• Lime Buzz@beehaw.org
    link
    fedilink
    arrow-up
    16
    ·
    4 months ago

    Because it’s a bad messenger which rolled their own encryption (a thing that should bever be done) and yet it’s still only in one-one chats in very few contexts.

    They have lied constantly about various things including never having ads etc, they just silently updated that they would and expected people to be fine with it.

    Sure, piracy is okay, but there’s lots of other bad things that go on it which is immoral and unethical and they don’t care enough to do anything about it.

    In short: It is not at all a private messenger and lacks any type of good moderation.

    • asudox@programming.dev
      link
      fedilink
      arrow-up
      13
      ·
      edit-2
      4 months ago

      Instead, we have SimpleX, Matrix, XMPP, Briar and Signal. They’re ultimately better than Telegram.

      • chameleon@fedia.io
        link
        fedilink
        arrow-up
        8
        ·
        4 months ago

        The main reason many sub-communities are stuck on Telegram (and Discord) are the public group chat/broadcast channel related features. Signal still has a 1000 member group size limit, which is more than enough for a “group DM” but mostly useless for groups with publicly posted invite links. Those same groups would also much rather have functional scrollback/search on join instead of encryption.

        • Lime Buzz@beehaw.org
          link
          fedilink
          arrow-up
          2
          ·
          4 months ago

          And that’s fine and good, if you want that, I’ve no problem with people getting their needs met.

          I just wish they wouldn’t call it secure or private or think there will be no consequences for using it, there absolutely could be because there is no encryption in groups and bad encryption in one-to-one contexts.

          Apart from the lack of moderation and refusal to comply with police etc from a distance, there isn’t much keeping those who use it safe from arrest, discrimination etc.

      • Lime Buzz@beehaw.org
        link
        fedilink
        arrow-up
        7
        ·
        4 months ago

        SimpleX is not as good as other offerings yet, it is very lacking in features and frustrating to use for the few it does have.

        Matrix has bad encryption: https://soatok.blog/2024/08/14/security-issues-in-matrixs-olm-library/

        XMPP also has not very useful encryption (though not bad imo, it’s just not user friendly nor on all the time or in every client): https://soatok.blog/2024/08/04/against-xmppomemo/

        Briar isn’t there yet on every device, it doesn’t have feature parity on all devices/OSs and can’t be used on all devices/OS.

        Signal is the only one really worth considering at the moment in my opinion for most users, good features, and for actually proven encryption.

        • asudox@programming.dev
          link
          fedilink
          arrow-up
          4
          ·
          4 months ago

          I actually think that too. People just think that providing their phone numbers makes them less private when privacy does not mean anonymity.

          • Lime Buzz@beehaw.org
            link
            fedilink
            arrow-up
            4
            ·
            4 months ago

            Yeah. Phone numbers are less of an issue now what with usernames and with certain options chosen no one can find you by phone number on Signal.

            I do agree with them to some degree that tying accounts to phone numbers should be removed or at least optional, but it’s less of an issue now.

            I think a lot of people make the mistake of thinking privacy means “the maxmimum amount of privacy at all times” and whilst that’s understandable it’s not a thing that is likely in this current world nor does everyone need it, which is why people can and should be doing accurate threat modelling for themselves, which most don’t.

          • uis@lemm.ee
            link
            fedilink
            arrow-up
            1
            ·
            4 months ago

            People just think that providing their phone numbers makes them less private when privacy does not mean anonymity.

            Yeah, people just think that providing their phone numbers makes local police able to easily find them and insert soldering iron into their rectum when privacy does not mean that that police will not easily find you for what you said on the internets. Wait, what?

            • Lime Buzz@beehaw.org
              link
              fedilink
              arrow-up
              4
              ·
              edit-2
              4 months ago

              Okay, I’ll bite. But considering Signal has no data and very little metadata to give people, what exactly is the problem? What evidence would they have to arrest people on?

              Especially now that people don’t have to share phone numbers to add a contact and can stop others from finding them via numbers.

              • uis@lemm.ee
                link
                fedilink
                arrow-up
                1
                ·
                edit-2
                4 months ago

                What evidence would they have to arrest people on?

                Message in big group chat and phone number. Message can for example say that war is bad, and as result you will be charhed with “discreditation of army”.

                Especially now that people don’t have to share phone numbers to add a contact

                Phone number that tied to your passport. Yep, not sharing phone number to add a contact will magically help here.

                • Lime Buzz@beehaw.org
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  4 months ago

                  That’s fair, one reason I stay out of big groups, though you can set it not to be displayed to anyone, so I’m not fully grasping your argument.

                  What do you mean by passport? It will a bit, if someone doesn’t know the phone number of an account that sent a message.

                  • uis@lemm.ee
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    edit-2
                    4 months ago

                    though you can set it not to be displayed to anyone,

                    Is it something new? I don’t remember it being a thing.

                    What do you mean by passport?

                    In certain countries(Russia) you need passport to buy SIM card. So phone number is tied to person.

    • uis@lemm.ee
      link
      fedilink
      arrow-up
      1
      ·
      4 months ago

      which rolled their own encryption (a thing that should bever be done)

      Signal is bad then?

      It is not at all a private messenger and lacks any type of good moderation.

      So in which direction you want it go? More private or more moderated?

      • Lime Buzz@beehaw.org
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        4 months ago

        Did Signal roll their own encryption? I am unaware of this if so. Even if it is the case, it has been audited heavily, something which telegram have repeatedly either failed to do or moved the goalposts every time it has been audited. Telegram is not a secure messenger.

        I think I was explaining why people could see it as bad, not that I particularly want more global moderation. Having said that, there should probably be a way to throw off people, on any platform, who actually do material harm to other individuals, such as distributing CSAM.

        • uis@lemm.ee
          link
          fedilink
          arrow-up
          3
          ·
          4 months ago

          Did Signal roll their own encryption?

          Yes. Even entire new algoritgm - Double Ratchet.

        • Lime Buzz@beehaw.org
          link
          fedilink
          arrow-up
          3
          ·
          4 months ago

          Are you saying Signal uses bad encryption? I genuinely am not sure if this is sarcasm or genuine.

        • BuxtonWater@beehaw.org
          link
          fedilink
          English
          arrow-up
          2
          ·
          4 months ago

          But where do you draw the line between catching these people and not invading the privacy of every single user of the software? Because so far no one has found a solution despite a decade or more of attempts.