Here's what telegram's founder say about Whatsapp's privacy (graph.org)

submitted 4 months ago* (last edited 4 months ago) by clot27@lemm.ee to c/privacy@lemmy.ml

94 comments fedilink hide all child comments

This is an article written by telegram's founder and CEO Pavel Durov in 2019 on "Why whatsapp will never be secure". Your thoughts?

top 50 comments

sorted by: hot top controversial new old

[-] cypherpunks@lemmy.ml 82 points 4 months ago* (last edited 4 months ago)

Sure, fuck WhatsApp, but Telegram isn't even end-to-end encrypted most of the time. Their group chats never are, and their "secret chat" encryption for non-group chats must be explicitly enabled and hardly ever is because it disables some features. And when it is encrypted, it's with some dubious nonstandard cryptography.

It's also pseudo open source; they do publish source code once in a while but it never corresponds to the binaries that nearly everyone actually uses.

And the audacity to talk about metadata when Telegram accounts still require a phone number today (as they did five years ago when this post was written) is just... 🤯

State-sponsored exploits against WhatsApp might be more common than against Telegram, or at least we hear about them more, but it's not because the app is more vulnerable: it's because governments don't need to compromise the endpoint to read your Telegram messages: they can just add a new device to your account with an SMS and see everything.

(╯° °）╯︵ ┻━┻

Anything claiming to prioritize privacy yet asking for your phone number (Telegram, WhatsApp, Signal, ...) is a farce.

[-] Neon@lemmy.world 22 points 4 months ago* (last edited 4 months ago)

Anything claiming to prioritize privacy yet asking for your phone number (Telegram, WhatsApp, Signal, ...) is a farce.

Yeah, sure. The privacy farce signal.

I'm getting tired of this stupid hardline-take.

[-] randint@lemmy.frozeninferno.xyz 9 points 4 months ago

Shit, 2019 really was five years ago.

[-] nutomic@lemmy.ml 9 points 4 months ago

Telegram isn't perfect, but it is infinitely better than Whatsapp because it doesn't belong to Facebook, and also isn't from the United States. Also it can be used by normies without problem, unlike Matrix or Xmpp or what have you.

load more comments (4 replies)

[-] Sal@mander.xyz 5 points 4 months ago

And the audacity to talk about metadata when Telegram accounts still require a phone number today (as they did five years ago when this post was written) is just… 🤯

Not only that, but I believe that they actively try to prevent VoIP numbers from being used to create accounts.

[-] UnfortunateShort@lemmy.world 3 points 4 months ago

I don't agree with everything but that last point of yours. Requiring your phone number only means your are not anonymous. There is no need to be anonymous to communicate privately. In fact, it can be counterproductive, since your are much more vulnerable to social engineering.

load more comments (1 replies)

[-] qyron@sopuli.xyz 3 points 4 months ago

Then what is the choice?

[-] Neon@lemmy.world 13 points 4 months ago* (last edited 4 months ago)

Signal is just fine. This with the PhoneNumber is a really stupid hardliner-take.

Something can be private without being anonymous.

[-] lemonuri@lemmy.ml 8 points 4 months ago

Read up on Xmpp or matrix as good alternatives.

[-] Gooey0210@sh.itjust.works 4 points 4 months ago

Matrix not yet untill they implemented proper encryption and security stuff

SimpleX is pretty cool

load more comments (1 replies)

load more comments (2 replies)

[-] crispy_kilt@feddit.de 54 points 4 months ago

What a load of hipocrisy. The dude uses unauthenticated DH for his apps "secret chats", which a bored student with a laptop can MITM in seconds. Other chats use just TLS, meaning they get to read EVERYTHING.

Use Signal, people.

[-] clot27@lemm.ee 3 points 4 months ago

which a bored student with a laptop can MITM in seconds

No, how can a bored student breach e2ee in seconds? note that no such cases have been reported by any telegram user so far.

[-] crispy_kilt@feddit.de 7 points 4 months ago* (last edited 4 months ago)

Because the DH is unauthenticated, as I already said. Users can't report it because there is no way to tell for them.

load more comments (7 replies)

load more comments (1 replies)

[-] LWD@lemm.ee 35 points 4 months ago* (last edited 4 months ago)

deleted

load more comments (1 replies)

[-] amanneedsamaid@sopuli.xyz 28 points 4 months ago

"Here's what someone who has never created a private messenger thinks about Whatsapp's privacy."

Why would anyone care about what he has to say? 💀

[-] flying_sheep@lemmy.ml 9 points 4 months ago

Owned by Facebook, which is a giant US company.

Of fucking course it has backdoors.

load more comments (5 replies)

[-] Papanca@lemmy.world 20 points 4 months ago* (last edited 4 months ago)

Clicking the link gives me the following warning:

The site ahead may contain harmful programs

Firefox blocked this page because it might try to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit).

[-] clot27@lemm.ee 4 points 4 months ago

weird, works for me in firefox with all privacy features enabled, can you please try this link: https://telegra.ph/Why-WhatsApp-Will-Never-Be-Secure-05-15

[-] Cheradenine@sh.itjust.works 7 points 4 months ago

Your original link is blocked at DNS level on my 'Threat intelligence' blocklist.

And that link is blocked at DNS level by 'Toxic' and 'Stop Forum Spam' filters.

So it's blocked before the browser can even connect for me.

[-] Pons_Aelius@kbin.social 4 points 4 months ago

I got the same warning for the original link with ff as well.

Your comment link didn't throw up a red flag.

load more comments (1 replies)

[-] mustbe3to20signs@feddit.de 14 points 4 months ago

WhatsApp's e2e encryption is based on the Signal protocol and active by default. Telegram's is opt-in. So much for Telegram's superior privacy...

load more comments (22 replies)

[-] Aradia@lemmy.ml 9 points 4 months ago

WhatsApp will be never private and secure, while Telegram will be never private. 😁

[-] Asudox@lemmy.world 5 points 4 months ago

Who said telegram is secure?

[-] Aradia@lemmy.ml 5 points 4 months ago

No one said the opposite, while on WhatsApp they had several vulnerabilities that allowed attackers to get the user phone control.

An example: https://thehackernews.com/2021/04/new-whatsapp-bug-couldve-let-attackers.html

But there were many more vulnerabilities or "features" that WhatsApp allowed attackers or governments to get into user data. While I haven't read anything about against Telegram security.

load more comments (7 replies)

[-] java@beehaw.org 5 points 4 months ago

I'm not qualified enough to argue, but I wouldn't trust Durov. He's a competitor, after all. And he has a history of questionable decisions.

[-] Dehydrated@lemmy.world 3 points 4 months ago

Both WhatsApp and Telegram suck. Just like any other messenger that's either proprietary or not end to end encrypted. Signal is clearly the best choice.

[-] EngineerGaming@feddit.nl 11 points 4 months ago

Signal is not the best choice, it's just a somewhat aceptable middle ground. I prefer something that doesn't require a phone number and something you can self-host, like XMPP.

[-] Dehydrated@lemmy.world 5 points 4 months ago

Good luck convincing normies to use some obscure messaging protocol. It's difficult with Signal, even harder with Matrix, basically impossible with XMPP. 99.99999% have never in their life heard about XMPP. Also most mobile clients absolutely suck. You also can't get proper push notifications without completely ruining your battery life. What a great choice!

[-] EngineerGaming@feddit.nl 5 points 4 months ago

I don't see a big difference, the hardest thing by itself is convincing someone to install one more program or app. Also Conversations does not suck.

load more comments (4 replies)

load more comments (3 replies)

load more comments

this post was submitted on 12 Jan 2024

79 points (75.5% liked)

Privacy

29356 readers

402 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

k_o_t@lemmy.ml

tmpod@lemmy.pt

TheAnonymouseJoker@lemmy.ml

Yayannick@lemmy.ml

ranok@sopuli.xyz