sender/recipients provider).
Also unlike WhatsApp which has been hyped relentlessly Telegram doesn't automatically upload your messages unencrypted to Google Cloud and/or iCloud (unless you manage to convince your contacts to turn of automatic backups).
> Nobody of the hundreds of people I share groups with on Telegram does it for security.
That's bubble fallacy. Just because your bubble is more educated about this doesn't make this a general truth about the whole world. Basically anyone you will find on this site has exceptional high knowledge about certain things, which the majority of people do not have.
But I also have strong doubts whether this crafty claim is even true. Quite unlikely that you know the state of knowledge of so many people for this specific topic.
> Articles like these make it sound like Telegram is somehow uniquely messed up while it is in fact a lot more secure than email (which can be accessed by at least your provider and sender/recipients provider).
Very manipuilative and misleading argument. The article does not recomment email or whatsapp as an alternative, but signal and threema. Actually the article is quite obvious in saying that Telegram is as unsafe as Whatsapp.aaaa
Known by everyone who really cares and understands what the differences are.
It's not as if normal people would be better off with e.g. Whatsapp - yeah it uses end2end, but I'm sure 99% of the users backup their chat in the cloud - and now they are not really better off but maybe even worse.
People usually don't understand the difference. From their perspective, everything probably has the same wizard like security level. And the ones who know and care use a non-mainstream messenger.
Anyone could have looked up Telegram on their favourite search engine and found all the information in this article anytime in the past year or two. It is nothing new.
But Telegram has pretty good word-of-mouth PR which is why it was so popular for things like the HK protests even though it clearly wasn't a good tool to use with regards to anonymity and safety.
I don't think, and did not say, the article is bad. Just that it is nothing new.
> Anyone could have looked up Telegram on their favourite search engine and found all the information in this article anytime in the past year or two. It is nothing new.
That's not really how knowledge spreads. Otherwise we wouldn't have so many problems with fakenews and conspiracy bullshit.
> I don't think, and did not say, the article is bad. Just that it is nothing new.
Why does it matter whether it's new or old? I don't know much about vice.com, but it does not make the impression of a bleeding edge news-source, but just regular journalism. And with regular journalism it's common to take up old topics to bring back awarness or illustrate whether things have changed in the meanwhile.
I mean even here on hackernews most heated discussions are also around year old articles and topics, not just the daily fresh meat.
I understand folks ITT saying some of these are known issues, but it’s important to remember this community is more informed than most others in terms of technology.
I’ve absolutely had to steer some users away from telegram who were misled and under the mistaken impression that telegram was a privacy panacea.
In today’s climate where many activists and others actually need privacy/security, this article will hopefully reach and inform some of the types who swim in different circles than this little community.
Flagged this one for being on edge of being a conspiracy theory. Others have already talked about the misdirection of certain points in this article. And honestly, the questions they ask about why not end to end encryption by default has also been answered by Durov in his blog posts. I can't get the link right now, but it's from August 14 2017. Overall, this article is just noise and clickbait.
The fact that Telegram isn't enthusiastically censoring everyone who even looks like they might have the wrong opinion is what makes it such a unique treasure. Feature, not bug.
Also their software is literally just better. Proper multidevice and autosync, better performance / UI, easier to customize, more features (even too much in my opinion), no phone number required, and and and
3 of 5 are known and uncontested, made up to be a big deal while they are not. Most of my friends use Telegram (a few hundred). None of them mention security as a reason for using Telegram.
Writing it this way is equally stupid to making a big deal out of of the fact that everything you post on Twitter is by default public: yes, everbody knew in the same way everybody who needs to know knows that Telegram is only point-to-point encrypted, not e2e-encrypted.
Then there's the two last ones:
- According to the article Telegram tolerates nazis: here Vice makes a mess in at least three ways:
1. If contents were encrypted the way they wished further up, Telegram couldn't even remove it.
2. Telegram bans open groups and channels that promote illegal content. They just haven't AFAIK been caught nosing in private messages. IMO this is a goodnthing.
3. They also mix a lot of unrelated stuff here: I can disagree all I want with all them, but COVID-19 deniers, neonazis and QAnon doesn't belong together in this paragraph.
- According to Vice Telegram refuses to talk to journalists.
Because of the mess above I support Telegram even if they refuse to speak to this journalist.
There are journalists and there are journalists. Some will follow a story wherever the facts lead them, others will go wherever as long as they can sense the sweet smell of clicks.
It reads like if it is an informercial for whatsapp.
It is very strange that it advise everyone to go to whatsapp and not any other solution and does not evocate all the issues with whatsapp. For example the fact that enabling automatic backups is strongly pushed on users but these backup are performed on google drive in clear, not encrypted!
And so far, in spite of the telegram issues that are well known, Telegram never betrayed any user to this day as far as I know.
Also it is strange that they use nazi arguments and co. It's not because you don't appreciate some people or ideas that a platform should censor them. Also the goal of the platform is especially to not mess with users data. So I find it very strange to say that it should be uninstalled both because it does not encrypt enough and also because you say that they should look more into their users messages!