Is this shit a fucking meme?

b-b-b-but it says it's more secure than whatsapp or other memes...

>d-d-ddont trust the EFF guys!!
>trust me instead!!!
What a pile of shit.

The only criticism people have of their crypto is that they rolled it themselves. So fucking what. They've had money on it since the beginning and nobody has cracked it.

And yes, they do have end-to-end encryption you illiterate fuck. It's called secret chat.

I don't use Telegram but looks like every permission but location seems necessary.

location is used to see where you are logged in in the devices list (useful if someone steals your password or if you want to know whether or not you logged in/out somewhere)

>don't trust a group of random somewhat informed bloggers with an agenda to push
>trust a slightly better informed blogger with less of an agenda to push

yeah sounds like a better idea actually

>they do have security it's optional tho
lol

So every permission is necessary and OP is a faggot as aways

The EFF showed negligence in their scorecard system, you dont have to trust me for what I say its clear the EFF didnt give a crap making something that could literally be a life and death decision for some people.

>no known issues

theatlantic.com/technology/archive/2016/01/isiss-favorite-messaging-app-has-a-security-problem/422460/

>In particular, Orlandi and Jakobsen found that MTProto lacks a property called “indistinguishability under chosen ciphertext attack,” or IND-CCA. That standard is meant to imply that an attacker trying to decipher a message can’t wring information out of the encrypted version. Formally, it can be tested against a sort of game. If an adversary asks Telegram to encrypt one of two messages, and receives the encrypted version in return, it shouldn’t be possible to guess which message was enciphered, at least not with better odds than chance—even if you give the adversary access to a “decryption oracle” that can crack any message secured by the same algorithm.

>>they do have security it's optional tho

Are you a dumbass?

Compare it to the fucking competitors.

>Whatsapp
>non-opensource
>Doesn't even claim to be secure

>Signal
>meme

>Everything else
>Openly admits to being a botnet

How is Telegram NOT secure? Even if they store your secure chats it's end to end encrypted rendering it pretty much useless.

More..

>b-b-but they have a crypto contest!!!
moxie.org/blog/telegram-crypto-challenge/

unhandledexpression.com/2013/12/17/telegram-stand-back-we-know-maths/

>Basically, their threat model is a simple “trust the server”. What goes around the network may be safely encrypted, although we don’t know anything about their server to server communication, nor about their data storage system. But whatever goes through the server is available in clear. By today’s standards, that’s boring, unsafe and careless. For equivalent systems, see Lavabit or iMessage. They will not protect your messages against law enforcement eavesdropping or server compromise. Worse: you cannot detect MITM between you and your peers.

>whats app
It uses the signal protocol and signal is much less of a meme than telegram. This is clear given the fact that ISIS retards constantly get busted when using telegram.

>It's not very secure, but it's the best we have

So it's garbage and we should ignore it and use encrypted email (no web clients!) instead of meme "better UX!!!1!" crap

Let me reiterate...
>Worse: you cannot detect MITM between you and your peers.
>Worse: you cannot detect MITM between you and your peers.

Even fucking Signal and WhatsApp can detect that. Get your shit together Telegram fanboys.

>How is Telegram NOT secure? Even if they store your secure chats it's end to end encrypted rendering it pretty much useless.

Oh wait... web.archive.org/web/20131220000537/https://core.telegram.org/api/end-to-end

Looks like not so secure after all

I mostly use Telegram because my gf's phone is too old for Signal
Even if it's not secure, though, there are lots of fun things on Telegram, and I certainly prefer poorly implemented privacy to no privacy

What does Signal require? I didnt know it had specific os requirements.

Whatever faggots.

I'm not a pedophile trying to send CP nor am I an ISIS terrorist trying to discuss plans, it's still a good chat client and it provides enough secure that it's not skype or some shit.

I literally just want to use a chat client that's fun and secure to talk to some people from Sup Forums or others on the internet. I don't give a fuck if it can't stand up to a government supercomputer being able to crack the encryption

theregister.co.uk/2015/11/23/homebrew_crypto_in_telegram_app/

>“Telegram is error prone, has wonky homebrew encryption, leaks voluminous metadata, steals the address book, and is now known as a terrorist hangout,” OpSec expert The Grugq concludes in a damning assessment of the technology. “I couldn’t possibly think of a worse combination for a safe messenger.”

Even the fucking Grugq is shitting on it

Nice goal post moving user

iOS 8+
She has an old-ass iPhone (dunno exactly what model), and she won't get a new one, which is sort of ironic since she's actually pretty rich

You are right, you arent an ISIS terrorist which is why you use the app they use right?

What does this mean for the average end-user who can either choose between all those other EQUALLY if not moreso flawed chat programs OR telegram?

I'd love to see the flaws of kik, skype, etc.

Skype, kik, etc dont claim to be secure like Telegram, WhatsApp and Signal do (and if they do then I guess they are very bad at it).

You forgot

>Signal
>need Google Play (read: Google account) to install
>has a fuckton more permissions than Telegram
>developed and run by autistic dictator

I suggest using LibreSignal, instead.
fdroid.eutopia.cz
github.com/xmikos/fdroiddata

There are many more crimes than CP and blowing up the pentagon. Many. many more. If you just share a photo you found on google images and someone logs it, you better get your lawyer on the line. And then you have shit that isn't illegal, or even that weird - just a little weird.

If you ever actually participate in democracy, people having dirt on you suddenly becomes a problem.

>extra extra, user said putin was "based"
>how can we trust a man who admires the enemy of freedom and the american gay?
>"i-i-it was a meme"

>all those other EQUALLY if not moreso flawed chat programs

Which ones?

Which permissions should it not use?
And its great to attack developers with names but what exactly do they do that's wrong? Developing a secure application takes a lot of control and understanding of the protocol, you cant just blindly add features like dumb Tox devs.

>If you just share a photo you found on google images and someone logs it, you better get your lawyer on the line

In what country is that illegal?

I don't know what non-free shithole you live in but in my country my ISP doesn't even give out DMCA notices if you download and seed torrents.

>Which ones?

Every single other one except whisperpush or some shit

>In what country is that illegal?
Pretty much any country that trades with the US has compatible copyright laws.

If you are politically active and someone with connections doesn't want your competition, they can and will dig that shit up. Even if you just criticise and rally instead of run, they can and will. Communicate securely. Secrets exist because everyone has different tastes as well as a need to get along regardless of them.

>In what country is that illegal?

Doesnt the US do this for pirates? I always thought they went to the ISPs for traffic logs. Arguably they could use this for images/videos too, as they have a broad definition of copyright/trademark infringement in court. For example I wonder what happens if you share a youtube video that you downloaded? Would that be "illegal" enough for them to come after your logs?

It's the best IM client so long as you realize your conversations aren't secure. I don't care if Telegram and the NSA see me talking about anime

>whisperpush
Doesnt that use Signal?

>If you are politically active and someone with connections doesn't want your competition, they can and will dig that shit up

Thankfully I am not active in politics in any way nor do I care about politics or follow them.

>Communicate securely. Secrets exist because everyone has different tastes as well as a need to get along regardless of them.

I understand that but the thing is that it depends on HOW MUCH security you really need at a given time.

If I just want to talk to people from Sup Forums? - Telegram will do for group chats.

If I want to download torrents? - A VPN will do.

if I want to seed torrents? - I would probably need a seedbox in some country off the radar.

If i want to host CP or other shit? - I would need bulletproof hosting in some underground bunker off the coast of Tanzania.

IF I WANT to do extremely illegal shit I would need fake passports, burner cellphones, to use other people's wifis, VPNs + proxies, to change my look every few weeks, get facial reconstruction surgery, get a facelift and more.

My point is that you can always take it a step further but you don't need to do this shit. Most people aren't trying to live off the radar, they just need something NOT as botnetty as Skype yet not the most hardcore OPSEC as if they're Interpol's most dangerous criminal with warrants in every single country who needs to hide out in a caribbean island

if they really want you, yes, they can find a reason, and then that reason gives way to probable cause for more searches, and surprise! planted CP. have fun convincing the jury to sympathize.

>tell me user, do you like....anime? your browser history has a variety of anime porn websites, which host pedophilia content, such as Sup Forums.org....

If you are posting politicial rants anywhere on the internet you are active in politicis

You are in a country that used to consider tossing a communist brochure into the trash an attempt to covertly spread anti-american ideals and a good reason to blacklist you from every career ever

>If you are posting politicial rants anywhere on the internet you are active in politicis

I am not. I don't give a shit about politics besides occasionally going off on a libertarian meme rant ironically

According to the "terrorists who hate our freedom", freethinkers, and others, you, by being a tax paying citizen, are DIRECTLY involved in not only this countries' politics, but also its foreign policies and military involvement.

en.wikipedia.org/wiki/Tax_resistance

Besides, my point is that unless you go legit full-autism you can't never be "secure".

You have to take precautions such as not having a FB account and simple shit but no I don't think that using VPN + proxy off a cracked WEP/public network is absolutely necessary

Broken security is the same as no security. If someone can grab your messages via MITM, from plaintext transmission/storage, or anything else, then someone else can automate that process and do it to everyone. Might as well use Skype.

Unlike these other anons, I don't think that the paranoia is either necessary or warranted. The fact that using something like Telegram is just as good as sending messages plaintext over Facebook Messenger should be motivation enough to find an alternative.

>According to the "terrorists who hate our freedom", freethinkers, and others, you, by being a tax paying citizen, are DIRECTLY involved in not only this countries' politics, but also its foreign policies and military involvement.
>en.wikipedia.org/wiki/Tax_resistance

Dude that's for fucking hippies and commietards.

Just pay your taxes, don't do illegal things and enjoy your life instead of entering some political struggle and trying to live off the radar like a complete autist.

Look i get free software and privacy and all that but you can't go to an autistic level

>I don't give a shit about politics except handing out meme stalinist brochures occasionally

Okay, red menace. We're not hiring you and neither is any other business in the city.

You can't live securely 24/7 without making some serious compromises, but you can communicate securely

It's as simple as not using fucking telegram

>and enjoy your life
That's cheerful and easy for you to say, when you're the one dropping the bombs and not the one having the bombs dropped on.
>entering some political struggle
Is how this country was founded.

Then again, I better watch what I write, before my "freedom of speech" turns into "some political struggle".
inb4

>That's cheerful and easy for you to say, when you're the one dropping the bombs and not the one having the bombs dropped on.

Sorry but I can't control that. It is completely unrelated to me and is thus not my concern. I'm sorry that happens but it's not my doing.

Besides, what's wrong with that anyways? Don't they say "Might is right"? And the US military is the strongest in the world by far.

>Sorry but I can't control that. It is completely unrelated to me and is thus not my concern. I'm sorry that happens but it's not my doing.
Yeah, but see I refuted that with this post
It is absolutely your doing and you are completely responsible. Or at least, that's what a terrorist, extremist, or freethinker might say. But I digress, this is Sup Forums.

>It is absolutely your doing and you are completely responsible. Or at least, that's what a terrorist, extremist, or freethinker might say. But I digress, this is Sup Forums.

So what am I suppose to do and why should I care?

I don't feel any guilt because I never did anything, and I'm not about to ruin my quality of life by doing something that won't even help a bunch of people i've never met, who probably wouldn't spare me the same thing if the roles were switched.

I like a good, nice economy in the US. I don't care if Wallstreet drinks the blood of children and the government bombs children's homes, sorry but that's how it is.

can we just all talk about our true lord and savior Jitsi with XMPP?

>instant messaging
Are you guys that big of a social whores? Protonmail is fine.

>Are you guys that big of a social whores?

Yeah kind of.

Email doesn't cut it for active communication really

Then at least consider yourself lucky that you were simply born here and not there. And also understand why so many foreigners are so eager to come here and partake in all the prosperity you've come to know and enjoy, by any means, legal or not.

But to get back on topic, anyone here using Ring?
ring.cx/
>Ring is a secure and distributed voice, video and chat communication platform that requires no centralized server and leaves the power of privacy in the hands of the user.
Seems promising.

This thread should be a lesson to all of you who blindly use things because Sup Forums says its good

Sup Forums is hit and miss though, some suggestions are good (thinkpads and Arch for example) while some are absolute shit

Wish it were tox.

TOX is really god-damn buggy and doesn’t use Public key encryption whereas Jitsi is endorsed and used by Edward Snowden, Jacob Applebaum and Richard Stallman, not in a beta or alpha stage like TOX is, extremely secure, uses public key end to end encryption and is compatible with many other messengers like XMPP and other things. Seriously why the fuck isn’t Sup Forums endorsing the fuck out of this, TOX was extremely buggy when I used it and it's protocol doesn’t support using other devices with the same ID, TOX is trash. Literally Jitsi has no problems, works much better than shitty fucking Skype or anything in beta and is extremely secure. Install Jitsi. It's really good, freely licensed too.

Your usage of Random capitalisation and all CAPS is really triggering me, but I mostly agree with you on Jitsi.

>Random capitalisation
I only see Public capitalized randomly. lrn2 write properly, m8y.

you can send your location to someone if you wanted

THREEMA
H
R
E
E
M
A

Literally the only option at this point.

>proprietary software fucking ever
>"secure"
PICK ONE

...

Secure open source (doesn't exist in this case) > trustworthy and plausibly secure closed source > broken open source shit with a literal Google botnet included > Russian, Chinese and NSA botnets.

I wish telegram would take off. Since it's such an unpopular service you can get any username you want at the moment. I was able to get my first and last name.

it's not secure at all

this thread shows how many tinfoil hat tippers are on Sup Forums

Drawing over other apps = notifications
Finding accounts on the device = having an account on the device
Running at startup = being able to receive messages when you get them, not just inside the app
Record audio = being able to send audio messages or do voice calls
A bunch of other shit = because Android's permission model is a pile of crap

Location is an odd one, but it's for login security.

Telegram was being mercilessly shilled (very obviously, it was the same fucking thread every time - I even had a pasta ready to reply warning about the crypto quality) on here for a while. Looks like Pavel Durov's PR department gave up though.

No. The crypto's a pile of shit, when it bothers to use it at all. Try Signal instead, if you want a phone messenger. Or even fucking WhatsApp - closed-source yes, but still better than Telegram.

Which is what I said at the time, but some of you didn't listen or do the research yourselves.

>love how the way Telegram actually "functions"
>such as not saving all images sent to my FUCKING GALLERY REEEEEEE
>but prefer WhatsApp's privacy/universal usage

I want a messenger that would have a good desktop client. Frankly, in terms of usage, nothing beats Telegram. It's another matter when it comes to security. A shame, really. They should have opted for end to end encryption and just restricted the size of the files that you can send.
Fuck this gay earth, why can't there be any truly good messenger?

I like it.
Awesome features, stable, fast, lightweight.

> inb4 privacy
Fuck off. Use a car, go to your Jamal friend, and say when you want to blow up something personally. Simple as fucking that.
Nothing is secure.

> inb4 b-b-but muh WhatsApp
You could implement this fake encryption shit anywhere. If the apps would have direct connection (lol) and gpg encrypted chat through that (double lol), MAYBE we would have privacy.

Btw you can have almost perfect privacy, IM+ with your own Jabber works fine.

see

You are free to use an alternative client

both of these are interesting but can't compete with telegram yet. how do i even change the displayed name in ring? and who could i use this with? does it support stickers? group chats over 100 people?

If you claim an application is secure to use, at least try and actually be sure its secure before suggesting to others...

>Secure open source (doesn't exist in this case)

What is Signal and all programs that use the Signal protocol?

The meme how Telegram is secure is because it's Russia's government that are spying on you, so for any non russian it's preferable over NSA approved memes

Why would Russian government be spying on you if Pavel LEFT Russia because of that shit?

meh, chatsecure and conversations are better programs, signal needs fucking google play services to work

>Russian govt spying Telegram
Wrong, it's the german federal police which is actually worse than Pootin

Why the fuck do you need to share your phone # to add people to contacts in Telegram?

What the hell is the point of a "secure" chat then?

If someone shares their number and you add them to contacts, can they also see yours?

well? Why is this shit existent

jitsi is bugged as hell and tox is not even near to be good.

tox is not bad desu

>history it's just a plain text file you should save manually
>offline messages doesn't exists
>group doesn't even stay alive when everyone go offline
>can't voice call in a group chat
>file sharing works like shit
>no screen sharing
>a lot of clients, no one really works well

basically you can barely send text messages to a single person (and only if he's online) and you say is not bad?

why is Sup Forums always so butthurt over random software? don't like it, don't use it.

Fucking this.
Signal it's pretty solid now, media compression losses have gotten a lot better

What's the point in using telegram if it isn't actually secure? Why not use something that is? If you don't care about security, why not just use normie shit?

There's no reason to use telegram besides falling for the meme and now being emotionally invested.

yeah, let me download the desktop client. oh wait...

>falling for the secure chat meme
>not just using pidgin for everything
What are you all drug dealers or something

>Not psi

Does psi have an actually functional Skype and Facebook plugin?

Why the fuck would i want either of those?

Because I need it, dummy

>pidgin for everything
Even Android?

Because you're a well-adjusted adult with friends who don't use obscure or wayside standards and thus cannot be contacted except through mainstream channels such as Facebook and Skype?

>and thus cannot be contacted except through mainstream channels such as Facebook and Skype?

Don't people use Whatsapp, regular calling/texting or emails the most in "adult life"?

Can't say I've ever heard anyone asking to add me on skype or facebook for a job

Looks interesting.