this post was submitted on 26 Jun 2023
634 points (100.0% liked)

Technology

37739 readers
686 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

An official FBI document dated January 2021, obtained by the American association "Property of People" through the Freedom of Information Act.

This document summarizes the possibilities for legal access to data from nine instant messaging services: iMessage, Line, Signal, Telegram, Threema, Viber, WeChat, WhatsApp and Wickr. For each software, different judicial methods are explored, such as subpoena, search warrant, active collection of communications metadata ("Pen Register") or connection data retention law ("18 USC§2703"). Here, in essence, is the information the FBI says it can retrieve:

  • Apple iMessage: basic subscriber data; in the case of an iPhone user, investigators may be able to get their hands on message content if the user uses iCloud to synchronize iMessage messages or to back up data on their phone.

  • Line: account data (image, username, e-mail address, phone number, Line ID, creation date, usage data, etc.); if the user has not activated end-to-end encryption, investigators can retrieve the texts of exchanges over a seven-day period, but not other data (audio, video, images, location).

  • Signal: date and time of account creation and date of last connection.

  • Telegram: IP address and phone number for investigations into confirmed terrorists, otherwise nothing.

  • Threema: cryptographic fingerprint of phone number and e-mail address, push service tokens if used, public key, account creation date, last connection date.

  • Viber: account data and IP address used to create the account; investigators can also access message history (date, time, source, destination).

  • WeChat: basic data such as name, phone number, e-mail and IP address, but only for non-Chinese users.

  • WhatsApp: the targeted person's basic data, address book and contacts who have the targeted person in their address book; it is possible to collect message metadata in real time ("Pen Register"); message content can be retrieved via iCloud backups.

  • Wickr: Date and time of account creation, types of terminal on which the application is installed, date of last connection, number of messages exchanged, external identifiers associated with the account (e-mail addresses, telephone numbers), avatar image, data linked to adding or deleting.

TL;DR Signal is the messaging system that provides the least information to investigators.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 9 points 1 year ago (2 children)

Telegram states at their site that: "To this day, we have disclosed 0 bytes of user data to third parties, including governments."

But according to Spiegel this is false. I don't know German, I read the article using google translate, correct me if I'm wrong.

Here is a quote from the article: "Contrary to what has been publicly stated so far, the operators of the messenger app Telegram have released user data to the Federal Criminal Police Office (BKA) in several cases."

If this is true, the fact that they are lying is very worrying...

[–] [email protected] 2 points 1 year ago (1 children)

0 bytes of user data meaning message content, I suppose.

[–] [email protected] 3 points 1 year ago (1 children)

I don't think this is what they mean. If you read the whole paragraph they also talk about "[...]the data that is not covered by end-to-end encryption"...

It says that they have nothing to give on Secret chats, and then: "To protect the data that is not covered by end-to-end encryption[...]" ... "Thanks to this structure, we can ensure[...]" ... "To this day, we have disclosed 0 bytes of user data to third parties, including governments."

I mean, I would consider phone numbers, IPs, metadata, non-secret chats (I don't know if that's a thing, never used Telegram), to be "user data".

[–] [email protected] 3 points 1 year ago (1 children)

I agree with you here, I'm simply playing devils advocate as to how Telegram can get away with this claim. I trust secret chats on Telegram and use them with my more... spicy acquaintances.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

Ahhhh, that's why furries use Telegram!

[–] [email protected] 1 points 1 year ago

I distinctly remember Telegram having given a phone number and account creation date for someone to a government, they didn't have anything else to provide allegedly.