• Moonrise2473@feddit.it
    link
    fedilink
    English
    arrow-up
    23
    arrow-down
    1
    ·
    3 months ago

    But by default the comms aren’t end-to-end encrypted. Isn’t desiderable that criminals use telegram rather than signal?

    • NateNate60@lemmy.world
      link
      fedilink
      English
      arrow-up
      24
      arrow-down
      3
      ·
      3 months ago

      Not being end-to-end encrypted is meaningless to law enforcement if Telegram refuses to turn over the chat contents (which they do). Law enforcement can’t just eavesdrop on the conversation without Telegram’s cooperation. The chat contents are still secured by TLS from the user’s device to the Telegram servers.

      Smart professional criminals rarely use Telegram for this stuff anyway. There’s WhatsApp and plenty of other popular platforms of end-to-end encrypted

        • Moonrise2473@feddit.it
          link
          fedilink
          English
          arrow-up
          8
          ·
          edit-2
          3 months ago

          It’s perfect for criminal use! Unbreakable encryption between two parties! 100% safe, believe me.

          IMHO not a coincidence that the app constantly prompts to save unencrypted backups to Google drive for “safety”

      • JackGreenEarth@lemm.ee
        link
        fedilink
        English
        arrow-up
        14
        arrow-down
        2
        ·
        3 months ago

        Smart criminal use Briar or Signal, not WhatsApp, lol, which totally has a backdoor for the government.

      • kungen
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        2
        ·
        3 months ago

        if Telegram refuses to turn over the chat contents (which they do)

        Source?

        Law enforcement can’t just eavesdrop on the conversation without Telegram’s cooperation

        Why do you think Roskomnadzor gave up their blockage plans in 2018? And then made their own official government channels? “It’s technically difficult for us” has never stopped Roskomnadzor before.

        • NateNate60@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          1
          ·
          3 months ago

          The source is this article.

          It’s not just “technically difficult” to eavesdrop. Properly implemented, it’s computationally impossible to eavesdrop on a connection secured with TLS.

          • kungen
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            3 months ago

            The source is this article.

            There’s nothing in the article that says they refuse to disclose chat contents. In my own experience they often do so when receiving a proper request from governments, providing at least the last 24 hours of messages.

            My comment regarding Roskomnadzor has nothing to do with encryption, but rather Telegram cooperates with them, and that’s why they stopped trying to block the platform. A little bit of reading comprehension would do you wonders.

        • istanbullu@lemmy.ml
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          4
          ·
          3 months ago

          The fact that Signal has not run into legal trouble when Telegram has.

          Also Signal has some really shady practices, such as rejecting and killing all third party clients.

          • XioR112@lemmy.ml
            link
            fedilink
            English
            arrow-up
            4
            arrow-down
            1
            ·
            3 months ago

            Signal have been blocked in several countries including Russia and Telegram has more users there and it isn’t blocked.

          • lemmytellyousomething@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            4
            arrow-down
            1
            ·
            3 months ago

            The algorithm for the end to end encryption is open source as far as I know. Should be easy for security researchers to prove that something is manipulated…

            • istanbullu@lemmy.ml
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              2
              ·
              3 months ago

              Signal had long periods of blackouts when they did not publish server side code. Calling Signal open source is really a stretch.

              • lemmytellyousomething@lemmy.dbzer0.com
                link
                fedilink
                English
                arrow-up
                3
                ·
                3 months ago

                I’m calling the E2E algirithm open source. That’s the reason why WhatsApp is using it, too. As long as the message is correctly encrypted for E2E on the client side, it should not matter what the server is doing as far as I know.

            • JustAnotherKay@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              5
              ·
              3 months ago

              The algorithm for the end to end encryption is open source as far as I know. Should be easy for state actors to read through it and break it

              Ftfy

          • ᗪᗩᗰᑎ@lemmy.ml
            link
            fedilink
            English
            arrow-up
            2
            ·
            3 months ago

            The fact that Signal has not run into legal trouble when Telegram has.

            Because Signal cooperates as much as they can with law enforcement. Signal happily gives all the data they have and thankfully, for its users, the only data they have is the date/time the account was created and the date (not time) a client last pinged their servers; both in unix timestamp format, they don’t even convert it to a proper date.

            Additionally, Signal has no “public groups” like Telegram. Everything’s private, end-to-end encrypted by default.

            Also Signal has some really shady practices, such as rejecting and killing all third party clients.

            Yeah, so that’s outdated misinformation:

            Three of these have existed for multiple years and have not been asked to stop development. The gurk-rs dev even commented (on reddit, unfortunately I can’t find the source) that it reports to Signal’s server as a non-official client and that if the Signal devs wanted to block it, they could easily do so.