• rdri@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      8 months ago

      Could you just read the thing? Private and group chats are called cloud chats and the image above describes them. Below is a graph for secret chats.

      • DaseinPickle
        link
        fedilink
        English
        arrow-up
        1
        ·
        8 months ago

        Yes “cloud chat” is not end to end, but only encrypted to the server. That’s what all services to including Facebook and Instagram. If it’s not end to end it’s useless.

        • rdri@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          8 months ago

          Now you’re just denying the obvious. You complained chats on telegram are not encrypted, and that’s false.

          That’s what all services to including Facebook and Instagram.

          Since both Facebook messenger and Instagram messenger use e2e you seem to really mean just Facebook and Instagram websites. And I wonder how could they be functional if they used e2e.

          If it’s not end to end it’s useless.

          It’s not and you probably realize that much.

          • DaseinPickle
            link
            fedilink
            English
            arrow-up
            1
            ·
            8 months ago

            No I’m being serious here.If it’s not end-to-end encryption in groupchat, it’s not private. And Telegram does not provide e2ee in groupchat. Thats the whole issue. Signal does that. Even iMessage does that.If it’s not e2e somebody else does have access to your chats. In this case everybody with access to Telegrams servers, can read your group chats. And that makes it useless IMO. That is not the case with Signal.

            • rdri@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              8 months ago

              Well then it really is “hey one company decided to do it this way so anything less than that is no longer acceptable” for you. For me, it’s not all about absolute security. From my experience, people seeing my messages through the app and people accessing my phone is much more dangerous than people seeing my messages on a server used by the service. I know roughly what e2e for group chats implies and reasons why it’s not implemented everywhere asap. We’ll see where this leads Signal, maybe we’ll also see cases of someone accessing data on Telegram servers etc.

              For now, I mainly use my PC, so not going to infect it with another electron app, or recommend it among friends.

              Even iMessage does that.

              Seems false as I didn’t find confirmations for that.

              • DaseinPickle
                link
                fedilink
                English
                arrow-up
                1
                ·
                8 months ago

                I know roughly what e2e for group chats implies and reasons why it’s not implemented everywhere asap

                It’s not implemented because it requires more resources and Telegram is too cheap to offer that. The same reason Telegram does not encrypt chat by default, but you have to actively choose secret chats. It’s a way for Telegram to save money on server ressources. Both Signal and iMessage can provide e2e encryption for 1-1 messages and group messages and sync across devices.

                Seems false as I didn’t find confirmations for that. All messages between iMessage clients are end-to-end, also groups, it has been so for years, it’s not news. iMessage has other problems, mainly that the private key is synced in iCloud by default (you can turn this off), and that Apple save a bit too much meta data. So iMessage is not perfect. It is still better than Telegram. As you can see here https://security.apple.com/blog/imessage-pq3/ Telegram have not even implemented a post-quantum cryptographic protocol, both Signal and iMessage have that.

                For now, I mainly use my PC, so not going to infect it with another electron app, or recommend it among friends

                We can agree that the Signal desktop app is kind of clunky, and I do hope it gets better in the future. Telegram might provide some usability, but it’s not much better than using Facebook, if your concern is privacy. Mainly because the lack of e2ee in default chats and group chats.

                • rdri@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  edit-2
                  8 months ago

                  because it requires more resources

                  Not just more. Exponentially more, if one is going to host the data on server.

                  Telegram is too cheap to offer that

                  It’s dumb to call telegram cheap at this point. User base is too large and it handles it relatively well.

                  Signal, however, chose to not keep almost anything on servers, which mean it’s literally cheap to serve, and it’s very easy to call them cheap for not offering more features.

                  Telegram does not encrypt chat by default, but you have to actively choose secret chats

                  This is false. Again, “not using e2e” is not the same as “not encrypting”.

                  Both Signal and iMessage can provide e2e encryption for 1-1 messages and group messages

                  Again, I have yet to see proofs of iMessage using e2e for group chats. Rather, things I read suggest the opposite.

                  but it’s not much better than using Facebook, if your concern is privacy

                  Arguable due to many differences. But not going to waste our time on this. Though if your only concern is privacy better don’t use the internet in the first place.

                  • DaseinPickle
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    8 months ago

                    It’s dumb to call telegram cheap at this point. User base is too large and it handles it relatively well.

                    Apple does it.

                    Again, I have yet to see proofs of iMessage using e2e for group chats. Rather, things I read suggest the opposite.

                    It’s on iMessage wiki and on the first page that comes up when you Google it:

                    We designed iMessage to use end-to-end encryption, so there’s no way for Apple to decrypt the content of your conversations when they are in transit between devices. Attachments you send over iMessage (such as photos or videos) are encrypted so that no one but the sender and receiver(s) can access them. These encrypted attachments may be uploaded to Apple. To improve performance, your device may automatically upload attachments to Apple while you are composing an iMessage. If your message isn’t sent, the attachments are deleted from the server after 30 days. When a passcode or password is set on your iOS, iPadOS, visionOS, or watchOS device, stored messages are encrypted on your device so that they can’t be accessed unless the device has been unlocked.

                    https://www.apple.com/legal/privacy/data/en/messages/

                    But do you have sources that proof that Apple is lying?

                    Though if your only concern is privacy better don’t use the internet in the first place.

                    Nah, I will just use services that use e2e encryption for my private conversations. There are plenty of services that do that, not just Signal. But if you want to use a service that require access to your private conversations, you are free to do that. But why use a sketchy service with headquarters in Dubai that is like “trust us bro, we need access to your private conversations for totally legit technical cloud reasons, we totally wont look or share that information with anyone, pinky promise.”