 So…there is a concerted campaign, with Musk as its mouthpiece, to discredit Signal and get people to switch to Telegram. It’s disinformation, but there’s also useful information in it. The useful information is that a hideous, powerful, right-wing crank — or whoever’s yanking his chain — really, really wants people to use Telegram. We’ve long known Telegram’s security is weak. But now, in light of this new information, we should move forward assuming that Telegram is actively compromised. 59 comments
 @inthehands I could never keep the super secure messaging systems straight to begin with🍸👀😺  @inthehands that was my thought exactly. i am wondering how much of a security the app on my phone is now.   @aral @inthehands Yeah once you hear they home rolled, it's just be silly not to take it as granted
 @inthehands I'd assume the same of Signal, to be honest. You're not safe and secure against a nation-state actor, especially not running software from that country communicating through servers run in that country. The question is if you're worth them exposing that operation (you're probably not). @pettter @inthehands signal lead dev Moxie(an Israeli citizen) took millions from the cia. It’s got a backdrop.  Disagree. The question is whether you're high-profile enough that them compromising you (using a tool they own, in an environment they control) would result in their "operation" being "exposed" to a degree that would result in their operation being disrupted. If you're anything like me, probably not. (There's an entire class of people who can get disappeared in plain sight and everyone will automatically hallucinate their own thought-terminating explanation. Sucks)   @pettter @inthehands While I agree that it's good to expect compromise of whatever technology you're using, I don't think this take is really helpful. The assumption that everything is compromised, apart from discussing strategies for dealing with it, just takes away our ability to make informed decisions. We have limited knowledge of the capabilities of the relevant threat actors, so we have to weight the probability that a particular implementation is still secure.  @inthehands that's essentially the conclusion I lead myself to when both dorsey and musk were on the anti-signal train. @lucas @inthehands Dorsey gives one million dollars per year to the Signal Foundation (or at least claimed to). That doesn't sound anti-Signal https://www.reuters.com/technology/jack-dorsey-says-he-will-give-1-mln-per-year-signal-app-2022-12-13/ @Ash_Crow @inthehands Not saying he didn't, but that article, and every article I could find, said he "would" not, "has" - and it was 2 years ago. He also just quit bluesky and is saying X is a "freedom technology" So, I still have doubts about his motivations. @inthehands I just assume that anything that sells itself as being safe from the feds is run by the feds @inthehands@hachyderm.io @inthehands War with Ukrane. Russian connected development team. Not difficult to figure that Telegram would at least face enormous pressure to become an intelligence asset. Or more likely actually be one at this point. @inthehands musk probably wants also that people join those right wing telegram groups where they spread conspiracy stuff @inthehands The simplest answer is probably the correct one. What does a US ceo hate more than proportional taxation? Unions.  If the Nazis are promoting something it's pretty safe to assume it's something that will help Nazis and is not good for the rest of us. This should be the nail in the coffin for Telegram.  Yeah, the neo-Nazi dogwhistles on the Telegram website video should make people stay as far as possible from Telegram. It makes clear what their priorities and aims are.  @inthehands @inthehands As soon as Durov promoted Tucker Carlson on his personal feed, the agenda became clear. (He’s never promoted anyone else) @spongefile @inthehands Yeah, really bizarre that he claims to neutral by doing an interview with left-leaning media and also right-leaning media but then goes on to only promote the latter? I can't even find the former one if I try.  @inthehands@hachyderm.io Wikipedia says Telegram's headquarters is in Dubai, UAE. I stopped trusting it the moment I knew about that. @inthehands Did you ever thought about crypto scams and pump & dump? I mean #Musk is known for it, did it multiple times, did it with #Tesla. Shortly after the telegram crypto bullshit he starts pushing it. Could also be a reason, no? @inthehands The fact they tried to do and ICO and tie the service to a shady Blockchain project to avoid raising money through means that would leave them subject to any sort of accountability set alarm bells ringing long ago, even without the Russia ties. @inthehands for me, it's not about security being weak or strong. But when it's not turned ON at all by default, it can be as strong as posisble, yet still worth nothing to me.  @peterkotrcka @inthehands And if you turn it on, even if it’s uncrackable, you’re now a legitimate target because so few will actually go out of their way to turn it on. @inthehands actually for some reason a lot of right wing bigger players have been using telegram. it's weird, but has been like this for a while now and idk why these morons think telegram is any better.  @inthehands @inthehands three years ago, Musk did the same to get people to move from WhatsApp to Signal though.  @inthehands meanwhile my friends refuse to switch to Signal cause "it's slow and it sucks" and the only alternative they seem to be even slightly open to is WhatsApp 🥲 I never trusted telegram but which campaign are you talking about ? :hilda_shocked: @inthehands Is this part of the same campaign that had a telegram guy saying how untrustworthy everything but telegram is because they use "codes developed by the US government" and "Android and iOS use different APIs" and so forth?  @inthehands Unfortunately Signal is a binarry blob and is extremely shady (they are extremely hostile to letting distributions try to build it and to reproducible builds) . I suggest using Molly-foss instead. @inthehands Never used Telegram, never will - I find it strange that Musk wants his users to stop using Signal and to move to the far weaker, and less secure Telegram, especially after Musk championed Signal back in 2021, telling his followers on Twitter at the time to 'Use Signal' back when Moxie Marlinspike was still CEO at Signal.  @inthehands Despite his buddy Dorsey? https://www.reuters.com/technology/jack-dorsey-says-he-will-give-1-mln-per-year-signal-app-2022-12-13/ @inthehands What a great reasoning! The story has Musk and right-wing, so it's pretty clear Telegram must be compromised. Brilliant! We use the same kind of shitty argument they use to say Signal is compromised! @inthehands In my hackerspace's chat someone asked for what technical (not content) reasons Telegram would be bad. I know it's got basically no security, but has anyone got some links I can post? Good sources? @inthehands@hachyderm.io could also just be the fact that telegram has nazis in the devteam @inthehands@hachyderm.io Can we just do an open source Telegram server that has all the features the official ones have, and modify the clients a bit to allow self hosted servers? Cause telegram still has some good user experience.  @inthehands@hachyderm.io telegram is used by facists who think that signal is too "woke" |
Gregory's Server
Lest it get lost in that longer post:
Assume Telegram is compromised. Not just vulnerable. Compromised.