technology

23264 readers

166 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.

founded 4 years ago

MODERATORS

[email protected]

Telegram will start moderating private chats after CEO’s arrest (archive.ph)

submitted 1 month ago by [email protected] to c/[email protected]

52 comments fedilink hide all child comments

The company has updated its FAQ page to say that private chats are no longer shielded from moderation.

Telegram has quietly removed language from its FAQ page that said private chats were protected from moderation requests. The change comes nearly two weeks after its CEO, Pavel Durov, was arrested in France for allegedly allowing “criminal activity to go on undeterred on the messaging app.”

Earlier today, Durov issued his first public statement since his arrest, promising to moderate content more on the platform, a noticeable change in tone after the company initially said he had “nothing to hide.”

“Telegram’s abrupt increase in user count to 950M caused growing pains that made it easier for criminals to abuse our platform,” he wrote in the statement shared on Thursday. “That’s why I made it my personal goal to ensure we significantly improve things in this regard. We’ve already started that process internally, and I will share more details on our progress with you very soon.”

Translation: Durov is completely compromised and will do whatever NATO tells him to do. Do not trust in the security of Telegram, which frankly was never that good to begin with. And do not trust anything else even remotely connected to the company or Durov personally.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 36 points 1 month ago (41 children)

Are private chats not end to end encrypted? They should be, so it shouldn't be possible to moderate.

If not, it sounds like the app is a complete joke.

[–] [email protected] 14 points 1 month ago (3 children)

Are private chats not end to end encrypted? They should be, so it shouldn't be possible to moderate.

Telegram has a few different chat type options:

Public, which is what it sounds like, available for groups. Server-side encryption, so Telegram (the company) can see everything.
Private, which is like an unlisted/unsearchable public group chat, same encryption limitations.
Secret, which are strictly one-on-one, and default to server-side encryption. The user can select end-to-end encryption for these on a per-chat basis. It can't be made the default.

If not, it sounds like the app is a complete joke.

Oh it always has been from a security perspective. They use a homegrown E2EE known-to-be-flawed protocol called MTProto instead of using a professionally-audited one like in Matrix.

[–] [email protected] 6 points 1 month ago* (last edited 1 month ago) (2 children)

If I were to choose one app, it would probably be Matrix due to the fact that is supports E2EE not only in private messages, but in chatrooms, and due to the fact that you can self-host it (this is a simple requirement which all these other "apps" fail). But it Matrix isn't a panacea either. From my understanding, while the cryptography is considered to be sound, the protocol itself reveals a lot of metadata. If I were going to use Matrix for ninja shit, it would absolutely not be on a publicly federated server. It would be a private, unadvertized server which only the cool kids get told about.

If it were a matter of life or death, the only thing I'd really trust is GPG and dead drops.

[–] [email protected] 5 points 1 month ago

I agree on Matrix. It's not ideal right now but it's easily better than the alternatives. I don't trust systems that can't be self-hosted.

If it were a matter of life or death, the only thing I'd really trust is GPG and dead drops.

I like the cut of your jib.

[–] [email protected] 2 points 1 month ago* (last edited 1 month ago)

For reference, the metadata leaked is: Sender id, recipient id, if the recipient saw the message, when the message was delivered, all reactions and the length of the message.

For example, this is what the server sees in an encrypted message:

type": "m.room.encrypted" "event_id": "$UE04iZS0h4U-_ZhKwPESa3ah1r6u1sURytMhU8GyVnc" "content": -{ "algorithm": "m.megolm.v1.aes-sha2" ciphertext": "AwgAErABPeRzzy2zD0X3/XYuP6Z/ GoxYVEFYafFRtrDUalTz9HnOvy+Y7v3Mb/ ucbMiyKTe74h2QdgRaHQk9JaDN5Cwq6hmHQuy5pxxnNki9 YZ4BD5mNbaWc5kL7k2+qftumwHWxdYvUTLBwz3dK6c29ik 69wcX1wyB6NReP90/2xVxHQjHH727yzLyrYuOYapTy9Esdzc HXvoIJ5AIVLSzaAEulY5YcwhHQQQF3LHNrkwZ2W0AYy77Z WzfutYGinFpqXWRTXFM65V9V7nVkmPjjOCNc+Eiz70h0zRu QQC2XXZcWhbt7rwKPeeoffaWHhmNiMOGBioBkpzlljw4" "device_id": "RYIDRJCFLQ" "sender_key": "EhlZmYo85D8ICluhCNUIk+U/ TbTzMG5oB+b7z/+w8Bs" "session_id": "j+fsgZDUu2ocbB8fLWpQlJFBNnNkGLOefZnBceTI4OE" origin_server_ts": 1725666785233 "sender": "@criticalresist8:matrix.org" "room_id": "!RsmVqNrD6NO0EJIN:genzedong.xyz" "unsigned

And after decryption, you get this:

type": "m.room.message" "content": -{ "body": "i love when dogs do that with their head" "m.mentions": - { "msgtype": "m.text

load more comments (37 replies)