this post was submitted on 11 Aug 2023
112 points (97.5% liked)
Technology
59135 readers
6622 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Telegram isn't e2e encrypted.
It's optional, you can make it e2e encrypted with the secret chat option, which the CCP doesn't like.
They roll their own crypto which is a big no-no in information security.
which means it's not on, by default.
which just means it's not
Some people are going to care enough about the CCP not reading their chats to use Secret Chats... and those people are exactly the ones the CCP wants to spy on, so it's a problem.
Even without Secret Chats, messages are still encrypted, just not E2E encrypted. They are encrypted until they reach Telegram's servers, where they are decrypted, backed up, reencrypted and forwarded to the recipient. This is done to enable chat synchronisation across devices, but all chats, Secret or not, are encrypted at all points outside of Telegram's servers. The CCP doesn't control the servers, ergo the CCP can't see the chats (unless they find a way to snoop on the user end, but this is harder for them to do and easier for users to circumvent).
yes I know how tls works, thanks. my point is if they did care, they'd enable it by default. but they don't, because they know that the average user will just not use it. They even don't have a setting that says "I want all my chats to be encrypted". you have to opt in, for each individual conversation. manually.
if you want a secure messaging app, use one that encrypts by default, so it's impossible to mess it up. Telegram is not it.
Wether Telegram cares is beside the point. The original comment explained why Telegram is inconvenient for the CCP, to which you interject that it is not E2EE. All conversations on Telegram are encryted in one way or another, which is a major problem for the CCP, and people who desire privacy and use Telegram are likely to go out of their way and use the E2EE feature as well. Regular chats being decrypted in the backend is uncool for sure, but if you live under an oppressive regime that murders dissidents and their families, targeted ads are the least of your worries.
Telegram may not be good for theday-to-day privacy needs of the West, but it's pretty great for fighting oppression. Not only is it encrypted, no other encrypted messenger (that I know of) has the organisational utilities that Telegram has, such as channels and 200k groups. If I had to organise any sort of dissident activism in an oppressive, censorship-happy state, I'd probably use Telegram.
You don't need e2e encryption of the servers are hosted in a jurisdiction your government can't reach.
I know but they don't work with governments so they can't really do shit.
That's very debatable. Their transparency report channel is empty, where there are verified reports of them sharing data. My problem is not so much that they comply with court orders, but the lack of transparency. That's definition of shady behaviour.
https://restoreprivacy.com/telegram-sharing-user-data/
Yeah that's a bad thing.