• rottingleaf@lemmy.zip
      link
      fedilink
      arrow-up
      17
      ·
      6 months ago

      Oh, and it’s been potentially backdoored by the FSB (Russia’s CIA) for six years.

      From the very start rather.

      And there’s been a few cases where not FSB, but mundane police was reading suspects’ messages before arresting them.

      Don’t trust Telegram, I use it because, eh, most people use either that or VK DMs in Russia as the default IM. But never trust it for something which should be secret.

      You can even have “opposition”-themed channels there or call for rebellions, but don’t ever expect anything to be secret or even pseudonymous. Even without ill intent regularly flaws are found which allow to get a lot of information, and the code quality is sewer-level.

    • hruzgar@feddit.de
      link
      fedilink
      arrow-up
      3
      ·
      6 months ago

      non-standard algorithm

      thats exactely the point lol. Why would you use an algorithm designed and proposed by the US government in a “secure” messenger?

      • mox@lemmy.sdf.org
        link
        fedilink
        arrow-up
        42
        ·
        6 months ago

        Which algorithm are you referring to exactly?

        In general, people are wise to use ciphers and protocols that have been examined by the global cryptography community and have held up to that scrutiny.

      • Simon Müller@sopuli.xyz
        link
        fedilink
        arrow-up
        14
        ·
        6 months ago

        The algorithm was neither proposed nor designed by the US government, it was made by (what is now known as) Signal, a 501c nonprofit.

        The claims of signal being “state-sponsored” come from assuming how money flows through the OTF - Open Tech Fund - which has gotten grants from government programs before. (IIRC)

        It wouldn’t make sense for the US Gov. to make such a grant to make a flawed protocol, as any backdoor they introduce for themselves would work for any outside attacker too - it’s mathematics. It works for everyone or for no one. Would they really wanna make tools that they themselves use, just to have it backdoored by other state actors?

        And again, Durov’s claims are entirely assumptions, and that coming from someone that has had [various](https://mtpsym.github.io// different vulnerabilities and weird bugs on their platform