Oddbean new post about login | logout Why is Telegram horrible --No MetaData Protection (Who and When) --Only Mobile is Encrypted (Phones have insecure hardware) [1] --Invented their own encryption algorithm Unaudited with a history of security vulnerabilities [2] --Most VoIP Numbers are Blocked --Tor Often Blocked --History of handing over to police [3] --Centralized --Forced Google/Apple Stores (Telegram requires Google Push which is closed source, So the binaries can't be compared to the code, and therefore, Telegram's claim of "open source" is a lie) Your friend will try to pressure you, claiming you're a fringe minority. But if you repost this, we can be the majority. (Sources linked in comments)
Sources: [1a] Kicksecure Mobile Phone Security https://www.kicksecure.com/wiki/Mobile_Phone_Security [2a] madaidans insecurities Whonix Dev https://madaidans-insecurities.github.io/messengers.html [2b] https://eprint.iacr.org/2015/1177.pdf Luke Smith Don't Use Telegram. Don't Use Telegram. Don't Use Telegram. Don't Use Telegram. Don't Use Telegram. https://invidious.jing.rocks/watch?v=qBTsUVrCDAQ [3a] Mental Outlaw Telegram Hands Over User Data to German Police https://invidious.jing.rocks/watch?v=t7HZrpJ4OyQ [3b] Mental Outlaw Telegram Review https://invidious.jing.rocks/watch?v=pZEH04nJ_hE [3c] Android Central Telegram reportedly gives user data to German authorities https://www.androidcentral.com/apps-software/telegram-reportedly-gives-user-data-to-german-authorities
Who told you phones have insecure hardware?
Sorry if it was unclear the sources were in the comments. Phones have a baseband modem which is insecure, and easily hacked. This has just one reference, but basic search will show a lot. We also might write an article on it in the future. nostr:nevent1qqsycye8ze4m6v4u6yk6myt4xprfphygzvkkfqwm7076e0gcv04nsncpzpmhxue69uhkztnwdaejumr0dshszyrhwden5te0v5hxummn9ekx7mp0qy88wumn8ghj7mn0wvhxcmmv9u9w9ec7
It says here the baseband has full access to memory and can compromise it unless IOMMU used, which all the devices GrapheneOS supports have, so it's not an issue
Most negatives of Telegram also apply to Signal. Both require phone number identification.
Yes and no. Signal lets you use literally any VoIP While as Telegram is very strict on VoIP. and even banning Tor, and even checking if the IP country matches the phone area code
Telegram is more akin to a social media as Discord without being centralized in the U.S. Also it has FOSS client. Few privacy apps are trusted like Matrix or SimpleX, I wouldn't even trust Signal.
#Telegram indeed is horrible for #privacy as a messenger. However, much of it's popularity could be due to it's other use: as an easy to manage, mobile-friendly public forum with free hosting or a social media channel. Organisations that are on government blacklists and are unjustly banned from #BigTech social media have a thriving presence on Telegram as long as the app is the website version, not from Google or Apple stores. So unless Telegram starts banning them from their non-appstore versions, people will most probably not look for better alternatives... However, they might consider switching if alternative apps are able to do what Telegram does but even better. Not endorsing any of this of course, just observations.
If you register over Tor, you get often labeled spam and can't send outgoing without them adding first. If you register without Tor, then use Tor, it doesn't care. But you've already "doxxed" yourself