108
Telegram Hands U.S. Authorities Data on Thousands of Users
(www.404media.co)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 09 Jan 2025
108 points (99.1% liked)
Privacy
32177 readers
455 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
I don't really have any special hate for Telegram myself, and I never saw it as a secure communication platform. I have more problem with Signal because people treat it like it's paragon of privacy and security.
I'd be curious to hear your criticisms of Signal! While I haven't seen anyone describing it as a "paragon of privacy and security" I do think it is a highly accessible SMS replacement that is also open source, end-to-end encrypted, and operated by a nonprofit.
I wrote a longer one here: https://dessalines.github.io/essays/why_not_signal.html
The short version is, that it's a centralized, US hosted service. All of those are subject to National Security Letters, and so are inherently compromised. Even if we accept that the message content is secure, then signal's reliance on phone numbers (and in the US, a phone number is connected to your real identity and even current address), means that the US government has social connection graphs: everyone who uses signal, who they talk to, and when.
The most obvious one that has been explained to death here is that Signal collects vast amounts of metadata. It's also a centralized service that's operated in the US, and it doesn't even make reproducible builds for the Android client.
Where did you read that they are collecting vast amounts of metadata? Not challenging your claim just that I have been trying to find more info and came up empty. Signal says "we don’t collect analytics or telemetry data" but that's about it.
You need a phone number to sign up. Phone numbers are metadata that uniquely identifies people, and this data constitutes a network of connections. If this metadata is shared with the government, then it can be trivially correlated with all the other information collected about people.
Many Signal alternatives also have security issues of their own, often making them less secure than Signal. This includes Matrix and XMPP. In the blog post regarding XMPP+OMEMO, the author replies to a question about which would be better than Signal, Matrix, and XMPP with this suggestion:
In regards to Ricochet, not having a mobile app version makes it difficult to recommend to less tech savvy people.
Sure, every platform has its own set of problems, and it's fine to make an informed decision that you're willing to accept the deficiencies of a particular platform you're using. The issue I have is with people pretending that Signal doesn't have the problems that it has as we can see happening in this very thread.
I'm with you there. I brought up the issues regarding Matrix and XMPP as they are often recommended as alternatives to Signal, and after learning about this blog in a previous conversation I had about this topic, I thought it would be a good resource to bring up so people can be informed about those platforms and some alternatives that may be better than Signal while being metadata resistant.
Matrix, even if it was a siv, would be better than Signal, because it doesn't know your phone and passport numbers.