Well let this be a lesson that encrypted messaging hosted on corporate servers is only encrypted as long as the authorities allow it.
Also criminals gonna get in trouble.
this post was submitted on 11 Jan 2025
183 points (98.4% liked)
Privacy
32740 readers
2584 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Telegram isn’t encrypted. There’s an option but nobody uses it.
It never was encrypted. If it was they wouldn't have anything to turn over.
This is false. There is still plenty of metadata that centralized providers can capture and turn over and that is usually sufficient for law-enforcement to get the information they want.
Right, WhatsApp is encrypted but not private at all. Reason? Metadatas, says as much as the message
This is false. They cannot turn over any type of data that is encrypted. Metadata or otherwise. That's the point of encryption.
Except that most of the metadata isn't encrypted anywhere and usually also can't be encrypted as otherwise the service wouldn't be able to function.
Plenty of services encrypt metadata. You need to do more research.
You seem to be highly misinformed what metadata is. A server for example will always have access to unencrypted IP addresses from the clients connecting to it, this is impossible to avoid unless you use a service like Tor that relays internet traffic, but that has very little to do with "encryption".
And even with Tor, if the person didn't compartmentalize their conversations into different identities, they'd have the pseudonymous graph.
Another thing a server can easily access is the timestamp of messages. Even if that is somehow stored encrypted in the server, messages are sent in real time and the server can easily log those, so an e2e encryption chat service will at the very least have logs with IP and timestamps. This can't really be avoided.
According to signal facts all the have is your phone number and and the date you signed up for the service and the last day you connected to the server. IP address are not logged or stored the do t have access to it and signal has said this everytime the get a warrent for user data. So yes it is possible to have a secure service that doesn't collect IP addresses but yes the do have some limited data so you are correct.
That is all they claim to store for later retrival*, which is not the same as what they would be able to capture in real-time and hand over to law-enforcement if forced to by a court (and they wouldn't be able to tell you about it because of a gag-order).
*However this claim is contradicted by the source-code of their server (which they sometimes publish) which seems to store significantly more and of course this is assuming the code is indeed the same as the one they run on their servers, which is unclear.
Edit: and their servers run on AWS, so even if Signal itself doesn't store the IP addresses, Amazon certainly could.
Very good and true point well said I agree with you on that good thing I am not important enough for it to be a issue lol or do anything illegal.
Passive data collection is an issue for me even though I am also not important. I do use Signal, but only with my true identity and with a few people I know from real life. When it comes to purely online communities, I compartmentalize my identities.
Same here hence my username on here its the same on all platforms
Just remember Telegram also shared Taiwan user data do China during the protests.
Glad I've never used it.
Telegram used to be so darn satisfying to use years ago, but as soon as they started peddling a crypto"currency" it all went downhill. Deleted my account a month ago.
Why wouldn't it? They had all the data in plaintext, they just chose not to cooperate. This was the only possible outcome.
In my country it was never seen as anything else than a disinformation platform for Russian shills and rich "famous" people posting shit about invermicin and corona.
Sinal, Threema for security. WhatsApp/Wechat for Family. Telegram... for family you don't want but sadly have.
And where I am at, Telegram is just the main social network nowadays. VKontakte became unusable garbage even for an average person, Facebook never gained traction in the first place, Instagram and Tiktok are not that suitable for communities, Whatsapp is purely a messenger - and Telegram appeals to everyone, being a hybrid of a social media and messenger. So, while I was able to avoid Whatsapp, Telegram is actually hard to leave. Unuversity, art meetups, education channels - all there. I did get a few people to use encrypted messaging with me, but most don't care about privacy because Telegram is convenient and everyone is on there.