[outside415]

Watch his interview with Tucker Carlson and you’ll see. He doesn’t acquiesce to government requests for moderation control, censorship, and sharing private user data so they target him. He refuses to implement backdoors as well. In stark contrast to western social media companies.

[smt88]

> He refuses to implement backdoors as well.

We have no way to know this, and (unlike Signal), Telegram doesn't give us best-effort assurances by doing things like open-sourcing its code.

[BeetleB]

> We have no way to know this

Well, other than his arrest ;-)

[calgarymicro]

The arrest tells us that he said no to one country, it doesn't say much about all the others.

[smt88]

Russian govt officials are protesting his arrest.

When an authoritarian govt is calling for the release of someone who runs a "private" messenger, it suggests they have a back door. Otherwise they tend to oppose all private messaging.

[kombine]

No, there is no logical link between the two events. Russian govt can protest that for propaganda reasons: to make a point that Western governments are restricting freedom of speech.

[sweeter]

They're hitting that Uno Reverse card. Tbf, the US does a LOT of the stuff that we openly criticize Russia and China for. Which, I would hope that people have enough insight to recognize that this is a bad thing across the board. The only people who get hurt and face consequences from this kind of a thing are the citizens.

[miohtama]

Durov was robbed from his previous startup at a gunpoint by Putin’s thugs, and then he had to escape, so it is unlikely Durov co-operates with Russia:

https://x.com/moo9000/status/1827651335476461813

[kennedywm]

No. What would be illogical is to assume that because Russia might be motivated to protest for the sake of propaganda, that it is not also, or instead, motivated by not wanting to lose access to a hypothetical backdoor.

[dawnerd]

Russia was also using it for “secret” chats and are probably terrified what could be exposed.

[Nux]

Or they want to make it seem as such..

[squarefoot]

I don't completely buy the fact that he was arrested because he didn't cooperate with authorities. World Police forces have an history of infiltrating criminal groups and gaining their trust; planting backdoors isn't the only way they can investigate people. Also, this way they're yelling loud to these people "hurry! pick another platform!".

And then, he is also on Putin's wanted list; his arrest could one day turn him into a valuable bargaining chip.

[mihaaly]

I did not see in the list the 'did not allow us adding backdoor to their service' charge. Did I miss something?

[miohtama]

This is one of the charges (according to French press): refusing to give French police unfettered access to Telegram user data and moderation.

It’s French national law, not EU (though the EU will copy for sure).

https://www.lawfaremedia.org/article/whats-going-frances-onl...

Also now they have added “because people watch football matches illegally on Telegram”. So they are going to throw everything at kitchen sink at Durov, probably also national security issues because anti-French political groups use Telegram in Africa.

https://x.com/ChrisO_wiki/status/1827767824858931319

[mihaaly]

It is still not backdoor, sorry, you are completely mistaken. They came - tried to come - in the front door openly (the expression of back door means completely different, just look it up and you will see) to catch criminals, doing well known and prominent criminal activity, but the Telegram decided to protect the criminals instead. You can try to smear in whatever imaginative reasons behind when the reason are in the front of your face, like it or not, it does not matter if you like it or not! Also how much people like the Telegram because 'it is soo user friendly and pretty', not in pair with serious crimes committed and aided there, completely not!

Also it is still the investigative phase but the suspicion is warranted completely.

I seriously do not understand low moral people shielding those helping criminals, do you really not knowing what are you doing, seriously, just because there is a - misleadingly presented - popular service there? Really? Very worrying the moral state of social media user masses.

[hcfman]

Which is principle is meaningless

[HumblyTossed]

What exactly do you think this tells you?

[lmm]

Telegram publishes open-source clients that can run on open-source platforms. Signal does not offer any client that doesn't depend on proprietary code (either iOS or Google Play Services) and is aggressive about taking down third-party builds that remove that dependency. I'd say there's a lot more reason to assume Telegram is not wilfully backdoored than Signal (though I'd trust Wire or Matrix ahead of either of them).

[xorcist]

We have no real way to check for backdoors in Signal either. Signal is not transparent about what code their servers are running, and you are not allowed to start your own server with a known version. They do not allow for independent distribution of reproducible builds on F-droid, or any other application store that does not identify you. They will take steps to lock out any independent implementations of the client from their servers. That the code for their client is released is good, but not good enough.

[isakkeyten]

> (unlike Signal)

Well Tucker Carlson also said he used Signal and his messages were leaked by the government so yeah...

[outside415]

Only his word to go off of.

[Timber-6539]

What? Literally all Telegram clients are open source.

[konart]

What about the server? Telegram is not strictly e2e.

[Zambyte]

Huh, I was going to point out that the Signal server isn't Free Software either, since for a while it wasn't being published, but it seems they have gotten back into publishing it.

https://github.com/signalapp/Signal-Server

[twelve40]

while it's amazing for them to keep maintaining it, as the person mentioned down the thread, it's hard to know what they are actually running, right? and it's not a lot of work to patch this or clone/branch as necessary before deploying. Oh well, i already resigned that a part of my life will be run by someone else by now.

[jjav]

Publishing server code provides no assurance of anything (although it is still nice, for other reasons) since nobody can know if what they (for any "they") run in production is the same as the public source.

Open client code and documented protoccols are much more important. If you can compile your own client from open source code and it works fine, then you can know for sure what you're sending to the server.

[Timber-6539]

An "open source server"... are you trolling?

[vilunov]

> Show me an example of an "open source server".

XMPP and Matrix services run open source software such as ejabberd

[Timber-6539]

Running open source software != "Open source server"

[konart]

Not sure what part of my comment amused you so much.

An IM platform server can be open sourced. Just like any kind of software.

It's just a matter of publishing your code and, preferably making it possible to verify that the service your users are connecting to is build using the same published code.

[mr_mitm]

How could you possibly verify what code they are running server-side?

Typically, the way it goes is that you implement e2ee such that even a fully compromised server cannot read the clients messages, publish the client's source code, and build it yourself or use reproducible builds. That ladt part is where you can criticize Signal. Whether they publish the server code is mostly irrelevant unless you want to run a separate messenger infrastructure.

[4ad]

Open source is irrelevant as the protocol is plain text.

[cbsmith]

Wait... you're saying if the protocol is binary, that's different somehow?

Either way, you're saying the MTProto is binary? How do you mean that?

[4ad]

https://en.wikipedia.org/wiki/Plaintext

Pretending you misunderstand what I meant is detestable.

[cbsmith]

"...you're saying MTProto isn't binary?"

[lovethevoid]

Telegram still collects and stores private user data, and as per their own privacy policy. This isn't in stark contrast to western companies at all.

Additionally, they fulfilled requests made in Brazil, India, and Germany to name some I remember. Again, using the private user data they collect.

So what you fell for was just basic marketing (a CEO going on a TV program, as Tucker Carlson isn't even news) to market his app.

[valval]

I find the phrase “isn’t even news” to be quite triggering.

[golergka]

Which government? There has been a lot of mysterious deanons of protesters in Belarus in 2020. You know, the kind of deanon where armed people break down you door and you're going to be beaten and tortured for several days in the very least.

[octacat]

In practice it is very easy to deanon using social engineering. It is enough to open a shared link to expose your IP. A lot of people would click something like "Belorussian protestors got deanonized" or "10 ways to keep you safe" in a group chat. Just get it a catchy title. And this link is specially crafted to lead to the exposer server.

[golergka]

No, I was actually much closer to these news stories, and these deanons in particular are much more sus than that.

[bitnasty]

Who would watch an interview being held by a crazy person and take it at face value? Anyone with half a brain would avoid watching or listening to Tucker Carlson like the plague.

[eviks]

You can cover your eyes/ears for the crazy part and only open them to the non-crazy person's replies not to get infected

[hnpolicestate]

A hint of light in the dark.