How do notifications work in the official Telegram Android app (Play Store vs Site version maybe)? Does it have the same mechanism as Signal, which only recognizes the presence of notifications via Google services, but sends them via its web socket service?
deleted
I know and use Signal to communicate with family/friend. but everyone at work uses telegram, I can’t give them all an ultimatum to switch to Signal
If you’re ready to put on tinfoil, signal is not the way to go too
Phone number requirement is a big no-no in privacy community, plus signal wants to centralize more and more, when they could actually make it possible to selfhost signal
I don’t agree with you. so far Signal is the most mature and feature-rich messenger of the rest. yes, it provides privacy, not anonymity. but all new people are used to the algorithm of adding people, unlike SimpleX, Matrix, etc.
deleted
Phone numbers harm anonymity, not privacy.
I’ve been using Telegram enough to understand that such allegations are useless. The first link is literally not about Telegram but about its 3rd party fork that original developers can’t do anything about. The second link is about piracy, and any app owner would handle any data they could in similar situations.
Telegram is not just a messaging app but a public platform with channels and public chats. Any app with these properties will eventually have the same issues. If you don’t want to risk, you just use it as a personal messaging app and that’s it - in this way it’s not much different from other “secure” messaging apps.
The way for apps like Signal to remain “truly secure” in “careful” users’ eyes is avoiding the introduction of the public communication part, which could lead to all the same problems some people don’t like Telegram for.
That said, Telegram actually has a history of being a “bad actor” if you want to call it so. Namely:
At first it was possible to steal someone’s account by faking a SIM card (any government can do this). Later Telegram introduced cloud password that helped to prevent such cases.
At various points Telegram wrongfully banned and marked as “fake” various channels and bots used by opposition in Russia.
But I can’t agree that either of that makes Telegram an insecure messaging platform. It’s either about bad management decisions in specific situations (e.g. Durov being worried about Telegram getting banned) or technical aspects of how user reports are handled (basically any channel can get marked “fake” if enough user reports are received).
deleted
Not third but another one out of many. Incidents that don’t really mean the app is not secure.
You can see from the article that Telegram would have to give up on a basic feature expected from similar apps in order to fix that “issue” with public groups.
Again, it’s the public communication features that lead to such issues, and I expect any other app to have very same “issues” if they introduce similar features and make them useful enough for protesters to try to rely on them when fighting against oppressive governments.
You can’t expect messengers like these to be a proper instrument for protesters that makes them safe. These public groups need to grow to become effective, and apps specifically aimed for protesters would not have enough user base. Still, Telegram is the most used app by protesters from what I see, and it does provide adequate level of protection if you use it correctly (if you understand how it works).
So it doesn’t like to be open enough for others to do what they want with it. Still, one shouldn’t expect it to work anyway. If you make your client open source, there will be forks that allow communicating with your servers. You’d have to introduce a black box, and open source community won’t like that.
Signal seems to do quite enough of useless stuff. People rate it more secure than Telegram. One of reasons for that is that it supports e2e encryption in group chats. But it’s useless when comparing to all the issues with Telegram, already because it’s always about public groups. Let me see how Signal would protect people in such groups while staying in scope of private communication app.
Nah, actually: “if a public service uses servers, then it is never secure”. Any service will handle all the data they have if pressured. Servers have to know your IP address (though you can always use proxies) and phone number at least to provide service at all. You can’t really blame owners of public service. You could blame them if their service was serverless though, because that would mean they store something they shouldn’t need to operate.
deleted
Contacts sync.
What? No. It just didn’t tell them they have to use their own servers to use their forks.
No, it speaks to how no big developer can do anything to prevent their apps from being banned by oppressive governments. Hence why opposition resorted to 3rd party forks.
Telegram has experience of trying to protect people when they oppose governments. Signal is not interested in getting any similar experience. It will remain useless to opposition it seems.
Signal would have to store the same data to allow users participate in public groups.
I don’t think Telegram ever disclosed anything like that. Public groups are open for everyone including governments. Any service that is not serverless will store the same amount of metadata, otherwise it won’t work.
deleted
This is useless when groups are public.
And when groups are not public, there is no ground for any action from the service.
deleted
yeah funny how the oh-so-private and amazing signal allows bad actors to take over your account with sim access, and telegram does not.
Criticism of Telegram isn’t endorsement for Signal. They are both garbage in different ways.
Well it still does by default. You must enable the cloud password by yourself.
ik but signal doesnt give you the option even
Your first link:
How is that a state exploit of Telegram? It’s not even about Telegram. It’s a third party app.