It was a many months transition, and it’s finally done

Fun thing, you can actually make a backup of all* your messages, groups, contacts, etc. So before leaving you can have all of your data in case you need that one contact or something

The final red flag was as that allegedly Russian authorities were messing with people’s deleted messages. Not for the first time there are news that they could read, modify, delete, see location, and etc. Screw it, this is unsafe, I’m out.

Also, these days telegram is really at the state of a pile of garbage, bloated, buggy, and shady messenger.

  • BearOfaTime@lemm.ee
    link
    fedilink
    arrow-up
    8
    arrow-down
    3
    ·
    edit-2
    9 months ago

    There have been rumors from its start. I have no idea of their validity. Like anything, it’s hard to find the truth.

    As for its encryption, while I dislike it’s not open source, and it’s deserving of some criticism, there have been no reported cracks of it that I’m aware.

    That said, it seems to store your public private key on the server (though I’m not sure of this), which is not ideal, for sure.

    • LWD@lemm.ee
      link
      fedilink
      arrow-up
      8
      arrow-down
      2
      ·
      9 months ago

      The “no reported cracks” thing is a red herring. You can make an intentionally broken cryptography system and claim it’s unbroken too.

      And even if it was sound, it doesn’t really matter because the messages are decrypted by the server for all desktop and group chats, and probably most one-on-one chats too.

    • Natanael@slrpnk.net
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      9 months ago

      There has been multiple breaks, like the good old 2^64 bruteforce attack when they used too short session identifiers, malleability issues that could let the server/hackers change your messages, reordering attacks, etc.

    • ricecake@sh.itjust.works
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      9 months ago

      What the issue with them storing the public key?

      Aside from not storing anything you don’t absolutely need to store, there shouldn’t be an issue there.