It was a many months transition, and it’s finally done

Fun thing, you can actually make a backup of all* your messages, groups, contacts, etc. So before leaving you can have all of your data in case you need that one contact or something

The final red flag was as that allegedly Russian authorities were messing with people’s deleted messages. Not for the first time there are news that they could read, modify, delete, see location, and etc. Screw it, this is unsafe, I’m out.

Also, these days telegram is really at the state of a pile of garbage, bloated, buggy, and shady messenger.

    • ritchie@lemmy.world
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      8 months ago

      It is not considered a good alternative as a messaging app for privacy folks and because the source code is not open, it is not E2E encrypted by default (you need to start a secret chat or something to make your conversation encrypted) if I remember correctly.

      • ris@feddit.de
        link
        fedilink
        arrow-up
        2
        ·
        8 months ago

        You remember incorrect. All Clients are open source:

        Telegram apps are open source and support reproducible builds. Anyone can independently verify that Telegram apps you download from App Store or Google Play were built using the exact same code that we publish

        In Fdroid there are also forks. But yes, their servers are closed source and centralized.

        Still its not recommended. It requires Phone number and as you said its E2ee is not on by default and is not soooo good.

  • Gallardo994@sh.itjust.works
    link
    fedilink
    arrow-up
    5
    ·
    8 months ago

    Russian authorities usually just hijack login sms confirmation codes. This is a common practice in Russia. Not denying that something else shady might be going on, but I do know mobile providers there don’t even bother to ask why - they just provide shit on demand.

  • Kiryu@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    9 months ago

    Why did Telegram get so popular in the privacy scene compared to Signal in the first place? To my knowledge Signal came out first and never had a history of breaches or leaks.

    • Natanael@slrpnk.net
      link
      fedilink
      arrow-up
      1
      ·
      8 months ago

      By lying aggressively.

      Lying about being the first phone app with E2EE (they’re not even close, by over a decade if we count J2ME apps) because Signal was called TextSecure back when telegram didn’t even exist yet. Lying about their protocol, lying about their backup system (if you’re using group chats or regular chats which are backed up they are visible to the admins and any other claim is a lie), bullshit propaganda against Signal, etc…

      Oh and by the way, Signal has now finally launched usernames, so you don’t have to share your phone number to use it anymore.

    • Quintus@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      9 months ago

      I can’t speak for the privacy scene but in my country it’s pretty popular merely because of anonimity (which boils down to not having to use a phone number) and Discord-like server/groups. For porn and other NSFW content, it is pretty popular.

    • KyuubiNoKitsune@lemmy.blahaj.zone
      link
      fedilink
      arrow-up
      1
      ·
      8 months ago

      Honestly, UI and PC client experience.

      I find the UI in signal a bit off putting. Telegram grabs you with their funky stickers, clean UI and dumb features. I alps hate that Signal won’t bother copying the messages to a new client… Like, I have a 1Gbps connection, surely we can copy my chat histories from my phone to my PC? Nope, gotta start fresh on every new client…

      If they did less dumb shit like adding statuses, and put some more effort into making the UI nice, more people would use it.

      And I get these are dumb reasons, but they’re real none the less

      • Scirocco@lemm.ee
        link
        fedilink
        arrow-up
        0
        arrow-down
        1
        ·
        8 months ago

        I think Signal shot themselves squarely in the dick by removing SMS functionality.

        Previously, you could use Signal as the primary SMS/messenger app. Any conversations with other Signal clients secure. Conversations in SMS/MMS? Marked as not-secure.

        But, out of some purity concerns, SMS functionality was removed and the dev team focused on adding useless shit like “stickers” and then the pin-code harassment.

        Signal adoption plummeted as intended (?)

    • southsamurai@sh.itjust.works
      link
      fedilink
      arrow-up
      1
      ·
      8 months ago

      Telegram, while often hyped as high privacy/security got popular because it was/is fully featured and isn’t Google or Facebook. That’s it

      It’s less invasive, less annoying, and can do all the stuff like gifs and stickers. So it was very easy to get people onto compared to pretty much anything that was actually private or secure.

      Once enough people started using it, it snowballed into its own monolith of bloat.

    • EngineerGaming@feddit.nl
      link
      fedilink
      arrow-up
      0
      ·
      8 months ago

      I assumed the popularity was not in the privacy scene, but rather in general population, just because of usability. It is just a more usable alternative to Whatsapp or VKontakte. It is pretty much the default messaging platform for young people like Whatsapp is for older ones.

      • PotatoesFall@discuss.tchncs.de
        link
        fedilink
        arrow-up
        1
        ·
        8 months ago

        in some circles yeah.

        In Germany it actually became famous because it allowed for huge groups and it’s where covid misinformation breeding grounds took off. People thought you were a nutjob if you had telegram lol.

        Which, while that is the dumbest reason to reject a chat app, at least meant that Signal was able to get more popular with uhhh smarter folks.

    • rdri@lemmy.world
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      edit-2
      8 months ago

      Maybe because it offers public chats and channels? Something other apps lack.

      Also the best desktop experience out of all apps I’ve tried.

    • spaduf@slrpnk.net
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      edit-2
      8 months ago

      I think the big reason that nobody’s mentioned yet is simply that they were earlier. Back when projects like Tox and Matrix were first starting to pop up, telegram was already fully formed. Signal didn’t come until at least a year later and didn’t have feature parity until several years later. Telegram by contrast was a much closer experience to WhatsApp and Messenger, making the transition much easier, particularly for low-tech knowledge users.

    • Gooey0210@sh.itjust.worksOP
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      9 months ago

      Telegram came out a year earlier in that signal, and because immediately popular amongst young people and drug dealers in Russia

  • yamanii@lemmy.world
    link
    fedilink
    arrow-up
    7
    arrow-down
    2
    ·
    8 months ago

    The final red flag was as that allegedly Russian authorities were messing with people’s deleted messages

    I’m gonna need a source on that, since the creator himself was persecuted and telegram had layers of fake companies to stop Putin from getting to it.

    • SevenOfWine@startrek.website
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      8 months ago

      Here’s what I found:

      Over the past year, numerous dissidents across Russia have found their Telegram accounts seemingly monitored or compromised. Hundreds have had their Telegram activity wielded against them in criminal cases. Perhaps most disturbingly, some activists have found their “secret chats”—Telegram’s purportedly ironclad, end-to-end encrypted feature—behaving strangely, in ways that suggest an unwelcome third party might be eavesdropping. These cases have set off a swirl of conspiracy theories, paranoia, and speculation among dissidents, whose trust in Telegram has plummeted. In many cases, it’s impossible to tell what’s really happening to people’s accounts—whether spyware or Kremlin informants have been used to break in, through no particular fault of the company; whether Telegram really is cooperating with Moscow; or whether it’s such an inherently unsafe platform that the latter is merely what appears to be going on. … Elies Campo, who says he directed Telegram’s growth, business, and partnerships for several years, confirmed this general characterization to WIRED, as did a former Telegram developer. In other words, Telegram has the capacity to share nearly any confidential information a government requests. Users just have to trust that it won’t.

      https://www.wired.com/story/the-kremlin-has-entered-the-chat/

  • Clot@lemm.ee
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    8 months ago

    I never got with these russian authority claims. Telegram is not based in russia, sure its founders are born in russia but they have taken citizenship of France for a long time now, its based in saudi arabia. I never saw a single proof of them giving data to russian authorities, they were banned in russia for that iirc but eventually got unbanned due to mass adoption. At this point these russian claims just seem racism to me.

    • lorty@lemmy.ml
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      8 months ago

      It’s the usual foreign fearmongering. It’s never phrased this way if the subject is a western company (even though we know they cooperate with the US government).

      • jol@discuss.tchncs.de
        link
        fedilink
        arrow-up
        4
        ·
        8 months ago

        Specially since we know for a fact that Meta hands over any and all information the US government wants from all their apps.

    • Gooey0210@sh.itjust.worksOP
      link
      fedilink
      arrow-up
      0
      arrow-down
      4
      ·
      8 months ago
      1. I never said that telegram collaborates with Russia (I don’t know if they really do, but tg is pretty insecure, and Russian govt is happy to crack it)
      2. They were banned in Russia until they realized why would they ban it if they can read it (unbanning of something in Russia is another sign of something shady going on)
      3. I’m Russian myself, so your gaslighting won’t work, also are you Russian or Slavic too? 🤣
      • Clot@lemm.ee
        link
        fedilink
        arrow-up
        4
        ·
        edit-2
        8 months ago
        1. Show me the proof, don’t talk on hunches
        2. They really didn’t care, they are banned in Iran too which is their 3rd biggest market. They got unbanned because Russia failed to unban it, there are no cases known yet in which telegram handed over users data to Russian authorities https://www.reuters.com/article/idUSKBN23P2DY/
        3. I am not Russian
    • youmaynotknow@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      8 months ago

      Do what I did. Let everyone you care about on TG that you’re closing that crap, with your reasons for doing so. Inform them of your moving to signal, session, whatever. Be clear that, otherwise, they can try calling you and wish them good luck. Close TG on the day you set as deadline. I did that and whomever didn’t get a Signal or Session account has to call me. I’ve never looked back.

      • Delusion6903@discuss.online
        link
        fedilink
        English
        arrow-up
        1
        ·
        8 months ago

        My family is all on iMessage. I told them if they didn’t install Signal I wouldn’t reply to their texts.

        At first, whenever they texted I would just reply with something that looked automated like “This user is no longer available via text message. Please install Signal if you wish to communicate.”

    • toastal@lemmy.ml
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      8 months ago

      Install a family XMPP server like Snikket or otherwise. Show them the benchmarks of how little battery & data plan drain is used from Conversations forks. Explain how bloated Electron apps are & how you don’t wish that on your loved ones vs. Dino, Gajim, or a TUI client. Sidecar a Movim server so y’all can share long-lived, non-ephemeral posts instead of losing memories like photos in some long group thread. Let them know their data is safe with you as the operator instead of some massive for-profit corporation—and if they don’t trust you, they are empowered to start their own server to interop.

      (This tactic has yet to work for me, but I will keep running into that wall til it breaks 😃)

    • Scirocco@lemm.ee
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      8 months ago

      Easy! Just replace their usual SMS app with Signal, and then every contact they have that does use Signal is private and secure!

      Oh. Wait. That’s exactly the functionality that Signal removed in their effort to ensure that Signal is never widely adopted…

      • Synnr@sopuli.xyz
        link
        fedilink
        arrow-up
        1
        ·
        8 months ago

        I didn’t agree with their decision at all at the time, but now that I realize they made it a little while after it gained widespread adoption and people stopped using it because “Signal isn’t actually secure!” … seems like people were expecting a secure messenger to be, well, secure. So they would chat about anything and everything thinking “I am using a secure messenger, these messages can’t be read…” and tech ignorance is a dangerous thing if you’re trying to be secure. I would’ve preferred a colored window and un-closable message for SMS chats, but oh well. I like that they’ve introduced usernames so you don’t have to give out your real number.

        • Scirocco@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          2 months ago

          And that irony now is that messenger on Android is RCS compliant and currently has this exact functionality, except it’s less trustworthy.

          Once again I’m using one messenger and everyone else who’s using an RCS messenger gets encrypted, but SMS (clearly marked as such) is a viable fallback.

  • airikr@lemmy.ml
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    8 months ago

    I must agree on the bloated part. Telegram was awesome before Pavel got greedy and added more and more stuff that are just not related to any chat service, for an example payments and crypto.

    I installed Snikket on my server few weeks ago and are now trying to move everyone to it. It seems to be a very slow process, though.

    But I might keep Telegram only for the porn channels. Mighty good stuff!

    By the way. Do you have the source for your claim that Russian authorities were messing with people’s deleted messages?

  • trippingonthewire@lemmy.ml
    link
    fedilink
    arrow-up
    2
    ·
    8 months ago

    I deleted telegram long ago, but not my account, just the apps.

    As of recent, I wanted to log back in and actually delete my phone number from there, so there’s no more association.

    I can’t login. I download the app, and it sends a verification code through Telegram and won’t do SMS, but I’m not logged in at all so I can’t get the code.

    I’m stuck there. I contacted support and they’re yet to respond. :p

  • scratchandgame@lemmy.ml
    link
    fedilink
    Tiếng Việt
    arrow-up
    2
    ·
    8 months ago

    Also, these days telegram is really at the state of a pile of garbage, bloated, buggy, and shady messenger.

    Every messenger is.

  • GadgeteerZA@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    8 months ago

    A lot of speculation that does end with this in the article:

    "After discussing her case with experts, Matsapulina now believes her Telegram messages may have been compromised by a form of spyware. When she was told that a hacking device would need to be physically nearby to infiltrate her phone, a memory resurfaced: At times before her arrest, she had noticed an unmarked truck with a dome on its roof parked outside her building. She had even jokingly mentioned it to friends on Telegram. Now, she remembered, as the police were banging on her door that morning, she’d spotted the same mystery vehicle parked outside. By the time the police stormed her home, the vehicle was gone.

    Matsapulina has since started using Telegram again."

    Most messaging apps are vulnerable on the client side with spyware, no matter what E2EE exists along the way.

  • Synnr@sopuli.xyz
    link
    fedilink
    arrow-up
    1
    ·
    8 months ago

    I posted this down below in a comment thread but I’m afraid it won’t be seen and not enough people know about this.

    Session was at first a fork of Signal without usernames.

    Now by design it uses their own custom tor-like service (instead of just… using tor) and does not support forward secrecy or deniable authentication, so anyone who collects the messages in transit can either find a vulnerability in the encryption scheme, or spend enough GPU resources to crack it, and they have confirmation of who sent and received the message and what the contents of the message are. And is headquartered in Australia, which is 5EYES and much more against encryption than the US. Oh, and the server is closed-source.

    Regarding Australia’s 2018 bill…

    The Australian Parliament passed a contentious encryption bill on Thursday to require technology companies to provide law enforcement and security agencies with access to encrypted communications. Privacy advocates, technology companies and other businesses had strongly opposed the bill, but Prime Minister Scott Morrison’s government said it was needed to thwart criminals and terrorists who use encrypted messaging programs to communicate.

    Regarding the ‘vulnerability or cracking them later’ bit…

    Messages that are sent to you are actually sent to your swarm. The messages are temporarily stored on multiple Service Nodes within the swarm to provide redundancy. Once your device picks up the messages from the swarm, they are automatically deleted from the Service Nodes that were temporarily storing them.

    From Session’s own FAQ:

    Session clients do not act as nodes on the network, and do not relay or store messages for the network. Session’s network architecture is closer to a client-server model, where the Session application acts as the client and the Service Node swarm acts as the server. Session’s client-server architecture allows for easier asynchronous messaging (messaging when one party is offline) and onion routing-based IP address obfuscation, relative to peer-to-peer network architectures.

    I wouldn’t touch it with a 12ft ladder.

    • Natanael@slrpnk.net
      link
      fedilink
      arrow-up
      2
      ·
      8 months ago

      FYI, regular Signal now has usernames available with the option to hide your phone number switched on by default (you may still need tithe beta release for the next few months since it’s staggered rollout)

    • EngineerGaming@feddit.nl
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      8 months ago

      The thing I find most suspicious is their “onion routing”. An average Joe like me cannot run a node like he can do with I2P or Tor. There is a gigantic upfront payment for that. So that ensures the nodes would be run by crypto bros, companies and governments.

    • kratoz29@lemm.ee
      link
      fedilink
      English
      arrow-up
      0
      ·
      9 months ago

      But whatsapp is still a better second messenger than telegram.

      You didn’t mean that.

          • Natanael@slrpnk.net
            link
            fedilink
            arrow-up
            1
            ·
            8 months ago

            Whatsapp is built on the Signal E2EE protocol, Telegram has a terrible homebrew encryption protocol with a ton of weirdness and it has had a long history of weaknesses which they lied aggressively about

          • Anamana@feddit.de
            link
            fedilink
            arrow-up
            0
            arrow-down
            1
            ·
            edit-2
            8 months ago

            Almost no one uses telegram e2e, because it’s not automatically activated. Also group chats are not e2e.

            I still like to use telegram tho.

            Also doesn’t Whatsapp just use the signal protocol for e2e?

            • pipariturbiini@sopuli.xyz
              link
              fedilink
              arrow-up
              0
              ·
              8 months ago

              Also Telegram’s E2EE chats don’t work on desktop apparently, and you are not able to see message contents in the notification (which is a plus or minus depending on you)

              Asked a friend earlier today if we could use secret chat. He declined because he mostly chats on desktop, and apparently wants to see messages from notifications while driving.

              • Anamana@feddit.de
                link
                fedilink
                arrow-up
                0
                arrow-down
                1
                ·
                8 months ago

                Jep, all of this is true. I have two chats with some people because of that.

                Also you can’t search for words within e2e chats, which is a pain in the ass sometimes.