Asklemmy

44611 readers

895 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

Open-ended question
Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
Not ad nauseam inducing: please make sure it is a question that would be new to most members
An actual topic of discussion

Looking for support?

Looking for a community?

Lemmyverse: community search
sub.rehab: maps old subreddits to fediverse options, marks official as such
[email protected]: a community for finding communities

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago

MODERATORS

[email protected]

What are the reasons to use Signal over Telegram (lemmy.ml)

submitted 1 day ago* (last edited 1 day ago) by [email protected] to c/[email protected]

98 comments fedilink hide all child comments

Greetings!

A friend of mine wants to be more secure and private in light of recent events in the USA.

They originally told me they were going to use telegram, in which I explained how Telegram is considered compromised, and Signal is far more secure to use.

But they want more detailed explanations then what I provided verbally. Please help me explain things better to them! ✨

I am going to forward this thread to them, so they can see all your responses! And if you can, please cite!

Thank you! ✨

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 20 hours ago (1 children)

They have to. They can't route your messages otherwise.

[–] [email protected] 1 points 20 hours ago (1 children)

They have to know who the message needs to go to, granted. But they don't have to know who the message comes from, hence why the sealed sender technique works. The recipient verifies the message via the keys that are exchanged if they have been communicating with that correspondent before or else it is a new message request.

So I don't see how they can build social graphs if they don't know who the sender if all messages are, they can only plot recipients which is not enough.

[–] [email protected] 2 points 19 hours ago (1 children)

But they don't have to know who the message comes from, hence why the sealed sender technique works.

Anyone who's worked with centralized databases can tell you that even if they did add something like that, with message timestamps, it'd be trivial to find the real sender of a message. You have no proof that they even use that, because the server is centralized, and closed source. Again, if their response is "just trust us", then its not secure.

[–] [email protected] 1 points 18 hours ago (1 children)

From what I understand, sealed sender is implemented on the client side. And that's what's in the github repo.

[–] [email protected] 1 points 7 hours ago

How does that work? I wasn't able to find this. Can you find documentation or code that explains how the client can obscure where it came from?