• jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    65
    arrow-down
    2
    ·
    6 months ago

    Yes there is FUD around signal. But they are not offering any better solutions.

    Signal has some structural issues, and isn’t a good solution for all threat models (i.e. if your a government who doesn’t fully trust the USA, then signal isn’t for you)

    Any conversation that doesn’t talk about briar, simplex, etc is deeply flawed since only they attempt to address the fundamental structural issues with signal.

    Don’t use that centralized chat service, use THIS centralized chat service - is just FUD… and isn’t a helpful conversation.

    • Count042@lemmy.ml
      link
      fedilink
      arrow-up
      9
      arrow-down
      3
      ·
      6 months ago

      Don’t use a centralized chat service. Use a decentralized chat service. XMPP uses the same encryption for it’s e2e encryption, is decentralized, and super light weight for both the server and the client.

      • onlinepersona@programming.dev
        link
        fedilink
        English
        arrow-up
        39
        arrow-down
        2
        ·
        6 months ago

        And “super easy” to use. To get your friend onto it, first you have to host a server, then they have to install a client with an interface from the 90s, activate the XEPs for encryption on their client and ensure the server supports it too, exchange usernames, create an encrypted connection and exchange random codes over another medium to ensure you’re talking to the right person.

        NOW you can start chatting with the other person and hope the server doesn’t crash. ECPC

        Anti Commercial-AI license

            • The Doctor@beehaw.org
              link
              fedilink
              English
              arrow-up
              1
              ·
              6 months ago

              One account, multiple devices logging into it (in my use case, personal laptop, work laptop, two phones).

        • Count042@lemmy.ml
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          6 months ago

          Or, you can skip the unhinged rant, use monocles or dino, and a public server.

          Also, hosting a server is much simpler than something like matrix. You can host an xmpp server on a pi and that is more than enough. Or, just use a public server.

          So difficult.

          I like how you included steps that absolutely aren’t required and haven’t been for like a decade to make your statement more hyperbolic.

    • umbrella@lemmy.ml
      link
      fedilink
      arrow-up
      4
      ·
      6 months ago

      if your a government who doesn’t fully trust the USA, then signal isn’t for you

      how? i tought it was e2ee and open source?

    • Rose@lemmy.world
      link
      fedilink
      arrow-up
      19
      ·
      6 months ago

      Its Russian founder recently praised Musk in an interview for Tucker Carlson.

      • fruitycoder@sh.itjust.works
        link
        fedilink
        arrow-up
        6
        ·
        6 months ago

        Is narcissistic disorder a prereq to be a billionaire or is it just a common symptom of having too much wealth for some.

        • Dr. Jenkem@lemmy.blugatch.tube
          link
          fedilink
          English
          arrow-up
          5
          ·
          edit-2
          6 months ago

          Yeah sort of. I think those types of disorders get rewarded in many cases. It’s exceptionally profitable to exploit labor, mislead the public, and plunder the planet. When you have a conscience and empathy, that’s a lot harder to do, especially if you already enjoy a certain level of financial security.

  • umbrella@lemmy.ml
    link
    fedilink
    arrow-up
    42
    arrow-down
    3
    ·
    6 months ago

    telegram is the real FUD here. its closed, not encrypted by default and all messages go through a centralized server.

    • rdri@lemmy.world
      link
      fedilink
      arrow-up
      4
      arrow-down
      16
      ·
      edit-2
      6 months ago

      not encrypted by default

      Not e2e encrypted ≠ not encrypted.

      its closed

      Client is open source and you can use your own client with custom functionality if you like. I imagine nothing stops anyone from adding their own e2e implementations on top of it.

      • Brayd@discuss.tchncs.de
        link
        fedilink
        arrow-up
        9
        arrow-down
        1
        ·
        6 months ago

        SSL on websites also is encryption. Still you can post your precious pictures “encrypted” via SSL for the whole world to see. I think everyone knew what was meant with encryption in this context.

        • rdri@lemmy.world
          link
          fedilink
          arrow-up
          1
          arrow-down
          10
          ·
          6 months ago

          I think everyone knew what was meant with encryption in this context.

          I think not.

      • umbrella@lemmy.ml
        link
        fedilink
        arrow-up
        6
        arrow-down
        1
        ·
        edit-2
        6 months ago

        i know but neither encryption, nor foss clients matter much if it has to go through a closed server. thats kind of half the point of encrypting stuff. at least telegram supports it but cmon.

        its like saying facebook is private because your browser is foss and you use https.

        • rdri@lemmy.world
          link
          fedilink
          arrow-up
          1
          arrow-down
          5
          ·
          6 months ago

          Anything goes through closed servers. Even more, serverless chat protocols tend to go through multiple users PCs (they are not open to you).

          point of encrypting stuff. at least telegram supports it

          I’m pretty sure telegram doesn’t support plaintext transfers.

          its like saying facebook is private

          I didn’t call telegram private.

  • Possibly linux@lemmy.zip
    link
    fedilink
    English
    arrow-up
    35
    ·
    6 months ago

    I don’t think it has anything to do with the “right wingers.” I think many people and governments seek to discredit anything they can not control. Its basic misinformation tactics.

    As far as Elon goes, he says crazy things and shouldn’t be believed.

  • The Doctor@beehaw.org
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    1
    ·
    edit-2
    6 months ago

    They do this periodically. We saw it during Occupy, the Arab Spring, BLM, now Palestine (again). As a general rule, when folks go into the streets, the tighty righties start up the FUD.

    There is a reason why spooks learn tradecraft - threat modeling, procedures, awareness, and techniques - more than they learn technology. It would behoove folks to to learn a little about that before hitting up the appstore.

  • friend_of_satan@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    6
    ·
    edit-2
    6 months ago

    Talks about other people creating FUD, then links to a post asserting telegram is compromised without citing any sources about anything discussed in the post. 🙄 FUD indeed.

    • Terrasque@infosec.pub
      link
      fedilink
      arrow-up
      2
      arrow-down
      2
      ·
      6 months ago

      I’m not saying it’s broken, but it has some design choices and functions that makes even Whatsapp a better choice for privacy minded people. Like rolling their own crypto and not having e2ee as default.

      • Autonomous User@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        edit-2
        6 months ago

        Anti-libre software, WhatsApp, bans us from proving it has E2EE, bans us from proving any of its claims and bans us from removing malicious source code.

    • Autonomous User@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      4
      ·
      edit-2
      6 months ago

      Telegram is Service as a Software Substitute (proof app needs service and we are missing server software for it: broken app).

  • The_Dark_Knight@lemmy.sdf.org
    link
    fedilink
    arrow-up
    2
    arrow-down
    7
    ·
    edit-2
    6 months ago

    Idk how secure telegram is but cmon signal is shady AF . They won’t let fdroid have it cause they want to sign their own keys or some shit but there is a speculation its because they can roll out custom apk to targets which governments want which is just not possible if it is hosted by someone like fdroid . Even telegram allows that and they even allow third party apps which signal won’t .

    SimpleX and briar is the best option if your actually worried about privacy .

    • asudox@lemmy.world
      link
      fedilink
      arrow-up
      4
      ·
      edit-2
      6 months ago

      I do see it weird but publishing on F-Droid means almost nothing. If you are scared of their pre-built apks, compile from source instead. If Telegram and Signal are bad, use SimpleX.