Attached: 1 image
404 Media reports that a bunch of cybercriminals are ditching Telegram in the wake of CEO Pavel Durov's arrest: https://www.404media.co/in-wake-of-durov-arrest-some-cybercriminals-ditch-telegram/
I've seen the same! The crew behind a one-time password stealing operation called Estate (I profiled earlier this year: https://techcrunch.com/2024/05/13/cyber-criminals-stealing-one-time-passcodes-sim-swap-raiding-bank-accounts/) wiped its channel and ditched Telegram, citing the messaging app's recent moderation changes that allows anyone to report private groups.
"Telegram can't be trusted anymore," wrote the OTP bot crime crew.
Ignoring the context.
Don’t pirate over Telegram, it’s no longer safe in terms of privacy and legal safety.
This kind of confusion illustrated by Telegram users is exactly why it was the right thing to do for privacy when Signal removed support for SMS because it’s not encrypted. People still whine endlessly about it, but most users are not very savvy, and they’ll assume “this app is secure” and gleefully send compromised SMS to each other. All the warnings and UI indicators that parts of the app were less secure (or not at all in the case of SMS) would be ignored by many users, resulting in an effectively more dangerous app. Signal was smart to remove those insecure features entirely.
Yeah. You can’t offer a half-secure and half-private platform and expect your average person to be able to figure out which half is which, which leads to crazy misconceptions, misunderstandings, and ultimately just a bunch of wrong and misleading information being passed around.
I’d argue, though, that Telegram probably did this on purpose, and profited GREATLY from being obtuse and misleading.
I’m not sure, at least iMessage will add RCS. But this has the benefit to get the correct chat bubble color for Google. I’m not sure if there’ll be anything to gain for them to include Signal. Maybe the EU will force them.
E2E is not in the standard, but the Google implementation uses it.
Google added end-to-end encryption to their Messages app using the Signal Protocol as the default option for one-on-one RCS conversations starting in June 2021,[88] [89] (83] [90] In December 2022, end-to-end encryption was added to group chats in the Google Messages app for beta users and was made available to all users in August 2023.
You’re right. I’ve read somewhere that Apple plans to work with GSMA to add encryption to the official RCS standard, so this major issue hopefully gets fixed at some point.
That’s why I stopped using it. They require a phone number, phone numbers require kyc with an ID around here, and there’s just too much illegal shit on there.
It’s of course possible to get a more pseudonymous experience, but honestly, what they offer isn’t worth the hastle.
Meh, you never could trust them.
Group chats were NEVER encrypted, so I’m surprised that people are just now figuring out that if it’s not encrypted = people can read it.
If it wasn’t a 1:1 “secret chat” encrypted message, then congrats, you weren’t as opsec-y as you thought you were.
This kind of confusion illustrated by Telegram users is exactly why it was the right thing to do for privacy when Signal removed support for SMS because it’s not encrypted. People still whine endlessly about it, but most users are not very savvy, and they’ll assume “this app is secure” and gleefully send compromised SMS to each other. All the warnings and UI indicators that parts of the app were less secure (or not at all in the case of SMS) would be ignored by many users, resulting in an effectively more dangerous app. Signal was smart to remove those insecure features entirely.
Yeah. You can’t offer a half-secure and half-private platform and expect your average person to be able to figure out which half is which, which leads to crazy misconceptions, misunderstandings, and ultimately just a bunch of wrong and misleading information being passed around.
I’d argue, though, that Telegram probably did this on purpose, and profited GREATLY from being obtuse and misleading.
I wonder if they’ll add RCS
Don’t Google hold the keys to the kingdom on that one? I see it as unlikely that Signal adds support.
At the moment, essentially.
The way Google got carrier buy-in for yet another messaging platform was to basically run it for them at no charge.
The carriers COULD run their own RCS infra, but if you’re getting the milk for free, why buy the cow?
I’m not sure, at least iMessage will add RCS. But this has the benefit to get the correct chat bubble color for Google. I’m not sure if there’ll be anything to gain for them to include Signal. Maybe the EU will force them.
RCS isn’t E2E, and it doesn’t minimize metadata.
Moxie Marlinspike has been strongly against federation in Signal because of how it makes avoiding metadata almost impossible.
I’d say there’s basically zero chances Signal will add RCS.
E2E is not in the standard, but the Google implementation uses it.
Source: https://en.wikipedia.org/wiki/Rich_Communication_Services
You’re right. I’ve read somewhere that Apple plans to work with GSMA to add encryption to the official RCS standard, so this major issue hopefully gets fixed at some point.
That’s why I stopped using it. They require a phone number, phone numbers require kyc with an ID around here, and there’s just too much illegal shit on there.
It’s of course possible to get a more pseudonymous experience, but honestly, what they offer isn’t worth the hastle.