Paul Cantrell
So…there is a concerted campaign, with Musk as its mouthpiece, to discredit Signal and get people to switch to Telegram. It’s disinformation, but there’s also useful information in it. The useful information is that a hideous, powerful, right-wing crank — or whoever’s yanking his chain — really, really wants people use Telegram.
We’ve long known Telegram’s security is weak. But now, in light of this new information, we should move forward assuming that Telegram is actively compromised.
Paul Cantrell
Lest it get lost in that longer post:
Assume Telegram is compromised. Not just vulnerable. Compromised.
Aral Balkan
@inthehands Always have. This is just further validation.
pettter
@inthehands I'd assume the same of Signal, to be honest. You're not safe and secure against a nation-state actor, especially not running software from that country communicating through servers run in that country.
The question is if you're worth them exposing that operation (you're probably not).
Paul Cantrell
@neoatlantis
No. It’s bad tech, including the guts.
NeoAtlantis
@inthehands@hachyderm.io Can we just do an open source Telegram server that has all the features the official ones have, and modify the clients a bit to allow self hosted servers? Cause telegram still has some good user experience.
pettter
@johentsch All efforts help, certainly. @inthehands
Johannes Hentschel
@pettter
But it still makes a huge difference that Signal isn't storing messages on their servers, doesn't it?
@inthehands
Paul Cantrell
Muting this conversation, which has an •unusually• low signal to noise ratio.
Addressing some greatest hits:
- “I just use telegram for [some BS]” → It’s probably still leaking your location
- “Yeah, but if you’re targeted by a state actor…” → Honey, if a state actor is targeting •you• individually, technology is not even the first problem on your list. Opsec is hard.
- “I already knew that” → Good for you, we’re trying to reach people who didn’t
TJ Olsen
@inthehands I literally heard the fraze "right wing social media site Signal" on a podcast yesterday.
Paul Cantrell
@tjolsen Then you need to stop listening to that podcast; at best it’s comically ignorant, and at worst it’s disinformation
Paul Cantrell
More greatest hits:
- “I want to learn more. Do you have links?” → Sure! Here’s a good post: https://kolektiva.social/@Voline/112437280384669007
- “No tech is perfectly secure, therefore it doesn’t matter what you use” → This logic is exactly as stupid as “any car can crash, therefore it doesn’t matter if you wear a seatbelt”
- “Let’s argue about [tech A] vs [tech B]” → Find a forum, you two
- “But I heard X invested in alternative Y and [conspiracy theory]” → This is why we like open source comm apps, to vet security
Paul Cantrell
Last but not least:
- “[Elaborate chain of logic I made up where I put 2 and 2 together and come up with 22]” → Disinformation is still disinformation even if you invented it yourself. At some point, you’re going to have to trust someone who knows more than you; puzzling it out yourself from a point of inexpertise is not better.
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.