Greetings!
A friend of mine wants to be more secure and private in light of recent events in the USA.
They originally told me they were going to use telegram, in which I explained how Telegram is considered compromised, and Signal is far more secure to use.
But they want more detailed explanations then what I provided verbally. Please help me explain things better to them! ✨
I am going to forward this thread to them, so they can see all your responses! And if you can, please cite!
Thank you! ✨
You must log in or register to comment.
With Signal, the key to encrypt your messages are on your device, and is never sent to the company.
Signal, and anyone who hacks them, or governments that attack them, cannot read your messages. This has been proven in court.
With Telegram, the key to encrypt your messages are on their server.
Telegram, and anyone who hacks them, or governments that attack them, can read all of your messages. This has also been proven in court.
While there may be better options out there, from a purely security standpoint.
The real world, with non-tech people needs solutions that are easy, fast and as close to foolproof as possible.
I choose Signal, because my mum, my sisters and brothers (none of which are tech people) can all go to their app stores and install Signal, it works and it is easy. Signal is private BY DEFAULT, I don’t have to remind them to turn on security for each chat, there is voice and video chat for individuals and groups, I can use it to send files. It is really good. Secure communication is their primary goal.
I have been using Signal since it was called TextSecure and I only had one contact using it.
Yes it sucked when they dropped SMS support; but these days about 98% of my messaging goes through Signal. Any SMS is usually from my doctor/dentist/bank.
I never really trusted Telegram, too many compromises. Secure communication is not their primary goal.
All big 3, Signal Telegram SimpleX, are just go to app store install, and send invite to contacts. SimpleX gets framed as technical and dissuades new users from installing, while it’s just as easy as the other 2.
Maybe, but I have had all of my family on Signal for close to 9 years now. Inertia and the network effect is a big part of why platforms stay around.
It took me saying to my mum, that I would ONLY share pictures of her new grandson on Signal to get her to install it. Once mum was on board, the rest followed pretty quickly.
The thought of getting mum to install a new messaging app now, and she is nearly 10 years older. Well it isn’t worth the effort. My threat threat model is low enough, to choose the convenience/security slider at Signal.
As a side note, every month or two; another of my contacts shows up on Signal. I have around 50 contacts using Signal now, as I said before around 98% of my messaging is through Signal.
It really depends on who your friend is, and who they are trying to defenf against.
If the US ( or Russian / Chinese) government really wants to access an internet-connected device, they can do it; what app you are using doesn’t even matter. For example, most people use the default Google keyboard, which could be compromised.
If the concern is about local goons / employers / coworkers, then both Telegram and Signal are more than enough to stop them prying.
As for whether to use Signal or Telegram, Signal has end to end encryption enabled by default, while in Telegram you have to switch it on for each chat. On the other hand, Telegram has the best UI among messaging apps hands down.
I can’t speak about telegram, but signal is absolutely not secure to use. Its a US-based service (that must adhere to NSLs), and requires phone numbers (meaning your real identity in the US).
Matrix, XMPP, or SimpleX are all decentralized, and don’t require US hosting.
So if I understand it Signal has your phone number but only logs sign up date and last activity date. So yes they can say this person has Signal and last used it on date X. Other than that no information.
Matrix doesn’t require a phone number but has no standard on logging activity so it’s up to the server admin what they log, and they could retain ip address, what users are talking in what, rooms, etc. and E2EE is not required.
I think both have different approaches. I’m just trying to understand. On one hand you have centralized system that has a standard to minimize logs or decentralized system that must be configured to use E2EE and to remove logs.
SimpleX is taking a lot of venture capital money which makes it just slightly suspect, imho. Those guys usually want a return of some kind on their investment. I simply don’t trust the motives of technocrats like Jack Dorsey.
The Matrix Foundation, on the other hand, seems a lot more democratic in governance and stewardship of the protocol.
This entire article is guessing at hypothetical backdoors. Its like saying that AES is backdoored because the US government chose it as the standard defacto symmetrical encryption.
There is no proof that Signal has done anything nefarious at all.
This entire article is guessing at hypothetical backdoors. Its like saying that AES is backdoored because the US government chose it as the standard defacto symmetrical encryption.
There is no proof that Signal has done anything nefarious at all.
As an outsider, I mean isn’t that the same for news coverage for chinese/russian backdoors, but everyone believes it without any proof.
Why is US company being a US honeypot a big surprise, and its government recommending it not a big red flag? but it is when China recommends wechat? Can’t we be critical and suspicious of both authoritarian countries?
Do you have access to Signal servers to verify your claims by any chance? Afaik their servers are running modified codebase, and third party apps cannot use them. So how do you claim anything that goes behind closed doors at all? Genuinel curious.
Do you have access to Signal servers to verify your claims by any chance?
That’s not how it works. The signal protocol is designed in a way that the server can’t have access to your message contents if the client encrypts them properly. You’re supposed to assume the server might be compromised at any time. The parts you actually need to verify for safe communication are:
- the code running on your device
- the public key of your intended recipient
Being critical is good, and we should always hold them accountable for our security. We can look to third party audits for help with that.
https://community.signalusers.org/t/overview-of-third-party-security-audits/13243
As you say yourself (cryptocraphic nerd here):
Signal’s E2EE protocol means that, most likely, message content between persons is secure.
So a shame there are no free servers, are the server soft not open source, only the signal app itself?
The server is supposedly open source, but they did anger the open source community a few years back, by going a whole year without posting any code updates. Either way that’s not reliable, because signal isn’t self-hostable, so you have no idea what code the server is running. Never rely on someone saying “just trust us.”
Its impossible to verify what code their server is running.
Signal has posted multiple times about their use of SGX Secure Enclaves and how you can use Remote Attestation techniques to verify a subset of the code that’s running on their server, which directly contradicts your claim. (It doesn’t contradict the claim that you cannot verify all the code their server is running, though.) Have you looked into that? What issues did you find with it?
I posted a comment here going into more detail about it, but I haven’t personally confirmed myself that it’s feasible.
I have read that it is self hostable (but I haven’t digged into it) but as it’s not a federating service so not better than other alternative out there.
Also read that the keys are stored locally but also somehow stored in the cloud (??), which makes it all completely worthless if it is true.
That said, the three letter agencies can probably get in any android/apple phones if they want to, like I’m not forgetting the oh so convenient “bug” heartbleed…
Also read that the keys are stored locally but also somehow stored in the cloud (??),
Which keys? Are they always stored or are they only stored under certain conditions? Are they encrypted as well? End to end encrypted?
which makes it all completely worthless if it is true.
It doesn’t, because what you described above could be fine or could have huge security ramifications. As it is, my guess is that you’re talking about how Signal supports secure value recovery. In that case:
- The key is used to encrypt your contacts, profile name, group avatars, social graph, etc., but not your messages.
- Your key is only uploaded to the cloud if you have a recovery PIN or passphrase
- Your key is encrypted using your PIN or passphrase using techniques (key-stretching, storing in server secure enclaves) that make it more difficult to brute force
The main criticism of this is that you can’t opt out of it without opting out of the Registration Lock, that it necessarily uses the same PIN or passphrase, and that, particularly because it isn’t clear that your PIN/passphrase is used for encryption, users are less likely to use more secure pass phrases here.
But even without the extra steps that we can’t 100% confirm, like the use of the Secure Enclave on servers and so on, this is e2ee, able to be opted out by the user, not able to be used to recover past messages, and not able to be used to decrypt future messages.
Nice try FBI.
Well, if my pin is four numbers, that’ll make it so hard to crack. /s
If you can’t show hard evidence that everything is offline locally, no keys stored in the cloud, then it’s just not secure.
BTW, “keys” when talking about encryption is the keys used to encrypt and decrypt, it wouldn’t be very interesting to encrypt them, because now you have another set of keys you have to deal with.
Nice try FBI.
Wouldn’t “NSA” or “CIA” be more appropriate here?
Well, if my pin is four numbers, that’ll make it so hard to crack. /s
If you’re using a 4 number PIN then that’s on you. The blog post I shared covers that explicitly: “However, there’s a limit to how slow things can get without affecting legitimate client performance, and some user-chosen passwords may be so weak that no feasible amount of “key-stretching” will prevent brute force attacks” and later, “However, it would allow an attacker with access to the service to run an “offline” brute force attack. Users with a BIP39 passphrase (as above) would be safe against such a brute force, but even with an expensive KDF like Argon2, users who prefer a more memorable passphrase might not be, depending on the amount of money the attacker wants to spend on the attack.”
If you can’t show hard evidence that everything is offline locally, no keys stored in the cloud, then it’s just not secure.
If you can’t share a reputable source backing up that claim, along with a definition of what “secure” means, then your claim that “it’s just not secure” isn’t worth the bits taken to store the text in your comment.
You haven’t even specified your threat model.
BTW, “keys” when talking about encryption is the keys used to encrypt and decrypt,
Are you being earnest here? First, even if we were just talking about encryption, the question of what’s being encrypted is relevant. Secondly, we weren’t just talking about encryption. Here’s your complete comment, for reference:
I have read that it is self hostable (but I haven’t digged into it) but as it’s not a federating service so not better than other alternative out there.
Also read that the keys are stored locally but also somehow stored in the cloud (??), which makes it all completely worthless if it is true.
That said, the three letter agencies can probably get in any android/apple phones if they want to, like I’m not forgetting the oh so convenient “bug” heartbleed…
Just so you know, “keys” are used for a number of purposes in Signal (and for software applications in general) and not all of those purposes involve encryption. Many keys are used for verification/authentication.
Assuming you were being earnest: I recommend that you take some courses on encryption and cybersecurity, because you have some clear misconceptions. Specifically, I recommend that you start with Cryptography I (by Stanford, hosted on Coursera. See also Stanford’s page for the course, which contains a link to the free textbook). Its follow-up, Crypto II, isn’t available on Coursera, but I believe that this 8 hour long Youtube video contains several of the lectures from it. Alternatively, Berkeley’s Zero Knowledge Proofs course would be a good follow-up, and basically everything (excepting the quizzes) appears to be freely available online.
it wouldn’t be very interesting to encrypt them, because now you have another set of keys you have to deal with.
The link I shared with you has 6 keys (stretched_key, auth_key, c1, c2, master_key, and application_key) in a single code block. By encrypting the master key (used to derive application keys such as the one that encrypts social graph information) with a user-derived, stretched key, Signal can offer an optional feature: the ability to recover that encrypted information if their device is lost, stolen, wiped, etc., though of course message history is out of scope.
Full disk encryption also uses multiple keys in a similar way. Take LUKS, for example. Your drive is encrypted with a master key. You derive the master key by decrypting one of the access keys using its corresponding pass phrase. (Source: section 4.3 in the LUKS1 On-Disk Format Specification (I don’t believe this basic behavior was changed in LUKS2).)
Just so you know, “keys” are used for a number of purposes in Signal (and for software applications in general) and not all of those purposes involve encryption. Many keys are used for verification/authentication.
And it’s I who should take a course in encryption and cybersecurity.
ROFL
Good to see you have your study material at hand though, and yes cryptography is complicated but you’ll get the hang of it eventually.
Telegram for random public chatter/file storage(with password lock), talking to strangers without giving them your number. Signal for personal/private conversations.
Spread your data (encrypted or not) around, so a single entity doesn’t own your digital life. Your device can handle 2 apps and don’t give them permissions willy nilly. Geez, every one of these posts just wants to start a flame war.
Signal supports username based chatting.
Behind those usernames, are phone numbers (meaning real identities) stored in signal’s database.
In Telegram, you never have to expose your phone number. If you like walking into traps then of course you can.
But can make minimal efforts to not be a degenerate avoiding this obvious easily avoidable trap.
How to avoid exposing your phone number
Make a group called
i'm not a complete utter idiot. Whenever you have a friend wanting to connect, make a group link, send it to them, have them join. After joining have them send a message in the group. Just, “Hi”. Nothing more. Less is more.Look for that message and click on the person’s name. You are now connected. Send them a personal message, “Hi!”.
You can also add them as a contact without sharing your phone number.
Your friend will probably be a degenerate and expose their phone number. Teach them how to go into settings to always hide it.
Try not to call them a degenerate, degenerates hate that.
Also try not to think of them as a degenerate, they will already know that and be proud of it and not understand why you don’t share their enthusiasm.
So control what thoughts you project into the ether. If you have to change the topic in your mind to something involving flowers singing birds and clouds.
That’s a neat trick, thanks for sharing
Your welcome. Use it in good health. And please excuse my colorful prose.
There is many many comments on Telegram bleeding the phone number. And only one comment saying that doesn’t have to be the case.
Telegrsm is not secure anymore. USA have all the keys of the encriptions of telegrsm.
citation?
I think whas this video https://www.youtube.com/watch?v=A8ZXDiQLH9I
Telegram rolls their own crypto. That should be the biggest red flag by far. I say this as a telegram user
The encryption method they use was made up by them, and the chats aren’t even end to end encrypted by default. Which I would argue is a larger red flag.
This
1 + 1 = 2logic is boring. It’s trying to escape out of a wet paper bag over and over again. Whatever your1 + 1 = 2logic is their is another guy who can drive a bus staight thru it. Every single time.In a year from now you will find out you are completely mistaken and just repeating nonsense. Every freak’n time.
Just for once, do the wrong thing. Make the wrong choice on purpose.
Instead of seeing never ending red flags. Today see purple flags. And tomorrow orange. Cuz why do flags always have to be red?
You can be right or you can have fun.
Do the wrong thing sometimes. Live a little.
Hopefully you aren’t driving any buses while you’re this high.
It’s not never ending red flags. In fact, I see lots of green flags from signal. Telegram, though, that’s a different story.
i’m a milk tea addict. Carry around cinnamon and nutmeg. And hang out on github.
These are horrible vices. But no excuse for having divergent opinions.
Telegram is fine.
Signal will be gone tomorrow and you’ll lose your network. Moving networks from one platform to another is impossible. So we end up creating new networks.
Currently i’m making a network of Python coders i’ve collaborated with. The communication medium is not consistent nor ideal.
Hate email with a passion. So of course most the communication is going over plain text email. Tried pushing for communication on plain text mastodon.
In my view, by far the biggest reason to switch is that Telegram doesn’t end-to-end encrypt chats by default.
Yes you can start encrypted chats specifically, but i’ll bet 99% of chats on telegram aren’t encrypted - meaning whoever has access to the telegram servers can read all the messages.
Signal claims to end-to-end encrypt all chats by default, and if you want to be 100% sure you can in theory read the source code and compile the app yourself. this means signal cannot read any of your messages, even if police asks them to or servers get seized. That’s a massive advantage in privacy.
Additionally, E2E chats don’t sync between devices (and iirc you can’t use them on desktop at all), and group chats can’t be encrypted at all.
Signal very recently made syncing between devices possible:
https://signal.org/blog/a-synchronized-start-for-linked-devices/
Telegram is not end to end encrypted. Repeating it’s not. Only private mode or something like that is.
You don’t say? A cloud-service I can access from all devices plus API and bots is not e2e-encrypted with zero knowledge? I’m shocked. That’s what “secret chat” is for. Literally.
They chose this way as the regular Joe and Jane don’t care for privacy but for comfort. You can never ever have both. Nowhere.
I love tgram for it being so open. And e2e when I need it. I don’t need privacy for when my smarthome sends me notifications about a light I left on or something 😁
Yep, and this allows for proper content moderation. Telegram can actually just find and report creeps to authorities
That too. Sadly the restrictiveness was badly abused. Noone really wonders but…that’s why we can’t have nice things.
Well then use the secret chat if you want your chat to be secret from any prying eyes
I meant the restrictiveness towards governments. The pesos and Nazis fucked that up, tgram had to do something or have their ill repute grow even more.
Telegram seems to be a popular option for groups of such orgs. Other apps have the same risks tho. It’s a bit if a mess
I actually always deemed that a quality aspect. If those shitbags use tgram it has a reason. Sadly it’s not really great for the app itself. So he had to do something about it. IMHO the best compromise he could do other than just staying “the bad guy”.
You don’t have to learn Morse code.
