Hacker News new | ask | show | jobs
by joshxyz 1988 days ago
What I don't get is people are trusting unverifiable builds of Signal, Telegram, WhatsApp, etc as "secure" on each of their E2EE implementations when that part of the binaries we install on our phones isn't even verifiable by code and compilable by ourselves.

But what I do like about Telegram is their good user experience and Bot API developer experience. It's soooooooooo fucking good I'm telling you. It just works, be it on web, mobile, and desktop.

At this point who the fuck knows if Durov can be trusted (hell we all wish, right, no harm in that). But regardless of that, at the end of the day I'd be willing to admit he's a fucking genius when it comes to Telegram's UX and DX.
5 comments
md_ 1988 days ago
Signal does have reproducible builds: https://signal.org/blog/reproducible-android/
link
joshxyz 1988 days ago
Sir that's a big Today I Learned. Thank you.
link
danhor 1988 days ago
For telegram, you can use the F-Droid builds, which I'd rate as one of the most trustable sources for android apps.
link
smoser0 1988 days ago
Telegram reports to have reproducible builds for android and ios. More information at https://core.telegram.org/reproducible-builds
link
mschuster91 1988 days ago
> At this point who the fuck knows if Durov can be trusted (hell we all wish, right, no harm in that).

It's a threat model decision. If you're someone who wants privacy from the US or other Western governments (think Antifa on the left side, or corona-deniers, qanons and other conspiracy nuts on the right side), Telegram is the best option since the Western governments can't hold them accountable. If you're a Russian or Chinese dissident, or opposition in countries aligned with them (e.g. Serbia) Whatsapp and Facebook are your best bet.

link
Ar-Curunir 1988 days ago
There are many anti fascists in Russia too. In general anti fascists face repression from every nation state
link
Mediterraneo10 1988 days ago
Isn’t Telegram now based in Dubai, an emirate within a country that largely allies with the West?
link
bobsterman 1988 days ago
Horcrux Encrypted Messaging combines multiple messaging options to protect you from all sides.

https://horcruxencryptedmessaging.jperla.com/

link
bigiain 1988 days ago
FWIW, I personally trust the "unverifiable" Signal build I get from the app store more than I trust the OS my phone runs.

That's not true of Telegram/WhatsApp/etc...

link