zlacker

[return to "I asked Signal motivations for SMS removal"]
1. joel35+Ub[view] [source] 2022-10-19 09:01:23
>>quenti+(OP)
With Signal moving away from SMS, the required messaging app stack on my phone just to be able to receive everything sent do me will have to be:

- Signal -> Close friends & family I've convinced to use it.

- WhatsApp -> Most of my friends.

- SMS -> School notifications, 2FA, shipping updates, etc.

- Facebook Messenger -> Elderly relatives

- Telegram -> That one relative who wants to use this instead of Signal.

Is there a consolidated messaging app that the HN community recommends?

I can't be the only one suffering from messenger bloat.

◧◩
2. jbvers+0d[view] [source] 2022-10-19 09:12:18
>>joel35+Ub
I never understood Telegram. It's insecure by default, runs in a different jurisdiction. It's not even anonymous

But somehow people started using it because it was "more secure" than whatsapp.

◧◩◪
3. NayamA+ff[view] [source] 2022-10-19 09:31:37
>>jbvers+0d
> It's insecure by default

Any proof? If you're calling MTProto 2.0 'insecure' then you should know it's already been audited multiple times in the last 2 years. If insecure means not using E2EE, then I guess the whole infrastructure of the internet is insecure.

> It's not even anonymous

It's more anonymous than Signal is. It requires phone number to register but you don't need to share a phone number or any personal detail to communicate with people.

◧◩◪◨
4. lucb1e+Oi[view] [source] 2022-10-19 10:00:58
>>NayamA+ff
> > It's insecure by default

> If you're calling MTProto 2.0 'insecure' then you should know [...]

If you're calling "secret chats" the default, then you should ask around or try to use telegram on desktop or just open telegram and see how much stuff is actually encrypted.

◧◩◪◨⬒
5. NayamA+eq[view] [source] 2022-10-19 11:01:18
>>lucb1e+Oi
> If you're calling "secret chats" the default

MTProto is the name of the:

1. Cloud Encryption

2. E2E encryption

algorithm at Telegram. MTProto 2.0 is not just secret chats, a different implementation is used for cloud: https://core.telegram.org/mtproto/AJiEAwIYFoAsBGJBjZwYoQIwFM...

Both cloud and e2ee consist of what's called the MTProto 2.0 algorithm.

◧◩◪◨⬒⬓
6. lucb1e+Rj2[view] [source] 2022-10-19 20:35:08
>>NayamA+eq
Yeah that cloud encryption is bullshit. If you're not transferring keys in a way that only your devices can access the data, then they can also read the data. It's indeed not broken if it didn't perform this function in the first place
◧◩◪◨⬒⬓⬔
7. NayamA+GD2[view] [source] 2022-10-19 22:49:07
>>lucb1e+Rj2
I'm so tired of people wanting to turn Telegram into Signal, it's never going to happen. E2EE comes at a cost. The cost is decreased scalability and inferior UX as clearly evident.

Matrix can't even load 100 old messages properly with E2EE enabled in a room. Signal can't even handle scale when it comes to chat groups and communities. There's no anonymity in both either as Signal doesn't even allow you to hide your phone number and Matrix leaks your metadata to all involved participants like crazy.

Telegram doesn't use E2EE but the privacy and security are in no way compromised.

The whole fuss about "They can read your messages" holds a very negative assumption in the first place about them reading it and then also assumes everybody's threat model involves inferior UX of managing chat backups like WhatsApp just to keep messages away from cloud.

Just take a look at your threat model and decide what you want, not everybody wants an E2E encrypted chat app because we know the compromises that we have to make with E2EE and I'd rather have my chats on cloud encryption than my local device, considering how many features Telegram allows me to have with cloud sync.

[go to top]