It doesn't actually even matter if they did this. The only thing that matters is that they are physically capable of doing so. Telegram is not e2e encrypted by default, and therefore you shouldn't use it if you're concerned about privacy.
Look no further than Signal's supboenas and how they respond to them. With all the information they hold about an account. Which is just the creation date and last connection date. https://signal.org/bigbrother/eastern-virginia-grand-jury/
> Look no further than Signal's supboenas and how they respond to them. With all the information they hold about an account. Which is just the creation date and last connection date. https://signal.org/bigbrother/eastern-virginia-grand-jury/
Signal's subpoenas have always left a sour taste in my mouth. I just can't believe that they are getting so few, at least some cases they'll just send the standard letter out and will try to get something. Having no list of how many they have rejected would at least increase my confidence in them a bit.
But the bigger issue is, that they data they provide is just too good to be true for the majority of users. Signal has a push token for the vast majority of accounts otherwise they wouldn't be able to send out push notifications on iOS and would waste at least some battery on devices with Google Play services installed. The subpoenas always seem to affect people who have an Android phone without Google Play services installed. In my eyes is too strange of a coincidence to be true.
Signal does at least a bad job of explaining what kind of data they keep on an average user.
Not to mention that cryptocoin integration attempt to cash out with privacy reputation. It just left so sour taste as well. What else they are ready to do?
It doesn't matter. The problem with Signal is that it is vulnerable to being shutdown easily.
So Google or Amazon or where ever Signal is hosted can just shut it down and will receive a request by the authorities to show that it is aiding and facilitating in illegal activities and will blame it on the tons of criminal networks, terrorists, insurrectionists and gangs all using Signal.
Thus, Signal really is a centralized dead end in the long run. Anything that is decentralized or allows self-hosting is the way to go.
It is particularly amusing that they provided the two date/time pairs in the form of "Unix millis" only. Obviously there's the legal risk of getting the conversion to Gregorian wrong, but I suspect that may have cause some head-scratching at the court.
It's probably some malicious compliance on their part. They are probably storing those timestamps, as, well, UNIX timestamps. So it's exactly what they provide.
Meh. In any case involving data/tech I suspect there are people involved who can handle much more sophisticated formats/conversions than this. I may disagree with the government’s stance on privacy, bit they’re not stupid or tech-illiterate.
I regularly help my lawyer friend parse the DVDs she gets from police with the evidence from her case and it's a nightmare collection of proprietary ancient standards for old versions of Windows. They also still use fax machines for everything.
The only place you'd find technical talent is in the federal police or a few guys higher up in the major urban police forensics labs.
Sure, but my point is that any agency or group that is going to subpoena Signal definitely has someone on their team who understands what a UNIX timestamp is. Think about it: If a service actually does comply with one of these subpoenas, they probably had over a trove of JSON files that need to be parsed or searched.
Signal is just another walled garden actively fighting decentralization. If it becomes big enough, attacks of big adversaries will be inevitable. Also, the problem with funds. Consider Matrix instead.
> It doesn't actually even matter if they did this. The only thing that matters is that they are physically capable of doing so.
Exactly. It could be the truth or Russian psyops to undermine the trust among users, which happens very often from all sides involved, not just during war time. It should be noted that all governments hate private communications systems, except when they suit their needs.
That's one more good reason to push for systems offering full e2e encryption by default.
Terrible advice. If you want e2e you can choose to enable it. It is not enabled because many users choose to receive their messages across multiple personal devices simultaneously. This is not possible with e2e, which is why it is an option.
> Terrible advice. If you want e2e you can choose to enable it. It is not enabled because many users choose to receive their messages across multiple personal devices simultaneously. This is not possible with e2e, which is why it is an option.
Signal, WhatsApp, iMessage and Threema seem to do just fine.
Unrelated to this, but for all intents and purposes, iMessage cannot be considered e2e encrypted if either party has iCloud backups enabled. Apple has access to your iCloud backups, and they contain the iMessage keys.
Yes they can choose to decrypt messages going forward (by injecting a third key controlled by the gov/Apple in a multi person message and silently copying messages) but they can't retroactively decrpyt them in that case.
You have no idea what any software does with your keys unless you audit it, then compile and install it on your device yourself. Oh, and audit your compiler. And its compiler...
If you have a piece of software, that can read supposedly encrypted messages on several devices, it is obvious that it does something with the keys. You don't have to audit the compiler and argument into ad-absurdum.
People use Telegram because they have a great user experience. Signal, unfortunately, does not - and it's not entirely because they're limited by E2EE.
Signal does have an inferior experience. Signal has many UX issues, including the lack of a backup mechanism for iOS (if you lose your device or have to reset it, there is no way to restore old chats, and that’s by design). Additional irritants that nobody in the development team has thought about for years:
* I decline Signal’s prompt to turn on notifications with the “Not now” button (there is no “No thanks” button). It responds with “We’ll remind you later” and nags me again in a few days.
* I decline Signal’s prompt to share my contacts with it using the “Not now” button (there is no “No thanks” button). It responds with “We’ll remind you later” and nags me again in a few days.
Signal may be good at security, but whoever designed the app has no respect for users’ time, and it doesn’t seem like they respect a user’s privacy choices either. Telegram, on the other hand, does not have E2EE chats by default, but the privacy features are far ahead.
> * I decline Signal’s prompt to turn on notifications with the “Not now” button (there is no “No thanks” button). It responds with “We’ll remind you later” and nags me again in a few days.
The key here is to say "Yes" to the app's prompt, but "No" to the system prompt.
We either accept countries are sovereign over tech companies or not.
If tech companies operate with the territory of a country or provide services to citizens in that country, we can expect that they would have to do so under the laws of that land. Those tech companies can choose to withdraw services if they have a problem with doing so. Twitter / FB et al withdrew from the Chinese market (they were not banned by the PRC, as erroneously understood) precisely because they refused to the subject to data requisition laws of this kind from the PRC
Not necessarily. If a company doesn't engage in commerce then it can be based in one country and provide services in other countries regardless of their laws, so long as their home country is willing to resist attempts by other countries to prosecute them.
I love Telegram, but it is one of those apps that since it requires a phone number I don't really trust them with ultra-secret data. I think their E2E protocol is fairly sound, but even that isn't ideal. I think you may also get some minimum benefit by using the open-source Android app vs the Google Play Store app. Regardless, if you really desire secrecy (and I believe in privacy but would never advocate for serious crimes like mentioned in the article) then you're probably better off using Signal or XMPP.
For me, despite its flaws in E2E, Telegram is the sweet spot for small to medium sized groups.
Easy to install, works on every platform I need it, super-simple bot support and the UX is very nice. You even have tools to make write-only groups (microblogs of sorts) and actual moderation tools for larger groups.
For a "community", I'd pick Discord though.
Matrix as a technology is a good competitor, but the UI/UX for every client I've tried rangers from "death by a thousand cuts" to atrocious.
Case in point: I got a notification about a message on a channel on my phone from my Element client. I open it and what do I see? Not the message. A "Syncing" -message that lasts longer than I can stand to wait. My phone actually falls back to sleep and turns off the screen while I'm waiting for it to sync. And after it has synced, does clicking the notification take me to the channel? Of course not and now I've already forgotten where the notification was from.
Sounds like you were running with an account on the default matrix.org server? It's gotten faster, but there were a bunch of months when it was dog slow. The point is kinda to run your own server.
Another paper only verified part of the protocol in a specific way: https://www.computer.org/csdl/proceedings-article/sp/2022/13...
This last paper found flaws that should allow some side channel attacks (though I find it hard to believe that 3 microsecond differences can be measured against the client unless the attacker controls the server) but concludes that the protocol should be secure enough with their proposed fixes, which Telegram seems to have implemented; the problems mainly stem from implementation bugs, something the Signal protocol wasn't necessarily checked for during their extensive audit.
Based on this research I can't say I can find much wrong with mtproto2. It's proprietary in the same way the Signal protocol is proprietary, in that it was originally invented for a specific purpose inside a specific app. Just because nobody has bothered to copy the protocol to their app like WhatsApp did with Signal doesn't mean it's any more or less secure.
In the context of an app that can't encrypt group messaging and doesn't encrypt private messaging by default, I don't think focusing on the potential insecurity of mtproto2 makes sense. Telegram made some dubious, foolish security theatre ("hack our server and win a prize!") but on a protocol level there are no glaring mistakes that necessarily invalidate the protocol itself. The big problem here is that only a fraction of users actually use this seemingly-secure protocol on the first place.
Source? My cursory search hasn't found much wrong with the current protocol, though mtproto 1 relied on some rather weak cryptography which luckily got replaced years ago.
I always found it funny - here's a privacy focused alternative to Whatsapp! But we'll need your phone number, first. Why? Oh, y'know, to limit spam and stuff. 'cuz that definitely can't be done any other way.
Sure, I can get prepaid cards. Or I can just use Whatsapp. If I do anything illegal, I can do better than Telegram.
If you want signal without using a phone number, you can use a fork of signal called Session(https://getsession.org/). That's the power of opensource :)
I feel that the average person would be inclined to use signal more if it required a phone number than otherwise.
A prepaid SIM having the same security checks as a bank account definitely felt sour. And for some reason people think they have any privacy from the government.
An advantage of Telegram over Signal or related apps is that if I am in a situation where I need to delete a message and leave no trace of it having been there then I can do this on Telegram. On Signal, if I delete a message it leaves a 'this message has been deleted' (or something to that effect) notification in the logs of the other party, which can be extremely undesirable behavior.
It's honestly not realistic to expect any free service provider to martyr themselves for your privacy. With that in mind, remember that anywhere you don't control the metal someone is watching you.
Sure, but Telegram has repeatedly made misleading claims about the privacy of their app and novel cryptographic protocol compared with alternative free services. The problem isn’t that Telegram disclosed data to lawful requests, it’s that (1) their marketing re privacy is at best misleading and (2) they had that data available to disclose.
>"To this day, we have disclosed 0 bytes of user data to third parties, including governments."
A very specific way of saying what most would assume means their users' data is safe. Even if it's not an outright lie, allowing government agents to view user data in their office would not contradict their statement.
If a government agent asks for certain user data, a Telegram employee does a search and have it on their screen for the government agent to see. How many bytes would you say Telegram has disclosed?
Isn't Telegram the company that said Whatsapp can't be e2e encrypted because you can decrypt the messages in Google drive? Seems like a bit of a braindead claim now.
https://news.ycombinator.com/item?id=31619010 (210 points/182 comments)