“Telegram is not a private messenger. There’s nothing private about it. It’s the opposite. It’s a cloud messenger where every message you’ve ever sent or received is in plain text in a database that Telegram the organization controls and has access to it”
“It’s like a Russian oligarch starting an unencrypted version of WhatsApp, a pixel for pixel clone of WhatsApp. That should be kind of a difficult brand to operate. Somehow, they’ve done a really amazing job of convincing the whole world that this is an encrypted messaging app and that the founder is some kind of Russian dissident, even though he goes there once a month, the whole team lives in Russia, and their families are there.”
" What happened in France is they just chose not to respond to the subpoena. So that’s in violation of the law. And, he gets arrested in France, right? And everyone’s like, oh, France. But I think the key point is they have the data, like they can respond to the subpoenas where as Signal, for instance, doesn’t have access to the data and couldn’t respond to that same request. To me it’s very obvious that Russia would’ve had a much less polite version of that conversation with Pavel Durov and the telegram team before this moment"
It’s also important to continue educating people about the fact that Signal is incredibly problematic as well, but not in the way most people think.
The issue with Signal is that your phone number is metadata. And people who think metadata is “just” data or that cross-referencing is some kind of sci-fi nonsense, are fundamentally misunderstanding how modern surveillance works.
By requiring phone numbers, Signal, despite its good encryption, inherently builds a social graph. The server operators, or anyone who gets that data, can see a map of who is talking to whom. The content is secure, but the connections are not.
Being able to map out who talks to whom is incredibly valuable. A three-letter agency can take the map of connections and overlay it with all the other data they vacuum up from other sources, such as location data, purchase histories, social media activity. If you become a “person of interest” for any reason, they instantly have your entire social circle mapped out.
Worse, the act of seeking out encrypted communication is itself a red flag. It’s a perfect filter: “Show me everyone paranoid enough to use crypto.” You’re basically raising your hand.
So, in a twisted way, Signal being a tool for private conversations, makes it a perfect machine for mapping associations and identifying targets. The fact that Signal is operated centrally with the server located in the US, and it’s being developed by people with connections to US intelligence while being constantly pushed as the best solution for private communication should give everyone a pause.
The kicker is that thanks to gag orders, companies are legally forbidden from telling you if the feds come knocking for this data. So even if Signal’s intentions are pure, we’d never know how the data it collects is being used. The potential for abuse is baked right into the phone-number requirement.
Best alternative?
It really depends on your needs and what people you communicate with are willing to use. A few platforms that are notable in no particular order.
SimpleX Chat is probably the gold standard right now. It uses absolutely no user IDs such as phone numbers, no usernames, no random strings of text. Instead, it creates unique, pairwise decentralized message queues for every single contact you have. Because there is no global identity, there is no metadata connecting your conversations together.
Session is a popular Signal alternative. It doesn’t require a phone number and routes your messages through an onion-routed decentralized network that’s similar to Tor. Since your IP address is hidden and messages are bounced through multiple nodes, no single server ever knows who is talking to whom, stripping away metadata.
Jami is completely decentralized, open-source platform. It uses Distributed Hash Tables to connect users directly to one another without a central server. Notably, it supports high-quality voice and video calls.
heard SimpleX is really good, the only thing that bothers me is their vc funding model. It makes me feel a bit suspicious.
Session is a security downgrade. It doesnt support forward secrecy which is hella important.
Session actually does implement a form of forward secrecy through the Session Protocol. https://getsession.org/blog/session-protocol-v2
We have to choose our threat level. Signal is great when you don’t want to expose your data to companies mining it for their profit. It is not so great when you are a person of interest, and need absolute privacy.
The metadata is worthless and pricy to use it for an awarage joe.
The thing is that there’s nothing special about Signal that makes it better than alternatives like SimpleX. I just don’t see why it should be promoted instead of them. Yes, it’s better than WhatsApp where meta has a master key and can read your messages, but why settle when you can use a platform without compromises?
I appreciate the comment on the matter. This is good information to know and consider.
People should know that Signal is encrypted and private, but won’t make you a ghost.
That being said, the majority of people are not interested in privacy so getting them to use Signal over WhatsApp or SMS is a 99% win.
The question here is why not get people to switch to a better platform like SimpleX or even matrix with something like Element. I don’t find that Signal does anything better in practice.
Why is this interview happening inside a sauna?
She likes putting guests on the hot seat.
If you watch the video - its explained starting at 1:13, Moxie built it himself: https://www.youtube.com/watch?v=cPRi7mAGp7I
Right? If they’re just chatting this should be happening in a jacuzzi with nice glasses of milk 🍼 👍
Why is this interview happening inside a sauna?
It’s his personal sauna. He built it himself.
Why did he invite the hot reporter chick to his sauna? would be the follow-up question…
If I had a personal sauna, I’d invite everyone. But I’m not from puritan central (USA) so that might be a foreign concept to some readers.
It’s a sauna on a boat. She’s out in the middle of nowhere with some dude she barely knows. You know, she looks around and what does she see? Nothin’ but open ocean.
That explains that awkward interaction in the interview. It’s like an interview happening in the Black Lodge.
I don’t understand his point about restoring your messages to a new phone. How does that prove it isn’t encrypted? Couldn’t Telegram store the encrypted data on their server, send the encrypted data back to you and then you automatically decrypt it because you have the key?
With my limited knowledge of cryptography, this is how I understand it:
The distinction to make is that the user’s password is not the encryption key - it only gives access to the key. So even if the user has the same password on a new device, there would be no way to decrypt the data without the original key.
In order to maintain full privacy, data has to be encrypted on device before sending it through any server (whether to another participant in a chat, or for backup). This means that the encryption key has to be on device.
If that key was copied over to a location not controlled by the user (e.g. Telegram server), then that location would have access to the key and can decrypt any data encrypted by that key. In the same vein, if a user loses their phone then that encryption key must be lost, so encrypted data cannot be decrypted on a new phone.
Which means that the only way that Telegram can provide the chats on a new phone (when the user has no access to the old phone) is if they have access to the encryption key and can provide it to the new phone.
From my experience with that: Telegram restored all unecrypted chats when I swapped phones without asking me for any passwort / key. I literally just confirmed my phone number and all my chats / groups / contacts appeared.
She’s pretty hot for a programmer.
And with a name like that she was destined for greatness.
Moxie is the guy
Why don’t we all just truly go FOSS and use matrix?
Because it’s not p2p.
Dude for the first 15s I thought this is porn
its the sauna
How I hate that saunas are associated with porn and sex. It’s not supposed to be sexual and more importantly it’s an awful, just terrible place to have sex
That’s absurd coming from the founder of a FOSS messaging app who actively decided not to let Signal federate and rejected any other open source Signal client. Not only that, even now you can’t truly use Signal’s new “username” feature. If any of the recipients have your number stored in their phonebook, irrespective of whether you know them or not, the username goes for a toss. This was/is the problem with Telegram’s username feature. Signal knew this and still decided to go ahead with it. Not to mention never doing anything about completely removing the phone number from the account after its creation. This has been, by design, a privacy and hence safety threat, and even after the username feature was implemented, this not getting implemented is very concerning.
I’m sorry your free messaging app isn’t perfect. /s
And I always assumed that nicknames was just as much to prevent screenshots from becoming a liability.
you can’t truly use Signal’s new “username” feature. If any of the recipients have your number stored in their phonebook, irrespective of whether you know them or not, the username goes for a toss.
Hm. I haven’t interacted with a new Signal user in a while… but I do see in settings two knobs: “who can see my phone number” and “who can find me with my phone number”. Both of these settings can be set to “nobody”.
I’m guessing if I set “who can find me with my phone number” to “nobody”, then even if someone has my phone number in their contacts, they wouldn’t know I’m a Signal user?
Don’t forget not allowing you to sync historical messages between your phone and PC. Apparently somehow that’s just too complicated.
Its not about being complicated, its about dumping the whole chat history with just a few seconds of physical acceas to the device.
LEA has used this method with messangers like Whatsapp for years to quicly exfiltrade the data from a victims phone to other software.
There’s a pin. Just require the pin.
The Pin is not designed and used for such an authentication. Also can be changed at any time:
How do I manage or change my PIN?
On your phone, go to Signal Settings > Account > Change your PIN
What are you talking about?
I literally installed Signal on my Linux laptop yesterday and it automatically downloaded all my messages from my phone.
Last time I did that, it would only sync new messages
they definately installed signal and fucked afterward
Unlike Signal, Telegram is successful in getting people to move away from Meta’s Whatsapp.
What is a Moxie Marlinspike?
Signal is also not private
The onus is on you to back up that claim
Look for other comments in this thread that back up this well-known fact.
