this post was submitted on 28 Aug 2024
537 points (96.5% liked)

Privacy

31990 readers
328 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 57 points 2 months ago (14 children)

I hope they don't arrest them too.

[–] [email protected] 72 points 2 months ago (25 children)

Not that the action against Telegram is right, but there's a big difference between what Signal and Telegram is doing.

[–] [email protected] 33 points 2 months ago (3 children)

Would you have more info on the differences? I was wondering the same thing, but I don't know enough about Telegram to compare

[–] [email protected] 71 points 2 months ago* (last edited 2 months ago) (3 children)

Signal always responds to authorities when they ask for data, and they give them all they have: the day they registered, their phone number and the timestamp they last used the app.

Telegram has unencrypted channels of drug dealing, and what I heard is a lot of illegal porn too. The authorities want information on certain users there and Telegram doesn't comply. This is directly against the law Signal is not breaking, because they always send all the data they have to the law enforcement.

[–] [email protected] 17 points 2 months ago

Telegram is a propaganda weapon in some sense, between two worldviews - one is "a good service doesn't require trust, because they physically can't sell you", another is "a good service you can trust because they won't sell you". And Telegram helps the latter.

So frankly - kill it with fire. Sadly I'm in Russia and everybody uses it here.

load more comments (2 replies)
[–] [email protected] 14 points 2 months ago (2 children)

I'm no authority on it but from what I've read it seems to have more to do with the social features of telegram where lots of content is being shared, both legal and illegal. Signal doesn't have channels that support hundreds of thousands of people at once, nor media hosting to match.

[–] [email protected] 14 points 2 months ago* (last edited 2 months ago) (1 children)

Right, the French authorities are going to present evidence that this dude was aware of specific illegal activity and refuse to comply with a legal warrant involving said actively, making him guilty of obstruction at best, and possibly conspiracy. Signal complies with warrants, they just don't have anyone's keys. Telegram has everyone's keys, and theoretically could turn them over but they refuse. That's a huge difference from a legal perspective.

[–] [email protected] 13 points 2 months ago (1 children)

Thank you. I'm going to restate your explanation to be sure I've got it:

  • authorities want platforms to comply with legal requests
  • when Signal gets a subpoena, they open the key locker and show that it's empty. They provide the metadata they can (sign up date and last seen date, full stop) and tell authorities they can't do better.
  • when Telegram gets a subpoena, they open the key locker and show all the keys, then slam it shut in the face of the investigator, telling them to get bent.
  • conclusion: it's easier to never have the keys in the first place than to tease the government with them
load more comments (1 replies)
load more comments (1 replies)
load more comments (1 replies)
load more comments (24 replies)
[–] refalo 22 points 2 months ago (1 children)

She has her hand in too many strategic places, unlike Telegram.

employed at Google for 13 years

speaker at the 2018 World Summit

written for the American Civil Liberties Union

advised the White House, the FCC, the FTC, the City of New York, the European Parliament, and many other governments and civil society organizations

load more comments (1 replies)
load more comments (12 replies)
[–] [email protected] 48 points 2 months ago (1 children)

This is a very rude question, but on this subject of being lean, I looked up your 990, and you pay yourself less than … well, you pay yourself half or a third as much as some of your engineers.

Yes, and our goal is to pay people as close to Silicon Valley’s salaries as possible, so we can recruit very senior people, knowing that we don’t have equity to offer them. We pay engineers very well. [Leans in performatively toward the phone recording the interview.] If anyone’s looking for a job, we pay very, very well.

But you pay yourself pretty modestly in the scheme of things.

I make a very good salary that I’m very happy with.

That's pretty cool. But knowing the number would matter.

[–] [email protected] 24 points 2 months ago (1 children)

IIRC She earns around 400+k per year. Which is a nice salary, but rather low compared to other execs.

[–] [email protected] 27 points 2 months ago* (last edited 2 months ago) (1 children)

As a happy user of Signal (no bugs or incidents from my viewpoint), I regardless chime in to say a word for decentralization. :)

Signal is centralized:

  • there is a single Signal implementation, with a single developing entity
  • you have to install its mobile version before you may run the desktop version

There exist protocols like Tox which go a step beyond Signal and offer more freedom -> have multiple clients from diverse makers (some of them unstable), don't have centralized registration, and don't rely on servers to distribute messages - only to distribute contact information.

In the grand comparison table of protocols (not clients), Tox is among the few lines that's all green (Signal has one red square).

[–] [email protected] 12 points 2 months ago (3 children)

Tox isn't the most secure or private. I would go Simplex Chat

load more comments (3 replies)
[–] [email protected] 12 points 2 months ago (2 children)

This is the same Meredith Whittaker doing interviews with US defense-department aligned sites like LawFare.

Why are all these big tech sites like wired so interested in pushing signal anyway?

[–] [email protected] 8 points 2 months ago (4 children)

I find it intriguing that the people will scrutinize messaging platforms such as Telegram, and explain in detail how one should not entrust their messages' encryption keys to these services. Yet, these same people seem unable to comprehend the concerns regarding Signal server having access to phone numbers of its users. The fact that these people are able to perceive potential vulnerabilities in one platform while remaining oblivious to similar concerns on another highlights that their arguments are more ideological than rational.

load more comments (4 replies)
load more comments (1 replies)
[–] [email protected] 10 points 2 months ago (18 children)

Signal's hostility to third party clients is a huge red flag.

They also refuse to distance themselves from Google's app store.

[–] [email protected] 49 points 2 months ago (4 children)

That's outdated information:

Go forth and contribute, fork, or create your own.

They also refuse to distance themselves from Google’s app store.

This link has existed forever at this point if we count in internet years: https://signal.org/android/apk/ - getting an app directly from the developer with no middleman is about as distant as you can get from Google's app store.

[–] [email protected] 9 points 2 months ago (1 children)

Those clients exist despite Signal Foundation, not because they encourage community development. They are doing everything they can to discourage third party app development.

[–] [email protected] 11 points 2 months ago (4 children)

They are doing everything they can to discourage third party app development.

I'd say you're moving the goalpost. Other than the hostility the founder showed towards LibreSignal nearly 10 years ago now, can you source any evidence to support your claim?

load more comments (4 replies)
load more comments (3 replies)
[–] [email protected] 27 points 2 months ago* (last edited 2 months ago) (1 children)

Yeah, I would like to use it from f-droid instead of google store or apk

[–] [email protected] 23 points 2 months ago* (last edited 2 months ago) (2 children)

https://molly.im/ Especially the FOSS version. Need to manually add the repository though.

load more comments (2 replies)
load more comments (16 replies)
load more comments
view more: next ›