|
|
|
|
|
|
by palata
752 days ago
|
|
|
> We don't know if telegram is secure or not. Last time I checked, everything but the secret chats was not E2EE. So for the most part, it's effectively not secure. For the secret chats you're right, we don't know. > signal is lying: - About it's code being open source I compile and run Signal from the sources... > About it's protocol being open Are you talking about the Signal protocol here? > We do know that signal is probably insecure if(!) - It is actually based on the original white paper Can you elaborate on that? |
|
|
The point was: This is a discussion about Signal, not Telegram.
But by now we have gotten pretty used to deflecting every discussion about "is Signal secure" to "look behind you, a three headed monkey" or rather to "but telegram is not secure, because all Russians are stupid".
"I compile and run Signal from the sources..." Yes, so you get a messaging app that might be secure, while 99.999% of users use the one from the store which very likely comes from a completely different source.
"The original whitepaper" Just use you favourite search engine, we have been over this dozens of times by now. If you understand security I would start here: https://cs.nyu.edu/~afb383/publication/uc_signal/uc_signal.p... If not -- it probably takes 15-25 years to teach you.
Very rough, and simplified: "Double Ratchet has some very strong preconditions which have never been addressed by signal, and probably never been implemented by anybody." (Please, don't quote me on that, it's very dumbed down.)