Delete   Set public   Set private
Daily Weekly Monthly

Daily Shaarli

Previous day
All links of one day in a single page.
Next day

February 15, 2020

Deirdre Connolly¹ sur Twitter : "Now in @CryptoVillage, snooping Telegram messages. 🕵️‍♀️ #DEFCON" / Twitter
telegram
What is “Island”
android privacy
Russian Censorship of Telegram - Schneier on Security
telegram
Calls for backdoor access to WhatsApp as Five Eyes nations meet | World news | The Guardian

Countries focus on increasingly effective encryption of communications

whatsapp privacy
Amazon’s new one-tap ratings could help the fake review problem - Vox

The company’s new one-tap star rating feature seeks to get more customer feedback ... from actual customers.

fake-reviews amazon
Telegram Bug ‘Exploited’ By Chinese Agencies, Hong Kong Activists Claim
telegram
Shelter | F-Droid - Free and Open Source Android App Repository

© 2010-2019 F-Droid Limited and Contributors

android f-droid
More on Backdooring (or Not) WhatsApp - Schneier on Security
whatsapp privacy
A reminder, because this sometimes surprises people, and feel free to correct me... | Hacker News

A reminder, because this sometimes surprises people, and feel free to correct me if the facts have changed recently:

Telegram supports end-to-end encryption only in 1:1 private chats.

End-to-end encryption is disabled by default.

Telegram does not support end-to-end encryption, at all for group chats, its most popular use case.

Instead, Telegram claims that those group chats are "encrypted" by dint of the TLS connection between Telegram clients and the Telegram servers, which can, in this model, read all group traffic.

People like to dunk on the weirdness of the limited E2E crypto Telegram does have; it's archaic and idiosyncratic and people have published research results about it, though none to my understanding are of real practical impact. I support people dunking on bad crypto. But that has nothing to do with why Telegram is an inferior secure messenger.

By comparison, Signal, which Durov has repeatedly talked down:

  • has modern, ratchet-based forward secure end-to-end crypto, always, in both group and private messaging;

  • won the Levchin Prize, refereed by some of best-known names in academic cryptography, for the design and implementation of that cryptosystem, as well as for its implementation at WhatsApp;

  • ha repeatedly foregone basic messaging app features simply to avoid collecting user metadata; Signal didn't even have user profiles until they could figure out a way to implement it in a privacy-preserving manner, and even their GIF sharing feature has a purpose-built anonymity system; we'll only this year potentially get usernames instead of phone numbers because it took that long to design a trustworthy social graph that didn't leave Signal with a giant pile of subpoenable metadata.

Use whatever messaging app you want.

signal telegram privacy
Thomas 🐦 sur Twitter : "@bradfitz @sh1mmer @harryh 1. 1:1 E2E chats use archaic, broken crypto. 2. N:N group chats aren’t encrypted at all. 3. Telegram claims TLS protects messages. 4. 1:1 E2E is opt-in. I get that it’s a pleasant app. Not here to rant a…
telegram
Signal Is Finally Bringing Its Secure Messaging to the Masses | WIRED

The encryption app is putting a $50 million infusion from WhatsApp cofounder Brian Acton to good use, building out features to help it go mainstream.

privacy signal