zlacker

[return to "Signal app downloads spike as US protesters seek message encryption"]
1. matheu+X2[view] [source] 2020-06-05 02:30:43
>>pera+(OP)
I hope one day apps like Signal will be the default for everyone, not just protesters in a time of crisis.
◧◩
2. AnonC+Gl[view] [source] 2020-06-05 06:18:50
>>matheu+X2
I don't think that's a great idea until Signal stops exposing the phone number of the user to everyone else (for all the bashing that Telegram gets on cryptography, it has mechanisms to hide one's phone number and even the fact that one has a Telegram account from others).
◧◩◪
3. 0xy+Gm[view] [source] 2020-06-05 06:32:10
>>AnonC+Gl
Absolutely agree. I really wish Telegram would get off the phone number system, especially after the embarrassing hack in Brazil. It's not explicitly Telegram's fault, but if your primary authentication method is insecure it's at least a little bit your fault.

Phone numbers are NOT safe. I don't know why SMS MFA is even a thing, they're worse than passwords.

When you use phone numbers or SMS for security, you are putting the fate of your entire company's security on an underpaid customer service rep at Verizon.

◧◩◪◨
4. nickik+Yq[view] [source] 2020-06-05 07:23:29
>>0xy+Gm
Telegram should maybe just use proper encryption first.
◧◩◪◨⬒
5. xerxes+XC[view] [source] 2020-06-05 09:43:30
>>nickik+Yq
Can someone explain to me why MtProto is not considered proper encryption? Genuinely asking, not challenging.

At least since version 2.0 it seems it's using AES encryption: https://core.telegram.org/mtproto/description

◧◩◪◨⬒⬓
6. nickik+OK2[view] [source] 2020-06-05 22:42:03
>>xerxes+XC
By default its not e2e encrypted and if you want to use e2e you lose lots of capability. That is simply not acceptable in a modern messenger.
◧◩◪◨⬒⬓⬔
7. 0xy+Rj3[view] [source] 2020-06-06 05:15:50
>>nickik+OK2
Speaking as someone who regularly uses private chats, what capability?
[go to top]