The FBI produced this nice chart comparing what kinds of privacy leaks the various messaging apps have.
@guardianproject @textbook very nice. Also lets one infer how to make privacy-oriented choices on some (e.g. not allowing backups or sync of iMessages to iCloud).
Worth reminding too that this is lawful access. It doesn't get into weaknesses that an adversary who doesn't care about the law could do. Very relevant for some use cases.
We need more than one platform at signal's level of privacy.
@emma @guardianproject xmpp (with OMEMO), matrix, and briar?
@guardianproject That's the Unclassified version. I'm pretty sure there's a more secret and complete version out there somewhere.
@guardianproject Schöner Input für die https://www.messenger-matrix.de, oder @kuketzblog
@guardianproject I wonder, what the corresponding chart "Non Lawful Access" says...
@guardianproject crazy, this makes it looks like Telegram is the least accessible to the FBI, despite missing encryption by default 🤔
@gabor @guardianproject it’s more like Telegram is private by policy, while Signal is private by design
@blueberry @gabor @guardianproject
Very well said. Signal’s E2EE is just empirically better than Telegram’s “secret chats” too. And that’s fact not opinion or preference.
Telegram is good for convenience if you want something not owned by FB or Google etc, but for privacy and security Signal wins.
@Upjohn94 @blueberry @guardianproject I can't speak to the encryption but I just know trust is a very important factor, too! So I wouldn't underestimate the value of "privacy by policy" either...
I also don't get why encrypted chats aren't the default for Telegram. But I think people don't give Telegram enough credit. (It's also the superior app IMHO)
@gabor @Upjohn94 @guardianproject yes, trust is important but at least I’d trust Sugnal who not only says they’ll protect your data, but also uses the tech to do so.
Secret chats in Telegram are only single device so they’d lose a lot of users, and although I do agree Telegram has a better UI/UX, it’s mostly bc they can just do a lot of it *not* E2EE
@blueberry @Upjohn94 @guardianproject Signal's servers are in the US and they received US gov funding... I suppose all of that would not matter if the E2EE encryption was solid but I can see how some people would have trust issues. But all of this doesn't really matter anyway, since I have 2 contacts on Signal, about 6-8 on Telegram and the rest is still on WhatsApp (this is Germany) I have Matrix and XMPP but I have no contacts there outside of the foss community 😅
Signal and Telegram both have servers around the world. In both cases some of those servers are in the US. A load balancer is used to direct your traffic to the server with the lightest load and lowest latency just like anything else behind a CDN.
The physical location of the servers is a red herring regardless. Check out the US CLOUD Act. The US government can legally access data on any server around the world.
The important thing then is what is stored on those servers?
In the case of Signal it is basically nothing.
In the case of Telegram it is your entire chat history unless you exclusively use the poorly coded "secret chats."
Don't misunderstand me, I'm not outright dissing Telegram. It is far better than WhatsApp and it isn't owned by Facebook. But its place isn't as a secure encrypted messenger.
I have a family group chat on Telegram, it was easier to convince them to install it than Signal because of the UX. Telegram deserves credit there.
But at the same time, my family group chat doesn't contain anything private. You could publish it online publicly and I would only be mildly annoyed.
My private chats are conducted on Signal.
@Upjohn94 @guardianproject @blueberry fair enough!
There's public documentation on exactly how every piece of the Signal Protocol works and as it's open source this can be verified too.
Wrt the law, Signal's policy is better than Telegram imo. Telegram says we store all your messages but we promise not to share them. So far they seem to have stayed true to this promise but we don't know for certain, all we know for sure is they don't play nice with the FBI.
Signal's design means you don't have to place trust in them. So their policy is they will honour legal court orders if presented with a phone number registered to their service.
But here's the kicker. The only data they store is the number, the date the account was created, and the date it was last used. No metadata is stored at all. No contacts, no names, no groups, nothing. By design this data is only ever handled by the client.
You can verify this for yourself in two ways:
* Check the open source code. Specifically the "sealed sender" feature. That's what encrypts metadata end to end.
* Check their responses to FBI subpoena requests for user data. They fight for courts to declassify these. When they do, they publish them on their website so you can see exactly how much info Signal provided: https://signa...
Now the main complaint I hear about Signal is lack of federation and self-hosting options. Perfectly valid but easily fixed. Wanna use the Signal Protocol on a self-hosted, federated platform? Install XMPP or Matrix and knock yourself out.
Yes both use OMEMO which is an adaptation of the Signal Protocol primarily modified to work on multiple devices at once.
You want the pure Signal Protocol, maybe you don't trust OMEMO to be secure enough of an implementation? Set up an XMPP server with support for the original Signal Protocol. That's ultimately all WhatsApp is after all, just an XMPP client with Signal support, except you'll be running it instead of Zuckerfuck.
@guardianproject we value your security says apple...
@Upjohn94 @guardianproject I honestly despise apple, and elon musk (elon you do not know more than data scientists).
@guardianproject Here's the link to the pdf-document as on propertyofthepeople.org
https://propertyofthepeople.org/document-detail/?doc-id=21114562