52
Telegram’s peer-to-peer SMS login service is a privacy nightmare
(techcrunch.com)
Big tech and governments are monitoring and recording your eating activities. c/Privacy provides tips and tricks to protect your privacy against global surveillance.
Partners:
Some misleading info here.
that homebrew encryption thing is a subject to security focused bounty program an there were positive results from that.
there is always some encryption by default, read their docs. If you mean the end to end encryption, it's a fancy thing that doesn't even have a standardized way to work in group chats. It works in a feature called secret chat, that you have to enable whenever you need it.
That doesn't change the fact that it's homebrew, and therefore not examined, understood, or trusted remotely as well as ciphers and protocols that have been thoroughly vetted by the global cryptography community. A bounty program doesn't change that, and it's not misleading to point it out.
Sigh. Yes, I meant end-to-end encryption. (My use of the word "any" simply meant inclusive of homebrew.) I thought that would be obvious, since point-to-point encryption is commonplace, and is the default for even simple web sites these days, so hardly worth mentioning in this context. But since you didn't pick up on that, or were concerned that someone else might not, I have updated my comment to be more specific.
In other words, not enabled by default. As I said.
You should probably also update the "leaks likely" part with a history of encryption related leaks from telegram over 10 years.
It's not enabled by default because people expect their chat history to not get wiped every time they finish talking, in most cases.
I think it was clear from context that "accidental leaks" meant forgetting to enable e2ee, thereby exposing the conversation directly to Telegram, with not even the homebrew encryption protecting it.
Obviously, there is no recorded history of every time anyone has made that mistake, but your gibe about it does at least confirm that you're arguing in bad faith, which makes this easier: Goodbye.
If you really mean that, the leak resulting from such a mistake will only happen if you missed the fact that your chat history is saved after a talk (even though it's right there just like any other history), then enough time passed for your friend to change views on you and leak whatever they had saved (since you didn't remove that part of chat history before that happened).
I'm sure that such a scenario is insanely unlikely. A much more likely scenario would be for you to not know that a friend of yours already changed their views and making records of all end to end encrypted content you make together by simple means, like another phone.
I like when people hate questionable stuff. But I hate when they do it for silly or made up reasons.