“Telegram is not a private messenger. There’s nothing private about it. It’s the opposite. It’s a cloud messenger where every message you’ve ever sent or received is in plain text in a database that Telegram the organization controls and has access to it”
“It’s like a Russian oligarch starting an unencrypted version of WhatsApp, a pixel for pixel clone of WhatsApp. That should be kind of a difficult brand to operate. Somehow, they’ve done a really amazing job of convincing the whole world that this is an encrypted messaging app and that the founder is some kind of Russian dissident, even though he goes there once a month, the whole team lives in Russia, and their families are there.”
" What happened in France is they just chose not to respond to the subpoena. So that’s in violation of the law. And, he gets arrested in France, right? And everyone’s like, oh, France. But I think the key point is they have the data, like they can respond to the subpoenas where as Signal, for instance, doesn’t have access to the data and couldn’t respond to that same request. To me it’s very obvious that Russia would’ve had a much less polite version of that conversation with Pavel Durov and the telegram team before this moment"
Why are they sitting in a sauna?
When you build a backdoor into your “encrypted messenger” its just a surveillance app
All these apps owned by corporations are just black boxes where you send information and nobody knows for certain what they do with it.
Best case, they parse it, cross it with other data and make it profitable (for them, not for you).
Worst case… Who knows…
Obviously she’s biased towards Signal.
Even though Telegram isn’t the best platform for anything sensitive, but it still somehow hosts a shit ton of leaked data (don’t ask me how I found out), CP and other illegal stuff.
SimpleX is the most private of the big three. No phone number or account needed. Able to self host.
Why did they do it to themselves to name it after the herpes virus tho?
Pardon my French but what the fuck is SimpleX?
The answer is Simple!..
X
Dude for the first 15s I thought this is porn
Raising money for Signal with OnlyFans
its the sauna
How I hate that saunas are associated with porn and sex. It’s not supposed to be sexual and more importantly it’s an awful, just terrible place to have sex
I don’t know man, those benches are nice for a variety of positions. Plus, you are already naked…
Just trust me on this one, 80’C+ room just isn’t the place for that sort of exercise. And it’s not like your heart rate isn’t up already lol. It’s a terrible experience
Why is this interview happening inside a sauna?
Somehow all these years I thought that Marlinspike is either Swedish or Finnish, so the sauna would be on brand.
She likes putting guests on the hot seat.
If you watch the video - its explained starting at 1:13, Moxie built it himself: https://www.youtube.com/watch?v=cPRi7mAGp7I
That’s fucking awesome
Why is this interview happening inside a sauna?
It’s his personal sauna. He built it himself.
Why did he invite the hot reporter chick to his sauna? would be the follow-up question…
It’s a sauna on a boat. She’s out in the middle of nowhere with some dude she barely knows. You know, she looks around and what does she see? Nothin’ but open ocean.
Because of the implication…
it’s the D.E.N.N.I.S. system working
If I had a personal sauna, I’d invite everyone. But I’m not from puritan central (USA) so that might be a foreign concept to some readers.
You answered yourself.
Right? If they’re just chatting this should be happening in a jacuzzi with nice glasses of milk 🍼 👍
Why not? I thought it was een interesting choice ;-P
Like in a sauna you should be completely exposed or something
They say the trick to public speaking is to picture the audience naked, but I actually prefer to do my interviews in a sauna so the audience pictures me naked.
No one I know uses it for secure chat per se
They use it for piracy, group chats, channels, stickers and other cool stuff it offers
I used it for my family chat, which I naively thought was private. I moved the fam to signal last year
I was using it because the API was easy and it didn’t have a problem sending images from my back door camera to my cellphone.
At some point, it got REALLY slow at sending, so I moved to NTFY
So what? Her app is also probably selling data too, and it it isn’t it will be sold any day now
Remember how Telegram said they would stop providing Chinese authorities with user data during the Hong Kong protests. Implying that they were doing it at some stage.
Also remember how the FBI have said in several leaked documents they hate signal because the only data they get is when the user signed up and the last time they were online, nothing else.
Which app would you rather use?
Remember when they arrested the creator of Telegram and forced him to hand over chat logs? Yeah, nothing to see here 🙈
Random mention of Matrix because I feel i should
Nothing federated is private, mind. Even with E2EE on in private rooms for specific messages, Matrix still relies on a constant information feed during use that can be used to deduce who is messaging whom and when, even if the content of the message itself is encrypted.
What, are you talking about? “Information feed”? Where? By whom?
E2E encrypted messages in Matrix contain more user metadata than alternatives like SimpleX, nothing scary but a MitM is able to see origin points, destinations, and times of messages. Server to server, if you’re using E2E encryption, it relies on trust that the other server is not compromised.
And it seems Matrix.org is not the best at security disclosures: https://soatok.blog/2026/02/17/cryptographic-issues-in-matrixs-rust-library-vodozemac/#matrix-response
I agree, metadata collection and the obligatory matrix.org server are the biggest problems for privacy, but I don’t think you made that clear in your comment.
inb4 matrix fanatics say you are wrong and spreading false info
Better than American big tech chats. It may not be private but its a very good chat app. Definently the best designed one from a user interface point of view.
It’s also important to continue educating people about the fact that Signal is incredibly problematic as well, but not in the way most people think.
The issue with Signal is that your phone number is metadata. And people who think metadata is “just” data or that cross-referencing is some kind of sci-fi nonsense, are fundamentally misunderstanding how modern surveillance works.
By requiring phone numbers, Signal, despite its good encryption, inherently builds a social graph. The server operators, or anyone who gets that data, can see a map of who is talking to whom. The content is secure, but the connections are not.
Being able to map out who talks to whom is incredibly valuable. A three-letter agency can take the map of connections and overlay it with all the other data they vacuum up from other sources, such as location data, purchase histories, social media activity. If you become a “person of interest” for any reason, they instantly have your entire social circle mapped out.
Worse, the act of seeking out encrypted communication is itself a red flag. It’s a perfect filter: “Show me everyone paranoid enough to use crypto.” You’re basically raising your hand.
So, in a twisted way, Signal being a tool for private conversations, makes it a perfect machine for mapping associations and identifying targets. The fact that Signal is operated centrally with the server located in the US, and it’s being developed by people with connections to US intelligence while being constantly pushed as the best solution for private communication should give everyone a pause.
The kicker is that thanks to gag orders, companies are legally forbidden from telling you if the feds come knocking for this data. So even if Signal’s intentions are pure, we’d never know how the data it collects is being used. The potential for abuse is baked right into the phone-number requirement.
Opinion: I think painting in Signal in such negative light is more harmful in the practical sense. Having fragmented messaging towards the public that does not care about many of these aspects just makes them a lot more hesitant to change, from my perspective.
We as a community should, in my opinion, pick a “good enough” solution for the majority of the people we interact with. That in itself is a market force to show interest and demand for private solutions. Most people I know don’t have the tools or knowledge or time to understand nuances and all they’ll hear are conflicting messages.
For us more technically inclined people: hell yeah, let’s figure out the ideal model and bring it up to maturity so others can join when it’s fleshed out. E.g. when lemmy came to my attention in the reddit 3rd party app fiasco, I was really confused on how to sign up and use it. And I’m no stranger to tech.
Edit: spelling
We as a community should, in my opinion, pick a “good enough” solution for the majority of the people we interact with.
I’d probably suggest Deltachat. It’s defederated and has always on encryption, but is so incredibly simple and easy to onboard and use, and doesn’t require a phone number or even an email to use. It also works on all platforms with a single app.
There are plenty of good enough options like SimpleX Chat out there that don’t have this problem. The whole argument that people should just ignore the obvious issue with Signal is frankly weird.
Accept defects != ignore
The link is not working. Would you be so kind as to provide the article link?
By requiring phone numbers, Signal, despite its good encryption, inherently builds a social graph.
There’s no such social graph to speak of. Signal does not know who is speaking to whom.
A three-letter agency can take the map of connections
Three-letter agencies have served them legal subpoenas many many times and they never turn over anything more than the above information.
It’s a perfect filter: “Show me everyone paranoid enough to use crypto.” You’re basically raising your hand.
Filter for…what, exactly? The hundreds of millions of people who value private and secure communications?
So even if Signal’s intentions are pure, we’d never know how the data it collects is being used.
We do, because they publish them publicly.
There’s no such social graph to speak of. Signal does not know who is speaking to whom.
You have no source for that other than Signal’s “just trust us” claims.
Ah it’s this fuckin guy again. The source is the dozens of disclosures Signal posts publicly on their website with legal documentation.
You’re being blocked now, goodbye.
There’s no such social graph to speak of. Signal does not know who is speaking to whom.
The only people who know this are people operating the server. Period.
Three-letter agencies have served them legal subpoenas many many times and they never turn over anything more than the above information.
See the link I provided above.
Filter for…what, exactly? The hundreds of millions of people who value private and secure communications?
Yup, that’s precisely what it’s a filter for.
We do, because they publish them publicly.
Trust me bro is not a viable model for anybody who actually gives a shit about their privacy.
The reality of the situation is that Signal asks users for information it has no business collecting during the sign up process, and this information can be used in adversarial ways against the users. People using Signal are making a faith based judgment to trust the operators of this server.
The only people who know this are people operating the server.
We all know this, for reasons I’ve already stated.
See the link I provided above.
Your link is broken.
Yup, that’s precisely what it’s a filter for.
100M people is not a filter…
Trust me bro is not a viable model
No one said anything about that? That is not the model.
The reality of the situation is that Signal asks users for information it has no business collecting
The business is connecting users. It’s one of the reasons it is the most viable private and secure chat platform. It’s why I have a dozen connections on Signal and literally 0 on every other platform. Because you actually know who’s using it. You can have the most private and secure messaging system in the world but if you can’t use it to actually chat with anyone, then what good is it?
Apparently they don’t store contact info.
https://signal.org/blog/looking-back-as-the-world-moves-forward/
The problem is that you just have to trust them because only people who actually operate the server know what they do or do not store. Trust me bro, is not a viable security model. As a rule, you have to assume that any info an app collects, such as your phone number, can now be used in adversarial fashion against you.
And that is the problem with anything you don’t write yourself. And for anything you do write yourself: Are you smarter than the three-letter agencies?
There are plenty of chat services that aren’t centralized and hosted in the USA.
Sure… and my point is that you have to trust those services that aren’t hosted in the USA. It’s a choice you have to make. I’m not judging either way, just pointing out because what I responded to in the comment to which I replied was:
The problem is that you just have to trust them
Which is true of open source unless you read the code and can verify nothing nefarious exists; which is true if you use a service in a country you trust; which is true no matter what you’re doing.
Not all entities are deserving of the same level of trust - some are more trustworthy than others - but you are still making a decision to trust someone unless you write the code yourself or verify the code yourself.[1]
And had the capability and time to do so ↩︎
You don’t have to trust anybody when you run your own server, or you use a server that doesn’t collect information it has no business collecting.
You don’t have to trust anybody when you run your own server,
You have to trust the people that wrote the code.
or you use a server that doesn’t collect information it has no business collecting.
Again, you’re trusting the authors of the code.
Which is fine, but it’s a choice to trust them.
And the client, too.
Precisely.
And it’s worth repeating here - the level of trust needed is affected by the nature of what you might lose if that trust is broken. For non-important things, trusting a third-party company is probably fine. If you’re in a country and being found out might mean you get put to death, though, the stakes are a bit higher.
You have to trust the people that wrote the code.
There’s a big difference between having confidence in open source code that has been audited by many people, and knowing for a fact that the service collects specific information. In the former case, you can never be absolutely sure that the code is not malicious so there is always a risk, but in the latter case you know for a fact that the service is collecting inappropriate information and you have to trust that people operating the service are not using it in adversarial ways. These two scenarios are in no way equivalent.
Which is fine, but it’s a choice to trust them.
It’s a choice to trust the entire open source community around the project and all the security researchers who have been looking at the code.
Frankly, I have trouble believing that you don’t understand the difference here and are making your argument in good faith.
Frankly, I have trouble believing that you don’t understand the difference here and are making your argument in good faith.
Let’s back up to what I replied to in the first place:
You don’t have to trust anybody
I even took the time to quote that, because it’s important.
Of course there are different levels of trust. But what you said is flatly wrong and misinformation, if you want to get technical about it. Arguing in bad faith? I beg your fucking pardon, friend.
Just becuase it’s less likely to find nefarious code in open source doesn’t mean it doesn’t exist. There ahve been multiple cases of it found in open source code. Blindly trusting something because it’s open source or you host it on your own server is a very very false sense of security, especially in the context of the larger discussion, which came about in regard to what information is exposed by certain messaging clients.
It’s also a matter of the importance of what you’re doing.
I wrote a little CRUD app a while back to track me giving my cat medication. I sanitized inputs, but I left it open without a login on my server, just an obscure URL that didn’t get published anywhere. All you could do was click a button to indicate the cat had been medicated, or another button to delete the latest entry. That was plenty of security for that. If I was writing a banking app, I’d use a bit more.
So yes, in the same way as that, hosting something you use to chat with friends about whatever is one thing; trying to communicate secretly from a country where your comms might lead to being put to death is quite another. And in the latter case, it’s important to know that no matter what you use, unless you wrote it or read all the source code, you are trusting others with your life. Perhaps you feel comfortable doing that, but you should be aware of it.
So no, this is not a discussion in bad faith at all, it is valuable on multiple levels.
No need for that when self hosted open source projects exist
But again, you either read the source to confirm there’s nothing nefarious, or… you trust the programmers.
Which is not a problem, but it is a choice to trust. All I’m pointing out. :)
Well yeah everything is a choice when trust is the matter, but there is a difference between choosing a community project that can be audited by different transparent parties and choosing a private company on their own servers (even on source available projects)
Best alternative?
It really depends on your needs and what people you communicate with are willing to use. A few platforms that are notable in no particular order.
SimpleX Chat is probably the gold standard right now. It uses absolutely no user IDs such as phone numbers, no usernames, no random strings of text. Instead, it creates unique, pairwise decentralized message queues for every single contact you have. Because there is no global identity, there is no metadata connecting your conversations together.
Session is a popular Signal alternative. It doesn’t require a phone number and routes your messages through an onion-routed decentralized network that’s similar to Tor. Since your IP address is hidden and messages are bounced through multiple nodes, no single server ever knows who is talking to whom, stripping away metadata.
Jami is completely decentralized, open-source platform. It uses Distributed Hash Tables to connect users directly to one another without a central server. Notably, it supports high-quality voice and video calls.
Session is a security downgrade. It doesnt support forward secrecy which is hella important.
I really want simplexchat to evolve and get more features. If they ever make a lot of mod tools and the possibility to make giant servers with thousands with chatrooms like discord I could see it having mass appeal due to the ease of “signup”
yeah it definitely has some promise
heard SimpleX is really good, the only thing that bothers me is their vc funding model. It makes me feel a bit suspicious.
Yeah, I’m leery about anything where vcs are involved as well for obvious reasons. The tech itself does seem solid though, and it is open source. If it does start moving in a sketchy direction at least it could be forked at that point.
I like your analysis, and would love your thoughts on matrix(assuming you have ofc)
It’s better than Signal since you don’t have to disclose any personal info, but people have pointed out some issues with federation in it. Again, it’s one of those things that may or may not matter based on your use case.
That link seems dated (Nov. 2024). If anyone finds a more current critique, pls send. I also get auto-kicked from HLC simplex group, so I’m not sure what to think of them but commando’s matrix server was amazing befored abandoned
I’ve been saying this for years. Telegram is a social media app.
And WhatsApp is worse. It fails to include a libre software license text file. We do not control it. It is never secure.
Worse with an asterisk. For making contents encrypted - no, anything else - yes
It fails to include a libre software license text file.
I don’t think this really makes sense as the leading point. More like “It’s run by Meta and who knows what kind of backdoor they put in”
Yeah, it uses the signal protocol, but who’s to say they don’t have a secret member of every conversation.
I have a credible source that says they’re scanning media being sent. They have a CSAM or related department. No idea how that works but I heard it exists. Can’t find anything about it on the internet however to confirm
I think WhatsApps biggest risk is the metadata. They know every group you are in and who else is in that group. They know when messages are sent and to who. They know where you are at all times, and probably have access to your libraries as well if you didn’t specifically restrict that. It’s a huge trove of data, which one would assume is freely shared with governments on request.
I wouldn’t say it’s worse. It technically claims to have end-to-end encryption while telegram doesn’t. I wouldn’t trust it at all because it’s from Meta, but I don’t see how you can say the one at least claiming to have encryption is worse than the one that just flat out doesn’t have it.
End to end encryption is worth nothing when WhatsApp have access to the encryption key. And the fact that all photos you see on WhatsApp are saved on your phone without encryption means that it’s only encrypted when it’s sent, nowhere else.
I also have very suspicious examples of advertising linked to WhatsApp conversations.
Exactly. Meta is fine with What’sApp having E2EE, because they can still spy at the endpoints
Yes, it’s not good. We’re talking about if it is worse than telegram though. Not if it’s simply good or not.
I thought I was pretty fucking clear on that in my original comment?
pro tip: there is no such thing as a fully private app or communications channel unless you are face to face with someone and in a Cone of Silence™.
What?
WHAT?!
was hoping the reference was going to be recognized. :)
True. But there are still degrees of privacy you can achieve without going to extremes.
While that is true to a degree, it is still worthwhile to have a hierarchy of escalation about on which app or platform it is safe to say which thing and which not.
