this post was submitted on 30 Aug 2024
171 points (80.9% liked)

Privacy

31990 readers
488 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Pavel Durov's arrest suggests that the law enforcement dragnet is being widened from private financial transactions to private speech.

The arrest of the Telegram CEO Pavel Durov in France this week is extremely significant. It confirms that we are deep into the second crypto war, where governments are systematically seeking to prosecute developers of digital encryption tools because encryption frustrates state surveillance and control. While the first crypto war in the 1990s was led by the United States, this one is led jointly by the European Union — now its own regulatory superpower.

Durov, a former Russian, now French citizen, was arrested in Paris on Saturday, and has now been indicted. You can read the French accusations here. They include complicity in drug possession and sale, fraud, child pornography and money laundering. These are extremely serious crimes — but note that the charge is complicity, not participation. The meaning of that word “complicity” seems to be revealed by the last three charges: Telegram has been providing users a “cryptology tool” unauthorised by French regulators.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 94 points 2 months ago (14 children)

Well, except Telegram isn't a good tool for privacy.

There is no E2EE. Simple encryption is only available for 1:1 chats and disabled by default. Telegram doesn't disclose their encryption methods, so there is no way to verify the (in)effectiveness. Telegram is able to block channels from their end, so there is no privacy from their end either.

[–] [email protected] 11 points 2 months ago (2 children)

Well, except Telegram isn’t a good tool for privacy.

That's not the point. The hunting down on tools and their creators (and on our right to privacy) is the issue here. At least, imho.

[–] [email protected] 46 points 2 months ago* (last edited 2 months ago) (28 children)

It has nothing to do with privacy. Telegram is an old-school social network in that it doesn't even require that you register to view the content pages. It's also a social network taken to the extreme of free speech absolutism in that it doesn't mind people talking openly about every kind of crime and their use of its tools to make it easier to obtain the related services. All that with no encryption at all.

load more comments (28 replies)
[–] [email protected] 26 points 2 months ago (3 children)

I am going to quote myself here:

The issue I see with Telegram is that they retain a certain control over the content on their platform, as they have blocked channels in the past. That's unlike for example Signal, which only acts as a carrier for the encrypted data.

If they have control over what people are able to share via their platform, the relevant laws should apply, imho.

load more comments (3 replies)
load more comments (13 replies)
[–] [email protected] 36 points 2 months ago (4 children)

Telegram’s “privacy” is fully based on people trusting them not to share their data - to which Telegram has full access - with anyone. Well, apart from the optional E2EE “secret chat” option with non-standard encryption methods that can only be used for one on one conversations. If it were an actual privacy app, like Signal, they could’ve cooperated with authorities without giving away chat contents and nobody would’ve been arrested. I’m a Telegram user myself and I from a usability standpoint I really like it, but let’s be realistic here: for data safety I would pick another option.

load more comments (4 replies)
[–] [email protected] 34 points 2 months ago (6 children)

The crime is not responding to authorities when obviously illegal content such as CSAM is posted. Don't let the right try to spin this as a free speech thing. It's not.

[–] [email protected] 16 points 2 months ago (5 children)

Other encrypted platforms: we have no data so we can't turn over data

Telegram: we collect it all. No you can't know who is posting child abuse content

[–] [email protected] 5 points 2 months ago (1 children)

Wait, telegram has collected it, knows about and, ultimately condones it? Or is it more of a wilful ignorance and resistance to forced compliance?

[–] [email protected] 2 points 2 months ago

It's definitely not willfully ignorance given they collect the data.

load more comments (4 replies)
[–] [email protected] 1 points 2 months ago
load more comments (4 replies)
[–] [email protected] 30 points 2 months ago (3 children)

I thought telegrams encryption was more or less non-existent? Am I missing something?

[–] [email protected] 2 points 2 months ago

It isn't secure in the least. They just have been ignoring the police world wide

[–] [email protected] 1 points 2 months ago* (last edited 2 months ago)

that’s correct - the issue here is that he has full access to the information that investigators are requesting and is simply refusing to comply with requests

this isn’t shit like a conversation you had with a friend about weed - this is CSAM and drug trafficking

[–] [email protected] 21 points 2 months ago* (last edited 2 months ago) (3 children)

It would be easy to dismiss the headline's claim because Telegram's design makes it arguably not a privacy tool in the first place.

However, it is possible that this arrest was chosen in part for that reason, with the knowledge that privacy and cryptography advocates wouldn't be so upset by the targeting of a tool that is already weak in those areas. This could be an early step in a plan to gradually normalize outlawing cryptographic tools, piece by piece. (Legislators and spy agencies have demonstrated that they want to do this, after all.) With such an approach, the people affected might not resist much until it's too late, like boiling the proverbial frog.

Watching from the sidelines, it's impossible to see the underlying motivations or where this is going. I just hope this doesn't become case law for eventual use in criminalizing solid cryptography.

load more comments (3 replies)
[–] [email protected] 13 points 2 months ago (3 children)

The world is turning bad, Telegram is not really a private app, but they have one advantage is that they fuck off all the govs that try to get datas from its users! Soon govs will forbid the encryption to watch gently in our digital life. He's not complice with these crimes, he's just proposing a tool that make communication more secure and private, but sadly some bad actors use it as a way to do bad things...

[–] [email protected] 13 points 2 months ago (1 children)

Why do they have the data in the first place?

Your communications on telegram are not encrypted by default. You can have e2e encrypted 1on1-conversations, but group chats are blown for them to do everything.

They had a hilarious argumentation where they claimed that the key to unlock your chats is stored on a different server than your chats are and therefore they cannot access it. A company that argues like they ("trust us") isn't trustworthy.

Signal has been audited over and over again by internationally respected cryptographers. They cannot decrypt your chats by design. No need for "trust us bro".

load more comments (1 replies)
[–] [email protected] 3 points 2 months ago (1 children)
[–] [email protected] 2 points 2 months ago

I remember them responding to a couple antipiracy lawsuits in... India I think? they also make an exception for ISIS-related channels. But mostly all, yes.

[–] [email protected] 2 points 2 months ago

More likely they will just dissolve as an organization. They are hated by all at this point

[–] [email protected] 10 points 2 months ago (1 children)

Chris Berg is a professor of economics at the RMIT Blockchain Innovation Hub.

[–] [email protected] 4 points 2 months ago (2 children)

Thanks, here is more information about Crikey:

Crikey is an independent Australian source for news, investigations, analysis and opinion focusing on politics, media, economics, health, international affairs, the climate, business, society and culture. We are guided by a deceptively simple, old idea: tell the truth and shame the devil.

[–] [email protected] 6 points 2 months ago

Chris Berg is a professor of economics at the RMIT Blockchain Innovation Hub.

Worthless opinion piece is worthless.

[–] [email protected] 5 points 2 months ago (1 children)

Honestly this could go to ways. I really hope people more to more secure platforms but it is possible they find something equally as problematic

load more comments (1 replies)
[–] [email protected] 5 points 2 months ago

Telegram is not a privacy tool.

I mean, if he's convicted for a privacy tool, while it's not a privacy tool, we have a bit of ambiguity.

Arguably advertising something which is not a privacy tool as one is fraud. Maybe even phishing, since TG the company has in plaintext all the chat history of its users.

And this

The meaning of that word “complicity” seems to be revealed by the last three charges: Telegram has been providing users a “cryptology tool” unauthorised by French regulators.

in non-libertarian language means something similar, that is, that something not confirmed to be a privacy tool is being provided as a privacy tool.

I am a libertarian, but in this case they are consistent, if I'm reading this correctly. They are not abusing power, they are doing exactly what they are claiming to be doing.

Also maybe I'm just tired of Telegram. It's engaging, and I have AuDHD, which means lots of energy spent, and I can't drop it completely because work, and also some small communities are available as TG channels. Would be wonderful were they to move at least to WhatsApp, but it is what it is.

Still, ability to easily create a blog (what a TG channel really is for its users) reachable without bullshit is a niche in huge demand. LJ filled that at some point, Facebook did at another, TG does now.

Something like this is desperately needed. I'd say the solution should be complementary to Signal - that is, DMs and small groups should not be its thing. Neither should be privacy of huge chats and channels - they'd be public anyway. However, anonymity with means to counter spam should, so should be metadata of user activity.

[–] [email protected] 4 points 2 months ago (4 children)

Where my piracy groups going to go now?

I'll miss their 2gb upload cap

load more comments (4 replies)
[–] [email protected] 3 points 2 months ago (2 children)

In all fairness Telegram has unencrypted user data and messages but didn't turn it over to the authorities. They also allow known criminal activity to thrive.

[–] [email protected] 3 points 2 months ago (1 children)

They also allow known criminal activity to thrive.

Most scammers I have seen are operating out of Facebook or Instagram.

load more comments (1 replies)
[–] [email protected] 1 points 2 months ago* (last edited 2 months ago) (2 children)

It is very important to mention that you mean end-to-end encryption. The data is stored encrypted when using cloud chat. Nothing (besides phone number what I know) is stored in plain text on Telegram's servers.

I am not defending Telegram. I am just stating facts.

Negative votes incoming in 3... 2... 1...

[–] [email protected] 5 points 2 months ago

It is very important to mention that you mean end-to-end encryption. The data is stored encrypted when using cloud chat.

In response, it is very important to mention that point-to-point encryption and encryption at rest are next to meaningless with respect to the chat participants' privacy. They might be relevant to the case against Durov, but they don't protect against leaks or compromised servers. Please don't rely on them for your safety.

[–] [email protected] 2 points 2 months ago

It isn't E2EE

load more comments
view more: next ›