I reported this post to the mods (it's
that bad, yes), but in case they leave it there, here is your
reminder what applications you should rather avoid.
I had written the following in my first sentence: '
there will be people who specifically want to use Signal'
I am well aware that there are Signal users who will not find Telegram sufficiently secure, which is what I meant by this sentence.
My impression was simply that Signal does not always work perfectly as I read the following: '
I cannot update/upgrade other applications without having Signal-Desktop removed'.
That I tell you that Telegram has never caused problems on FreeBSD (in my case) is just to be helpful.
Reading your 'reminder' link, I see you telling the following kind of thing:
1.
Telegram is not designed to resist mass surveillance: it does not use e2e encryption by default (afaik, e2e is also not supported in the official desktop client)
The deskotp client uses the cloud-based encryption.
It says “local Telegram engineers or physical intruders cannot get access” to encrypted data on these systems.
Signal is a little bit safer in this area.
2.
it stores contacts and message history centrally
I have a few gripes with Signal—the biggest of them all is it’s centralized, and in the US no less. This alone makes it not that different from WhatsApp—we’re simply moving from one silo to another.
3.
and they even have plans to make it into a payment network which would require them to have accurate information about actual real life user identities.
This was not a strong argument. Five years later, it is still free.
The fact that
acheron says Signal on FreeBSD is a fast-moving target, uses electron, and sometimes crashes, means there are probably going to be a few vulnerabilities in this FreeBSD desktop app.
The Telegram app has never crashed on my desktop and I have been using it for a fairly long time.
I just mean by everything I write that you should not think Signal is super secure and Telegram is super insecure, there are other factors that impact this that we cannot audit.
Signal is known to use AWS as their cloud provider—what if another Parler4 happens and the rug is pulled from under Signal’s feet?
What you should also be aware of is that these types of services are targets. With Tor, you can see that a lot of institutions with a lot of money have influence and control over Tor's development. I would be surprised if certain institutions have not infiltrated Signal. What Microsoft has done in the past is incorporate zero days into windows so they could better supervise Iran to make sure certain companies did not produce nuclear weapons. There may also be many such zero days embedded in Signal and Tor by parties who want control over Signal and Tor. Institutions are going to be interested in Signal users because they might have something to hide.
Furthermore, you should also be well aware that a company can do whatever it wants behind your back. This is no different for Signal. You have no insight into what Signal employees are currently doing individually.
My general advice is similar to what eternal_noob had already said:
Confidential communication only works without any electricity involved.
I use Telegram daily, but it wouldn't bother me if my entire chat history was hacked.
I keep in mind that both Signal and Telegram are not anonymous.
And for that specific reason, it doesn't matter that much whether you use Telegram or Signal.
www.trustedreviews.com
www.reddit.com
pocketnow.com
thehackernews.com
techcrunch.com
mashable.com
www.kaspersky.com
www.phonearena.com
heimdalsecurity.com
