this post was submitted on 02 Oct 2024
31 points (94.3% liked)

Technology

58599 readers
3828 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
31
Telegram is exposing their users privacy. (lemmynsfw.com)
submitted 1 week ago by [email protected] to c/[email protected]
27 comments fedilink hide all child comments
 

Source.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 15 points 1 week ago (5 children)

Telegram was built to protect activists and ordinary people from corrupt governments and corporations – we do not allow criminals to abuse our platform to evade justice.

So who gets to pick what's a lawful request and criminal activity? It's criminal in some states to seek an abortion or help with an abortion, so would they hand out the IPs of those "criminals"? Because depending on who you ask some will tell you they're basically murderers. And that's just one example.

Good privacy apps have nothing to hand out to any government, like Signal.

[–] [email protected] 3 points 1 week ago (1 children)

Exactly. The strive for zero knowledge is the proper way to be going.

[–] [email protected] 1 points 1 week ago

But then you can't sell your customer's data for profit. Even if you don't now, you still have that option in the future.

[–] [email protected] 1 points 1 week ago* (last edited 1 week ago)

In the US, agents must petition a judge for a search warrant. If granted, the agent may then compel an IT company to produce. If they are able, they must comply. It isn't up to the CEO to decide what he feels is right.

Look for services that allow your data to be encrypted, but it must also clearly state the service provider does not have the encryption keys -- you do. Apple does this, I believe.

[–] [email protected] 0 points 1 week ago* (last edited 1 week ago) (1 children)

The second I went to sign up and learned a phone number was absolutely required, I knew that their privacy was pure bullshit. That little declaration at the end here is an absolute slap to the face.

[–] [email protected] 2 points 1 week ago* (last edited 1 week ago) (1 children)

Signal requires that as well. Their privacy is definitely not bullshit. As far as I can tell, it's a spam mitigation method. But yeah, Telegram is pretty much the very bottom of privacy. Even Meta now encrypts all messages across all platforms.

[–] [email protected] -1 points 1 week ago (2 children)

It's bad for privacy no matter how you sell it. Unless you have a good amount of disposable income to buy up burner numbers all the time, a phone number tends to be incredibly identifying. So if a government agency comes along saying "Hey, we know this account sent this message and you have to give us everything you have about this account," for the average person, it doesn't end up being that different than having given them your full id.

[–] [email protected] 1 points 1 week ago

Guys like you see privacy as a monolith, that it never is. Unusable privacy is meanigless as email had shown. Privacy of communications does not mean privacy of communicators and usable authentication can be more important then anonymity.

And all this has to be realised on real-world servers, that are always in reach of real world goverment.

[–] [email protected] 1 points 1 week ago

Another aspect is the social graph. It's targeted for normies to easily switch to.

Very few people want to install a communication app, open the compose screen for the first time, and be met by an empty list of who they can communicate with.

https://signal.org/blog/private-contact-discovery/

By using phone numbers, you can message your friends without needing to have them all register usernames and tell them to you. It also means Signal doesn't need to keep a copy of your contact list on their servers, everyone has their local contact list.

This means private messages for loads of people, their goal.

Hey, we know this account sent this message and you have to give us everything you have about this account

It's a bit backwards, since your account is your phone number, the agency would be asking "give us everything you have from this number". They've already IDed you at that point.

[–] [email protected] 0 points 1 week ago

So who gets to pick what’s a lawful request and criminal activity?

Probably Telegram themselves. Durov was forced into exile by Putin.

[–] [email protected] -2 points 1 week ago* (last edited 1 week ago) (1 children)

So who gets to pick what's a lawful request and criminal activity?

The...law?

It's criminal in some states to seek an abortion or help with an abortion, so would they hand out the IPs of those "criminals"?

Of course they will. If they don't, they'll be arrested. Which is exactly what happened.

[–] [email protected] 1 points 1 week ago (1 children)

The…law?

In which country?

[–] [email protected] -2 points 1 week ago* (last edited 1 week ago) (1 children)

The country in which the perpetrator lives or the crime was committed. First time using the internet?

[–] [email protected] 2 points 1 week ago (1 children)

The country in which the perpetrator lives or the crime was committed. First time using the internet?

In your opinion, all companies must disclose the personal information of customers whenever a Government says "This person broke the law"?

[–] [email protected] -2 points 1 week ago* (last edited 1 week ago) (1 children)

In your opinion

None of this is my opinion, it's just how the world works LOL

all companies must disclose the personal information of customers whenever a Government says "This person broke the law"?

Not necessarily, but kinda. The gov typically need some sort of warrant, and they need approval from the country they're requesting it from. (I don't know all the legal terms here). The provider can contest it. Look at the disclosures of your favorite international tech company, most of them make this information public (except when the gov specifically tells them they can't until they change their mind later).

Here's one from Proton

[–] [email protected] 1 points 1 week ago (1 children)

None of this is my opinion, it’s just how the world works LOL

Can you elaborate?

Not necessarily, but kinda. The gov typically need some sort of warrant and they need approval from the country they’re requesting it from.

Which Government?

Pardon my ignorance as this is my first time using the internet, but I am pretty sure that every Government on the planet does not use a universal set of laws or procedures for enforcement.

[–] [email protected] -1 points 1 week ago

Can you elaborate?

I just did.

Which Government?

I already answered this one as well.

I am pretty sure that every Government on the planet does not use a universal set of laws or procedures for enforcement.

No but they all certainly have some sort of system for requesting access to information.