- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
The worst part is, they’re partnering with Tencent.
Telegram is dead.
Also https://en.wikipedia.org/wiki/Blocking_of_Telegram_in_Russia
“On 18 June 2020 Roskomnadzor lifted its ban on Telegram after it ‘agrees to help with extremism investigations’.”
That should be enough information. I’m on Signal, waiting for Matrix to perhaps stop sucking before I die of old age.
Am also gonna stick with signal, eyeing up matrix. But what issues? The only reason i haven’t tested it out yet is none of my friends seem too keen on trying it.
For a lack of a better term: jank. Too much jank. For one instance, I have never seen in Whatsapp or Signal the phrase “unable to decrypt message”. I can deal with that personally, but >90% of the people I need to communicate to with messengers will drop a service and never look back if they see that.
I use it with many friends and it is super buggy. Calls work only ok on browser version of Element, bugs in encryption are common where you cannot read a message, Synapse server is bloating the database and not clean after itself, etc.
It’s getting better month by month, but still can’t recommend for your friends that are not technical people into open source. Better wait to not discourage them now.
This week, TON Foundation announced that it’s forged a partnership with Tencent Cloud, which has “already successfully supported TON validators and plans to expand its services further to help meet TON’s high compute intensity and network bandwidth needs.” Validators, in web3 lingo, are participants that help authenticate transactions in a blockchain network.
It looks like the partnership with Tencent only extends to their Web3 blockchain thing, and there doesn’t seem to be any partnership in the main app so it’s not the end of the world - at least, for now.
Also, what even is this TON blockchain? I never knew Telegram had anything to do with crypto :/
Yeah, nah. Anything the CCP can slip it’s slimy festering little dick into, it will.
There’s no way in hell that Telegram is secure.
I guess, but I don’t see how much they can really influence Telegram without any stake in the app itself. They only seem to have a deal for cloud-hosting with the TON Foundation, a non-critical part of the app, and even that appears to be non-exclusive. So if Tencent tries to force a bad decision onto Telegram, what’s stopping them from severing ties and moving everything over to another provider?
Of course, we don’t know what the situation will be like in the future, but at this present moment, I don’t think Telegram’s security has been breached by this. (Also I think you triple-posted this comment)
Apologies for triple post. Lemmy seems a bit unresponsive so sometimes I hit ‘post’ a couple of times without realising that it actually registered.
deleted by creator
deleted by creator
Telegram is partnering with tencent??
They are renting server space off a big company, not much different than AWS or Azure.
Except that it is
You are just used to aws. They are a shit company too.
Tencent is a CCP front. No way they are just letting Telegram operate on their hardware without snooping some. No guarantees about data security when you’re operating on someone else’s switches.
Yeah, sure. Totally different from having backdoors to the NSA or collecting massive amounts of personal data for targeted ads.
EDIT: You can’t trust ANY company if your concern is privacy; your data is just too profitable (for them) to sit there untouched.
Amazon and Google are NSA fronts. You are just used to what you know. Our computers have chips in them made by Intel, with closed firmware. Our operating systems are made by Microsoft, Google and Apple.
I agree that it’s better to be under American spies than Chinese spies but it’s mostly the same idea of monitoring everyone and making sure they stay in line.
Cool. Where’s your proof for any of that? You can Google my claim about Tencent.
The entire point of E2EE is that it doesn’t matter who the host is.
@photonic_sorcerer What do you suggest as an alternative?
We have chat standard called XMPP created by literially the same org that makes standards for Internet and Email.
And there are other public protocols to choose from.
Unfortunately XMPP died roughly when the mobile devices became a mainstay. The way Google de facto took over the protocol didn’t help either, but even without it XMPP isn’t fit for the mobile-first world. The client needs to maintain an active connection at all times and there is nothing akin to push messaging, causing quite a significant battery drain. I might be unaware of some progress in this regard but this is how I remember it.
“The client needs to maintain an active connection at all times” is just plain wrong. Offline messaging is what makes it so much more fit for the masses compared to IRC (I adore IRC btw).
I don’t mean offline messaging with messages waiting for the user to go online. I mean the lack of push messaging capabilities, so the user/client doesn’t know there is a message waiting until they already go “fully” online.
Signal
Signal for private conversations and for larger groups Matrix. Matrix can also be bridged to telegram effortlessly.
Telegram is a suprisingly good app.
- Open source clients
- Decent Linux client on the laptop (whatsapp desktop is just terrible)
- It can be downloaded without Google’s appstore.
I wish other apps were half as good as Telegram.
- More importantly, non-electron app.
It bothers me that the major complaint is not the privacy issues or the people who own it behind the scenes…
but the technology used to build the desktop application. Electron is just a tool.
Fucking hell 🤦♂️
-
Owned by the Russians
-
Partnered with the
CCPTencent
Hasn’t the founder been a vocal critic of Russia for years, including the Ukraine war? I don’t really see why that would be a concern, especially since Telegram is supposedly owned by a US LLC
Russia has an army of “vocal critics” who play an important role in the pantomime, you see them on RT regularly. It doesn’t prove anything.
Sure, but they were compromised by Russia in June 2020.
a yes, the ceo that isn’t on russia and is viewd as a criminal for being against the war?
If that’s the definition of trustworthy Prigozhin was a saint
Prigo was definitely not against the war.
Better than being owned by Americans.
Why does it need to be owned by anyone? There are chat protocols that are public knownleage.
Someone needs to use those protocols and pour them in an app.
Those things don’t grow on trees.
“the russians” is the new “the jews” but for liberals, right?
Nah more “the Nazis” vibes to it really.
Russians didn’t invade Iraq, Americans did.
America has invaded a lot of places and I’d not recommend people use services from there either if you value privacy.
Especially if you are Muslim. I remember a data being sent from a French-origin Muslim-targetted international app to the US army!!!
Whataboutism detected.
Whataboutism is the logical and correct response to hypocrites.
Actually, it’s a logical fallacy.
So they’re both awful imperialist powers? How novel
-
Telegram has the best clients ever. But those clients need to connect to something and this is where we encounter a big problem.
But isn’t that the whole point of a messaging service? Connect to something else that’s not local and have your messages exchanged?
I think smileyhead is alluding to the fact that Telegram servers are not open source, just the clients are.
Why would it matter if the servers are open source? How would you ever verify they are running the exact build they claim they are?
It’s not about what build they are running. It matters because somebody just glancing at it might misinterpret the situation as “Telegram is open source”, but it actually isn’t because the server isn’t. Just some clients are, which is pretty useless if you can’t run a server to talk to them. Just for arguments sake, let’s say Telegram gets busted tomorrow in an international sting operation and all their servers get taken offline. The clients will be entirely useless at that point, somebody would have to reverse engineer the server.
I’d like to at the very least be able to run my own server. Not even necessarily federated with the original ones. Just run my own instance if I don’t trust the main one runs what they claim.
By running it myself, duh.
For whatsapp nothing is opensource
That’s kind of an apples an oranges comparison, WhatsApp doesn’t even try to present a facade of being open source. Telegram does, betting that the distinction between server and client code will go over most peoples heads, which it probably does to be honest.
There are two realistic alternatives with hundreds of millions of users. Whatsapp has a closed source client, Telegram has an open source one. The choice for me is easy.
That sounds like a false dichotomy and I’m not sure why you even think the number of users is relevant. Why not choose something fully open source?
Not open source, centralized servers that store messages mostly without E2EE. By using Telegram we are locking ourself in situation where they can turn the knobs as they like, while we can’t do anything about it.
yeah it is too good for just to be called a messaging app, hope it will be more privacy focused
Well, thats also easy since telegram clients dont do much more than displaying messages stored on a server. Its more a viewer than a full client.
And that compromises hard on privacy and security, which Signal and Whatsapp dont do, they have proper Clients that have to really handle and store incoming messages. And the E2EE makes it harder, developing an independent desktop client, like Signal always had and Whatsapp recently got. But both are mediocre at best, sure.
I prefer Telegram to something owned by an American corporation.
lol what are you smoking?!
Being foss and available on Linux is the prerequisite, it doesn’t make the app “good”
Yet WhatsApp is neither.
The shitty forced “stories” did me question seriously this once wonderful app. If I’d want to look at crappy TikTok-like shorts from other people, I’d be on TikTok.
I had the same worry when it happened to signal
Signal has stories as well?
Inexplicably, yes. It does
Hmm, should we add the ability to register from desktop easily? Nah, let’s just add stories)
Yes, but the can be disabled, which I do automatically.
Yeah but you can trivially turn them off.
Once I saw the stories I was like ok wtf. How do I turn this off?
Maybe revanced manager can do it.
I’m using Nekogram, that at least allows to automatically hide (archive) them.
Forkgram
https://www.f-droid.org/en/packages/org.forkgram.messenger/
Seems to be doing the trick for me but the icon sucks and I had to rename it in the android UI cause it uses its package name for its display name lol. How’s nekogram compare?
Yeah, the package/display name issue has been a bug for a while in Forkgram. Nekogram just works for me, nothing special apart from some custom options, such as hide stories.
Looks nice but https://github.com/nikitasius/Telegraher/issues/27
I fear that Telegram may ban user accounts…
Telegram has open source their client code. Not their server code. It’s even on f Droid.
But it’s starting to get worse. Now they won’t send you an SMS code for registration unless you are using official build of the app. Even chat app under libre licence must connect with something…
This actually is not a bad thing. If an unofficial client MITM the whole registration process, it’s much harder for the true account owner to prove that he/she is the legit one.
Also, it doesn’t really require a client to register; Telegram can be accessed from a browser.
If unofficial app can MITM registration, it can the same way MITM login later.
doesn’t require a client A side note, JavaScript app in the browser is as much an app as Java/Kotlin on Android. But I know websites and web-based applications are now so mixed together it sometimes can confuse me too.
And browser version of Telegram does not allow registering new accounts also.
Compared to login, MITM on registration means the culprit knows the IP address and the time of the registration, which is usually significant on claiming the account back.
I don’t have a spare number to test, but I’m pretty sure entering a phone number in the web sends a SMS code. Do you have concrete evidence that it really doesn’t work?
Unfortunetly not, I must test it also.
it costs them too much to send code as sms, also some client abuse that in some way, it also may help them to increase the download count of their official app which is not bad imo.
One of the most egregious thing they’ve done imo is this:
If their app allows its users to access content from Telegram channels, third-party developers using the Telegram API are required to support and properly display official sponsored messages in their apps by January 1, 2022
As well as not allowing registration from desktop.
I might be misunderstanding you, but I believe telegram requires SMS verification for all accounts, regardless of client.
What I mean is that they always require SMS code, but if you use app from F-Droid they won’t send you this code.
Thank you. Installed fork client and now that stupid story crap is gone and there’s new stuff I can do to fine tune things.
How do I do this?
Search fdroid for telegram and it came up
Everyone complaining about both telegram and signal here should, idk, just start dead dropping handwritten notes to people inside of dead rats, like the true privacy experts.
Privacy is important, yes. But if all of my friends use telegram, I’m going to use it too. Not only that, I’m going to be happy about it, because the telegram app is 1000x better than pretty much any other messaging app.
braces for angry downvotes
You don’t understand, when it’s only you in that platform, it’s the ultimate privacy.
Receive my angry upvote.
I was under impression that Google Play and Apple App Store don’t allow apps that can do practically everything (super apps). Is it really allowed? If a completely new company submit a chat app that somehow includes taxy hailing, food delivery, nfc/qr wallet and micro-loan features all at once instead of adding those features gradually in future updates, would Apple and Google accept the app?
WeChat and other composite apps are already on the stores, so I don’t see why others also wouldn’t be allowed.
And Grab.
But outside China, WeChat is only a messaging app, right? The super app aspect is only available for China domestic users with a WeChat version distributed outside Play Store? Other notable super apps (Tata Neu, Grab, Gojek, etc) are also seemingly only operates in Asia. Or is there any US/EU-based super apps out there? Is the lack of western super apps caused by regulation, app store rules, or something else entirely?
I’ve seen wechat pay and other features used throughout Asia, though to a much lesser degree than localized services. That is to say, it’s still a “super-app” in all markets. Which services are supported in each market is up to the real-world marketplace, not necessarily the Google Play or App Store. As far as I know, the international version of wechat still has most of the same capabilities (and privacy concerns thereof) that the domestic China Weixin app has.
It’s a good question why western super apps haven’t taken off yet, and I feel like most users prefer fractured services until now. For example, Facebook had marketplace and messenger as part of its main service for years. Then, it decided to fracture them off into separate apps/services.
It does have a ton of functions tbh. I use it to access bots and keep notes. Even repositories for apps - Revanced Extended uses it for e.g. !
Uninstalled and moved to signal. But no one I know is on signal 🤡
This is the best summary I could come up with:
Telegram, the popular messenger with 800 million monthly active users worldwide, is inching closer to adopting an ecosystem strategy that is reminiscent of WeChat’s super app approach.
To build out this super app platform, Telegram relies on a network of infrastructure partners both from the established tech world and the crypto space.
WeChat has pioneered the mini app model in China and now powers millions of them serving functions from payments, food delivery, e-commerce, ride-hailing, to driver’s license renewal, just to name a few.
The developers would also need to learn the programming languages of blockchain apps, which might actually be an easier barrier to overcome than the process of understanding the economic incentives that facilitate decentralized applications.
Importantly, payment functionality played a critical role in WeChat’s early rise as it instilled a habit among users to make daily transactions through the chat app.
It will be fascinating to witness what lessons Telegram and TON take from WeChat and how a mini app platform with a decentralized twist unfolds.
The original article contains 678 words, the summary contains 169 words. Saved 75%. I’m a bot and I’m open source!
Telegram is rarely used in my country anyway.
deleted by creator
Please use decentralized chat apps and not Telegram
Why there is always the guy that tell others what to do? People should use what’s best for them, be it IM apps, browser, OS, whatever.
These people also don’t live in the real world. “Hey buddy, I know all your friends are using this chat service, but just stop using it and move to this barebones, extensively complex to setup service and everyone will follow suit, trust me”
Well you can start using Matrix and still talk to your contacts on all centralized platforms via Matrix bridges so it’s really easy to move to that. You will at least remove mobile apps trackers from your life and already start gaining extra privacy for every contact that does move to Matrix afterwards
Also, it’s not at all complex to start using, like all things you download an app and create an account (I can suggest Element or Beeper)
Because you’re on Lemmy and people here care about privacy, so my comment was a reminder and an advice, not a rule. You do you
If they already care about privacy, they don’t need your reminders/advice (or they don’t care). Recommending/“reminding” what to use/avoid, without even being asked, is both arrogant and annoying.
I learnt about all of that here on Lemmy. I think it’s beneficial to talk on a social media platform, and have discussions
Guessing Signal doesn’t count?
Depends on how dogmatic you want to get. Signal gets a passing grade from nearly all privacy focused groups, including the EFF.
Of course it has centralized control, and if they really wanted to, they could push out a change that creates huge privacy and security problems, but as a not for profit, they really have no incentive to do anything nefarious.
https://www.eff.org/deeplinks/2023/09/eff-award-winner-signal-foundation
If you truly want to have 100% security, you need to go to school for a decade, learn how the latest encryption and security works, create your own ecosystem, and have zero bugs or problems.
It’s centralized. And like all US based companies they have to conply to Patriot Act and Cloud Act, meaning US government agencies have everything not encrypted (dynamic map of all messages and social links).
Plus Signal has been founded by the CIA organisms (indirectly), it’s really shady
Session is the only one that comes to mind but they did such an overkill when it comes to privacy and security application is downright unusable.