Follow

"Signal Server is effectively closed source software right now"

lemmy.ml/post/55595

@edgren
Interesting, especially in conjunction with other recent news about Signal's beginning and funding.
Makes me wonder if any service today is trustworthy at all.

@fredl99 Well, since Signal only supports E2EE, it is safe in that term, but otherwise, nope! 😂 Telegram (as of one example) are much safer than Signal in terms of privacy.

@dsv @fredl99 Signal: your phone number are visible by anyone and you add people by their phone number.

Telegram: I'll let the screenshot do the talking. Plus, you are in control over everything that is about you. You are in control over who will keep the history of an conversation, media, or messages. Their latest auto-delete update are quite awesome, too.

telegram.org/blog/autodelete-i

@edgren
Yes, the phone number exchange bothers me a bit. But as I only use it instead of SMS it's fine with me. These contacts would have my number anyway.
And I noticed an increasing number of messages about other contacts who joined Signal. People with whom I had to do once or twice and stored their number. At least it reminds me to clean up my phonebook :)

@dsv

@fredl99 @dsv Yeah, if your contacts already have your phone number, then no problems 😅

@edgren @fredl99
well I dont trust either of them, and privacy shouldn't be about trust, thats why I use a selfhosted, decentralized alternative where a phone number isn't required. I didnt know this about signal tho, so thanks.
on telegram I cant really see why it would be privacy respecting as iirc their backend is proprietary and store the encryption keys on the server.

@dsv @fredl99 I understand you. But I do trust Pavel Durov more than I trust Mark Zuckerberg 🙂 The source code of MTProto will be open source soon as well.

@edgren @fredl99
no, I did not understand what he has to do with this

@dsv @fredl99 Oh, ok. Before Pavel Durov created Telegram with his brother back in 2014, he had also created VK. VK are Russia's answer to Facebook and Pavel are therefore often seen as Russia's Mark Zuckerberg.

But there is a big difference between them both. Mark loves having power and control over people while Pavel loves privacy and security and want to let people experience that, hence my "I do trust Pavel more than I trust Mark".

@edgren @fredl99 aha, didnt catch the reference, I though you talked about signal, thats why I got confused.
I really dont trust devs who try to convince people that "we care about privacy and will release the source sometime in the future". i mean telegram isnt some new app, its been around for a while. and on top of that its still centralized and requires a phone number, just like signal.

@dsv @fredl99 Hehe, no worries 🙂

I totally understand you, but Signal are not an app you should trust, mainly because it's 100% American with servers located in the US and now closed sourced server management... in USA.

My data for Telegram are in Netherlands since I live in EU. A country known for its good/strong privacy laws. And yes, I know how E2EE works, but since Signal are like it is today, my trust for it has lowered even more.

I do use XMPP today, but I find Telegram better.

@edgren
You made me curious.
I'm testdriving telegram now.
Did you know there's a (more or less) FOSS based variant available at f-droid?

@fredl99 Nice 😊 Yes. I use that version. Waiting patiently for version 7.5.1 to come out.

github.com/Telegram-FOSS-Team/

@fredl99 By the way. If you want someone to test drive it with, enter a username in the settings and add me on t.me/edgren

@edgren
Thank you, I will eventually get in touch with you.
At the moment I'm exploring all the settings and trying to find out how to control which data is emitted.

Only one thing: As the servers are located within the EU telegram would clearly be affected by the proposed laws if they become reality.

@fredl99 Alright. Can't recall I have read about any law changes in EU. Can you tell me what it is, please?

@edgren
It's only a proposal by now. But if it passes the Parliament then all providers will have to follow it.
I'm trying hard to spread the word, like this -> fosstodon.org/@fredl99/1058480

@fredl99 Oh my. That's not good. I hope it will be denied.

@edgren
It's good to hope, but supporting the petition would be even better. 😉
And/or talk to your elected representative, spread the word, etc...

Show newer

@edgren You can bet your ass Signal got a NSL at some point from the FEDs and is "cooperating".

They can't admit it happend or they'll end up in the gulag.

Sign in to participate in the conversation
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.