The company has updated its FAQ page to say that private chats are no longer shielded from moderation.

Telegram has quietly removed language from its FAQ page that said private chats were protected from moderation requests. The change comes nearly two weeks after its CEO, Pavel Durov, was arrested in France for allegedly allowing “criminal activity to go on undeterred on the messaging app.”

Earlier today, Durov issued his first public statement since his arrest, promising to moderate content more on the platform, a noticeable change in tone after the company initially said he had “nothing to hide.”

“Telegram’s abrupt increase in user count to 950M caused growing pains that made it easier for criminals to abuse our platform,” he wrote in the statement shared on Thursday. “That’s why I made it my personal goal to ensure we significantly improve things in this regard. We’ve already started that process internally, and I will share more details on our progress with you very soon.”

Translation: Durov is completely compromised and will do whatever NATO tells him to do. Do not trust in the security of Telegram, which frankly was never that good to begin with. And do not trust anything else even remotely connected to the company or Durov personally.

  • edge [he/him]@hexbear.net
    link
    fedilink
    English
    arrow-up
    36
    ·
    2 months ago

    Are private chats not end to end encrypted? They should be, so it shouldn’t be possible to moderate.

    If not, it sounds like the app is a complete joke.

    • Shinji_Ikari [he/him]@hexbear.net
      link
      fedilink
      English
      arrow-up
      24
      ·
      2 months ago

      They never were and never advertised as such. There’s secret chat’s that only work from the originating device to the receiving device that are e2e.

      Group chats were never encrypted because they’re convenience chats, not places to tell secrets. IE you can look back at all the history and shared files from any device you log into. You can search for a message from 2 years ago to remember something that was discussed previously.

      I’m a big telegram defender because it’s the nicest cross platform chat app to stop your parents from creating the n+1th mms group chat from their iphones, torturing all android users. It’s also not a Meta app, and doesn’t have the nerd requirements of an actual encrypted chat.

    • Onno (VK6FLAB)
      link
      fedilink
      English
      arrow-up
      23
      ·
      2 months ago

      It will be interesting to see if anyone on the payroll at Signal is subjected to the same process.

      • someone [comrade/them, they/them]@hexbear.netOP
        link
        fedilink
        English
        arrow-up
        33
        ·
        2 months ago

        I don’t trust Signal one bit. Never have. The original creator Moxie Marlinspike has been neck-deep in Silicon Valley culture for decades. During his tenure in charge of Signal’s technical development he made a lot of strange decisions. Forcing his “Mobilecoin” cryptocoin scam in the standard Signal app. Denigrating the concept of warrant canaries. Refusing to allow non-Signal-owned servers to communicate with Signal apps. Requiring that only Signal apps distributed on Google and Apple’s app stores be allowed to communicate with Signal-owned servers, etc. Requiring phone numbers for account creation. I don’t buy for a moment that he or his colleagues are pro-privacy activists.

        • Vent@lemm.ee
          link
          fedilink
          English
          arrow-up
          10
          arrow-down
          1
          ·
          2 months ago

          Mobilecoin

          It’s dumb, but it’s also not really marketed and is easy to forget that it exists even when using the app daily.

          Denigrating warrant canaries

          He consulted with lawyers and they said that removing/not updating a warrant canary would likely have the same legal consequences as violating the court order by simply announcing the subpoena. Also, a warrant canary is nearly useless even in the ideal case because it just says that they got a secret warrant, not what the subpoena was for or any other details. You wouldn’t know the exact date, what was requested, or even what country made the request. And it becomes even less useful after receiving the first secret warrant.

          Also, not all subpoenas are secret. Signal posts all government requests, including the full documents of all communication between Signal and the government, at https://signal.org/bigbrother

          And, since Signal is E2EE, they don’t have any useful data to share when they receive a warrant anyway.

          Refusing to allow non-signal servers

          Signal isn’t federated and it’s not intended to be. If you’re using a private server, you’d only be able to talk to people also on your servers. If that’s a feature you want, you can simply choose a different messaging solution. It’s a design decision, not a security flaw.

          Only allowing Google and Apple app stores

          Here’s an official apk download: https://signal.org/android/apk

          Requiring phone numbers for account creation

          Yeah, it’s kinda weird. They started as an SMS app which obviously requires a phone number and just haven’t got rid of the requirement. They added usernames and hide your phone number by default, so you can at least message others without sharing your phone number.

          In the end, phone numbers streamline signup and account management and Signal is meant as a texting replacement, not a social media/texting hybrid like Telegram or Discord, so phone numbers help the less tech-literate to use the app. As long as the encryption is sound, phone numbers don’t really add that much security risk and the point is to bring high-grade encrypted messaging to everyone, not to be an ultra-anonymous hardened messaging platform to avoid state-level targeted attacks.

          • Chronicon [comrade/them]@hexbear.net
            link
            fedilink
            English
            arrow-up
            12
            ·
            edit-2
            2 months ago

            Yeah, warrant canaries are kind of a joke. They only work if people actually check them and you think the feds are too stupid to notice (or you think the courts actually care about precedent around not compelling actions but they obviously don’t). Or I guess if the creator gets merc’ed or arrested but servers aren’t seized, but that’s not really what they’re supposed to be for.

            not to be an ultra-anonymous hardened messaging platform to avoid state-level targeted attacks.

            But this is basically how it’s presented to people in a lot of online spaces when the topic comes up, including here. As the gold standard, best you can get, currently unbreakable.

            It’s a design decision, not a security flaw.

            it’s kinda both. Not a flaw per-se, but that design decision precludes any verification that the code they are running is what they publish, and at that point what’s the point of open source? Being actively hostile to any 3rd party apps, servers, etc. is pretty suspect. In open source security transparency is paramount, IMO.

            I’m glad they finally added usernames and stuff but I don’t think we should necessarily trust it either. I use it for day to day chatting. it’s at least not getting read by advertisers which is a feature on its own. I would not use it for serious organizing

            edit: one final thing

            And, since Signal is E2EE, they don’t have any useful data to share when they receive a warrant anyway.

            Metadata is absolutely useful info, and while signal does protect metadata more than the average bear, I don’t think I’d confidently claim they have nothing to hand over if the NSA comes knocking.

            • Vent@lemm.ee
              link
              fedilink
              English
              arrow-up
              4
              arrow-down
              1
              ·
              2 months ago

              All good points!

              Not to be an ultra-hardened messafing platform to avoid state-level targeted attacks

              I think Signal likely could be used to avoid state-level hacks and to be ultra-anonymous, but in that case you’d want to take extra precautions like using a burner and, to your point about metadata, there are other ways to identify who you are than your phone number, especially if you’re an organization comprised of many people. Realistically, anyone that has a real need to protect themselves against state-level threats either has the resources available to do so properly with their own tech, or is so hopelessly outmatched that it doesn’t matter regardless.

              Imo encryption is more about being a roadblock than an impenetrable shield. Even for organizations with infinite money and technological expertise, there are easier ways to identify you and get your data than breaking even moderately good security implementations. News stories of feds getting access to Signal convos are all about getting access to a phone and simply reading the messages, not breaking encryption or setting up honeypots on Signal servers.

              It’s a design decision, not a security flaw.

              The beauty of E2EE is that you don’t need to trust the servers at all, once you verify that you’re actually connected to the person you intend to be. Doesn’t matter if the server is trying to con you, keys are generated locally and everything is signed and encrypted locally before being sent off-device. As long as you can verify that the app you’re running matches the published source code, and that the source code isn’t duping you, you should be good to go. I haven’t reviewed the Signal protocol in a few years, but I don’t believe there are any servers that require trust, like say SSL has.

              As for hostility towards 3rd party apps, it’s pretty common for orgs to want everyone to only use first-party software when interacting with their service. It’s nearly ubiquitous today. I think probably all of us on Lemmy prefer platforms that allow for 3rd party apps, but there are legitimate reasons not to and I wouldn’t say it’s a security flaw.

              I’m glad they finally added usernames and stuff but I don’t think we should necessarily trust it either… I would not use it for serious organizing

              I think this ties back to the encryption vs wrench scenario. If you’re organizing a protest, you’re screwed no matter what you use because the cops just need to join the group themselves or take someone’s phone. Self-destructing messages can prevent this, and hostility towards 3rd party apps help in that case since you can be more certain that nobody is using some shoddy implementation that ignores self-destruction or improperly deletes things.

              If you’re organizing a military operation, you shouldn’t be using civilian messaging apps full stop.

              If you’re somewhere in between like a cartel or terrorist organization, please stay off any app I use to send memes to friends.

              Metadata is absolutely useful info, and while signal does protect metadata more than the average bear, I don’t think I’d confidently claim they have nothing to hand over if the NSA comes knocking.

              100%, but it’s a hell of a lot less useful than Facebook Messenger, my grandma can set it up in 5 minutes without any trouble, I don’t have to maintain any servers, and know that it’s supported by well funded top-notch engineers that aren’t going anywhere anytime soon.

              I use it for day to day chatting. it’s at least not getting read by advertisers which is a feature on its own.

              Literally same.

              • Chronicon [comrade/them]@hexbear.net
                link
                fedilink
                English
                arrow-up
                3
                ·
                2 months ago

                Self-destructing messages can prevent this, and hostility towards 3rd party apps help in that case since you can be more certain that nobody is using some shoddy implementation that ignores self-destruction or improperly deletes things.

                Helps you with local cops for sure. But disappearing messages are also just a false sense of security IMO, there’s nothing technically stopping someone from using a modified client like that, in fact some do exist and generally work despite the hostility, and so do screenshots…

                If you’re somewhere in between like a cartel or terrorist organization, please stay off any app I use to send memes to friends.

                I mean yeah, but I don’t think this is realistic. If you offer people bulletproof un-censor-able security they’re going to take you up on it, even if you don’t like them. But signal isn’t that

                Signal like every mainstream service has some amount of control and uses it to crack down on things like spam. They likely will use that control to censor other things too in the long term. To me that’s a bad thing. If it were federated, that power and responsibility would be with the instance/homeserver, not with one centralized organization.

                The beauty of E2EE is that you don’t need to trust the servers at all, once you verify that you’re actually connected to the person you intend to be.

                This ties back to my point about metadata. There are plenty of reasons to want to trust the server, and with signal, you can’t.

                I do agree though, feds doing targeted surveillance have easier ways. The issue is more one of bulk collection, and principle.

                And frankly the whole argument about open source safety goes out the window when the source and distribution is centralized, development is done behind closed doors (not sure to what extent this is true of signal clients but it was true of the server), and updates are automatically pushed out.

                There are big advantages to the linux-distro-with-maintainers model in that regard, as those are well-versed people who track development and act as a filter between users and a malicious update.

      • Chronicon [comrade/them]@hexbear.net
        link
        fedilink
        English
        arrow-up
        26
        ·
        2 months ago

        The “hacker community” in the US which it springs from is so buddy buddy with the US security state that I don’t think a public humiliation like this will be needed. I don’t have any evidence signal is compromised, but I suspect they’ve at least picked an architecture that the security state is okay with. And it isn’t used for mass media like telegram was, it doesn’t scale like that.

        • someone [comrade/them, they/them]@hexbear.netOP
          link
          fedilink
          English
          arrow-up
          27
          ·
          2 months ago

          The “hacker community” in the US which it springs from is so buddy buddy with the US security state that I don’t think a public humiliation like this will be needed.

          My favourite funny hacker-to-fed pipeline story is Beto O’Rourke. Everyone nowadays knows him as a failed DNC puppet. But he spent much of the 1980s as a founding member of the famous hacking group Cult of the Dead Cow under the handle “PsychedelicWarlord”.

          • Chronicon [comrade/them]@hexbear.net
            link
            fedilink
            English
            arrow-up
            15
            ·
            2 months ago

            yeah that one’s pretty funny. All the prominent ones now seem to be fed-aligned too though, while actively promoting their hacker persona and supposedly anarchist-leaning politics

          • JoeByeThen [he/him, they/them]@hexbear.net
            link
            fedilink
            English
            arrow-up
            13
            ·
            2 months ago

            But he spent much of the 1980s as a founding member of the famous hacking group Cult of the Dead Cow under the handle “PsychedelicWarlord”.

            wowee

            I don’t know what to do with that information. I was such a fan of the CDC as a kid. That’s even worse than when L0pht sold out.

        • RyanGosling [none/use name]@hexbear.net
          link
          fedilink
          English
          arrow-up
          7
          ·
          2 months ago

          I believe Signal received funding from the CIA’s VC firm. These apps need to be secure enough for dissidents and spies to use, but like you said, I imagine the state is content with its security or else they would be more heavy handed.

        • peeonyou [he/him]@hexbear.net
          link
          fedilink
          English
          arrow-up
          6
          ·
          2 months ago

          the CEO of the company i work at is ex-NSA and he is always pushing everyone to use Signal so that leads me to believe it is completely compromised

    • Chronicon [comrade/them]@hexbear.net
      link
      fedilink
      English
      arrow-up
      16
      ·
      2 months ago

      If not, it sounds like the app is a complete joke.

      It is a joke and always was. Only advantage was that it wasn’t based in the US and wasn’t censorious (but they have servers there and in every other shitty spying country so dubious advantage really.)

      I’m in a bunch of chatrooms that are bridged across platforms with bots and all the worst spam always came from telegram.

      To be fair, end to end encryption, especially if you want to protect metadata as much as possible, is probably pretty hard to scale to tens of thousands of members which is common on telegram. But they already had a division between groups and channels, so idk

    • someone [comrade/them, they/them]@hexbear.netOP
      link
      fedilink
      English
      arrow-up
      14
      ·
      2 months ago

      Are private chats not end to end encrypted? They should be, so it shouldn’t be possible to moderate.

      Telegram has a few different chat type options:

      • Public, which is what it sounds like, available for groups. Server-side encryption, so Telegram (the company) can see everything.

      • Private, which is like an unlisted/unsearchable public group chat, same encryption limitations.

      • Secret, which are strictly one-on-one, and default to server-side encryption. The user can select end-to-end encryption for these on a per-chat basis. It can’t be made the default.

      If not, it sounds like the app is a complete joke.

      Oh it always has been from a security perspective. They use a homegrown E2EE known-to-be-flawed protocol called MTProto instead of using a professionally-audited one like in Matrix.

      • PorkrollPosadist [he/him, they/them]@hexbear.net
        link
        fedilink
        English
        arrow-up
        6
        ·
        edit-2
        2 months ago

        If I were to choose one app, it would probably be Matrix due to the fact that is supports E2EE not only in private messages, but in chatrooms, and due to the fact that you can self-host it (this is a simple requirement which all these other “apps” fail). But it Matrix isn’t a panacea either. From my understanding, while the cryptography is considered to be sound, the protocol itself reveals a lot of metadata. If I were going to use Matrix for ninja shit, it would absolutely not be on a publicly federated server. It would be a private, unadvertized server which only the cool kids get told about.

        If it were a matter of life or death, the only thing I’d really trust is GPG and dead drops.

        • someone [comrade/them, they/them]@hexbear.netOP
          link
          fedilink
          English
          arrow-up
          5
          ·
          2 months ago

          I agree on Matrix. It’s not ideal right now but it’s easily better than the alternatives. I don’t trust systems that can’t be self-hosted.

          If it were a matter of life or death, the only thing I’d really trust is GPG and dead drops.

          I like the cut of your jib.

        • gay_king_prince_charles [she/her, he/him]@hexbear.net
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          2 months ago

          For reference, the metadata leaked is: Sender id, recipient id, if the recipient saw the message, when the message was delivered, all reactions and the length of the message.

          For example, this is what the server sees in an encrypted message:

          type": "m.room.encrypted" "event_id": "$UE04iZS0h4U-_ZhKwPESa3ah1r6u1sURytMhU8GyVnc" "content": -{ "algorithm": "m.megolm.v1.aes-sha2" ciphertext": "AwgAErABPeRzzy2zD0X3/XYuP6Z/ GoxYVEFYafFRtrDUalTz9HnOvy+Y7v3Mb/ ucbMiyKTe74h2QdgRaHQk9JaDN5Cwq6hmHQuy5pxxnNki9 YZ4BD5mNbaWc5kL7k2+qftumwHWxdYvUTLBwz3dK6c29ik 69wcX1wyB6NReP90/2xVxHQjHH727yzLyrYuOYapTy9Esdzc HXvoIJ5AIVLSzaAEulY5YcwhHQQQF3LHNrkwZ2W0AYy77Z WzfutYGinFpqXWRTXFM65V9V7nVkmPjjOCNc+Eiz70h0zRu QQC2XXZcWhbt7rwKPeeoffaWHhmNiMOGBioBkpzlljw4" "device_id": "RYIDRJCFLQ" "sender_key": "EhlZmYo85D8ICluhCNUIk+U/ TbTzMG5oB+b7z/+w8Bs" "session_id": "j+fsgZDUu2ocbB8fLWpQlJFBNnNkGLOefZnBceTI4OE" origin_server_ts": 1725666785233 "sender": "@criticalresist8:matrix.org" "room_id": "!RsmVqNrD6NO0EJIN:genzedong.xyz" "unsigned
          

          And after decryption, you get this:

          type": "m.room.message" "content": -{ "body": "i love when dogs do that with their head" "m.mentions": - { "msgtype": "m.text
          
  • darkcalling [comrade/them, she/her]@hexbear.net
    link
    fedilink
    English
    arrow-up
    17
    ·
    2 months ago

    They’re going to plug the NSA/GCHQ/eyes into Telegram and they’re never going to leave. They’re going to start altering content, using their access to arrest anti-imperialist activists, shut down anti-imperialist speech as “Russian disinfo” or whatever, etc, etc.

    If you for some reason use Telegram for organizing, or even just for distributing anti-imperialist memes and info please move it elsewhere ASAP or at least prepare and spread info about a backup elsewhere.

    Unfortunately this may proceed a very harsh cut-off of info from Russian sources as this was the last readily available in the west tool that also fully functioned in Russia. I don’t know if westerners can sign up for VK or whatever else the Russian replacement is likely to be. With their control of this they can sever a major artery of info from Russian sources (private, amateur, and government) to the west about the truth in Ukraine and elsewhere. It feels increasingly like total information control. The closing of a bubble, the removal of pesky alternative sources of info, the criminalization and harassment of RT employees and anyone else connected with a country like Russia (or China).

    And you can bet despite all this talk there will still be plenty of pedos channels on Telegram for without getting booted (they’ll bust a few of the big ones and make a big show of how this was possible thanks to the arrest and compromising Telegram then probably go back to ignoring them in favor of information manipulation, passing info on enemies to western intel for additional targeting with malware, etc). And there will probably be an increase in amounts of tolerated terrorists targeting Russia and China on the app who aren’t taken down despite requests from those countries.

    • someone [comrade/them, they/them]@hexbear.netOP
      link
      fedilink
      English
      arrow-up
      13
      ·
      2 months ago

      It feels increasingly like total information control.

      It absolutely is. And with Hexbear being hosted in France, I am deeply worried about the implications if the French government is now going this far on behalf of the Five Eyes and NATO.

  • krolden@lemmy.ml
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    2 months ago

    Also why would you ever trust a company like telegram? Its just another shitty platform owned by someone who just does it for the money.

    If you ever trusted this of anything like it then you should reevaluate everyone and everything you currently trust.

  • krolden@lemmy.ml
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    2
    ·
    2 months ago

    Isn’t telegram supposed to be encrypted? How do they plan on making an excuse for reading encrypted messages?

        • destroyamerica@lemmygrad.ml
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 months ago

          i think most people who use it got on there to try and get around censorship on mainstream social media platforms. like I know there was a splinter group of genzedong that was quite active on telegram at one point for instance.