Is Telegram an encrypted messaging app?

1

Cwtch

4sci35xrhp2d45gbm3qpta7ogfedonuw2mucmc36jxemucd7fmgzj3ad.onion (not a real one), and you'd register to it via IM client. Now you can't connect to the domain without Tor, so misconfiguring can't really hurt. So that covers name and IP. We'll assume the content was already end-to-end encypted so that leaks no data. Next, we want to hide the social graph, and that requires getting rid of the server. After all, a server requires you to always route your messages through it and the service can see this account talks to this account, then to these ten accounts, and ten minutes later, those ten accounts talk to ten accounts. That sounds like a command structure. So for that you want to get rid of the server entirely, which means going peer-to-peer. Stuff like Tox isn't Tor-only so you shouldn't use them. For Tor-only p2p messaging, there's a few options https://cwtch.im/ by Sarah Jamie Lewis (great, really usable, beautiful).

#Instant Messaging #Group Chat & Notifications #Communication 31 social mentions

2

Onionshare

Https://onionshare.org/ by Micah Lee. Also has chats between user and hoster.

#File Sharing #Cloud Storage #Secure File Sharing 59 social mentions

3

Tinfoil Chat

>You can have your phone compromised (especially when I know your phone number, Signal I’m looking at you) or be subject to other means of attacks, exposing everything. Knowing someone's phone number doesn't automatically let you compromise their device. This is such a ridiculous argument. >I would rather know that this app is not secure so I don’t share anything important, while keeping secure communication to other means. This is nirvana fallacy. It's essentially saying "We should not talk about Telegram lying about its security, when in reality nothing is 100% secure". Yeah, nothing is, there's always an attack. That doesn't contribute anything of interest to the topic, it just tries to kill the criticism. And I'm saying this as someone who has worked on this exact topic for ten years: <a href="https://github.com/maqp/tfc">https://github.com/maqp/tfc</a>.

#Communication #Instant Messaging #Group Chat & Notifications 6 social mentions

4

Briar

This snake oil is spreading like [Herpes] Simplex . Again, the company lies about queues (a programming technique) being a privacy feature. The application can not get rid of the metadata of server knowing which IPs are conversing, unless the clients explicitly connect to the service via Tor. The server must always know from which connection to which connection it routes packets. It's not a network hub, it's a switch, after all. https://cwtch.im/ and https://briarproject.org/ route everything through Tor always, and they don't have server in the middle, which means there is no centralized authority to collect metadata. It's light years ahead of what Simplex pretends to offer.

#Communication #Group Chat & Notifications #Instant Messaging 128 social mentions

Or better use a P2P IM like Jami: https://jami.net.

#Communication #Group Chat & Notifications #Messaging 14 social mentions

6

SimpleX chat

>One of the biggest privacy problems in messaging is the availability of loads of meta-data — essentially data about who uses the service, who they talk to, and when they do that talking. >I am not specifically calling out Telegram for this, since the same problem exists with virtually every other social media network and private messenger. In fact, https://simplex.chat/ is the only messenger with the least amount of metadata.

#Chat #Privacy #Security 69 social mentions