sysopTelegram CEO Pavel Durov Arrested in France
General_Effort[French media] said the investigation was focused on a lack of moderators on Telegram, and that police considered that this situation allowed criminal activity to go on undeterred on the messaging app.
Europe defending its citizens against the tech giants, I’m sure.
There’s a lot of really really dark shit on telegram that’s for sure.
So does Facebook and twatter
I don’t recall CP/gore being readily available on those platforms, it gets reported/removed pretty quickly.
I do but ok
You must be searching pretty hard and grabbing them before they disappear. Especially on twitter or facebook which is mostly content from ppl you know. Eww
You're not using the right search terms?
Readily available means you don’t need to search. Y’all are on another level searching for this shit lmao.
https://www.comparitech.com/blog/vpn-privacy/child-abuse-online-statistics/
Can't claim how valid any of that info is but confirms my bias
A quick search will produce a lot reddit discussions on the topic too.
FFS we had Catholic clerky raping children and our clown society just said Mehh that's just how things be for the peasants
Then clowns like you try to down play the issue so you can cope that your team is good 🤡
The rising tide of child abuse content on social media - Comparitech
In 2023, META flagged almost 72 million pieces of content under “child nudity and sexual exploitation”. Facebook reported 56.5 million pieces of content–a 44 percent decrease from 2022’s 101 million, while Instagram reported 15.4 million pieces–a 6 percent decrease from 2022’s 16.4 million. Are we seeing a significant decline in online child sexual abuse material […]
In you head in confirms what you want, because you’re biased. You just don’t know what “readily available” means. Can’t help you there. Your entire article makes my point…
The content on telegram is there indefinitely. What youre sharing includes also reports to links of suspected activity, not the content directly.
southsamuraiYou’re young. It really was a thing. It never stayed up long, and they found ways to make it essentially instantaneous, but there was a time it was easy to find very unpleasant things on Facebook, whether you wanted to or not. Gore in specific was easy to run across at one point. CP, it was more offers to sell it.
They fixed it, and it isn’t like that now, but it was a problem in the first year or two.
Haha, young ? i wish. But go on making stuff up.
So now it’s not that it’s readily available, it’s that it was in the beginning. So everyone is allowed to let CP go in the first years of their platform? Is that what youre going with. Eww
The fuck are you smoking?
Damn, I hope there’s no upper limit to block lists
kunehoI guess he just wanna links
So you don’t see the difference between the platforms that actually has measures in place to try and prevent it and platforms that intentionally don’t have measures in place to try and prevent it?
Man, Lemmings must be even dumber than Redditors or something
If they similarly go unmoderated then action should be taken
chiisanaSafe harbour equivalent rules should apply, no? That is, the platforms should not be held liable as long as the platform does not permit for illegal activities on the platform, offer proper reporting mechanism, and documented workflows to investigate + act against reported activity.
It feels like a slippery slope to arrest people on grounds of suspicion (until proven otherwise) of lack of moderation.
Thing is, Telegram don’t do shit about it
I don’t know how they manage their platform — I don’t use it, so it’s irrelevant for me personally — was this proven anywhere in a court of law?
Telegram does moderation of political content they don’t like.
Also Telegram does have means to control whatever they want.
And sometimes they also hide certain content from select regions.
Thus - if they make such decisions, then apparently CP and such are in their interest. Maybe to collect information for blackmail by some special services (Durov went to France from Baku, and Azerbaijan is friendly with Israel, and Mossad is even suspected of being connected to Epstein operation), maybe just for profit.
Do you have any links/sources about this? I’m not saying you’re wrong, I’m just interested
No, but they do sometimes delete channels for gore and such. I remember a few Azeri channels being banned for this during/after 2020 war.
About having means - well, with server-side stored unencrypted everything it’s not a question.
About hiding channels per region by governmental requests - I’ve heard about that on Lemmy.
Where did you get that the data on the servers are not encrypted?
You are, ahem, not decrypting it when getting history and not encrypting it when uploading files. That should be sufficient.
Anyway, look at TG Desktop sources. They are crap, but in general it’s clear what happens there. At least that’s how I remember it.
Thank you, really appreciate it!
Hell yeah. I always hated Telegram, because of its countless false promises, misleading claims, bad encryption (which isn't even enabled by default) and shady background.
You haven’t read the article or the summary from the comments, have you?
That bad encryption was not cracked for now. The other one, that is used to process chats between 2 users in end to end mode, can’t be enabled by default because it assumes no history is kept and no support for group chats.
Also, the arrest doesn’t seem to be related to any of the things you mentioned. If anything it shows there are no ways for (certain) governments to affect the messenger, for now.
That bad encryption was not cracked for now.
There’s no need if you control the server.
End to end encryption was created specifically so that the server could not access the data.
So how many people use E2EE with Telegram?
And their ToS forbids alternative clients doing that. Say, using Pidgin with PGP or OTR. Since Pidgin plugins for TG and these exist, it’s not a limitation for me, but most people, again, don’t use Pidgin to chat in TG.
Alternate clients are blocked from using that functionality because they may include ability to capture data somewhere, for example taking a screenshot of a protected chat.
I meant normal E2EE, not TG’s “encrypted chats”.
And it’s not “that functionality”, it’s literally encoding messages into another layer over TG being forbidden.
There is no normal e2ee because there is no standard for implementation, especially when it comes to group chats with >2 people.
There are a few standards. OMEMO for group chats, though that, of course, requires support in the protocol itself, unlike OTR or PGP.
It doesn’t look like any of those are used by “major” messengers. Especially signal. This means “major” players prefer their own implementations, which removes the meaning from calling unused stuff a “standard”.
OMEMO is literally what’s used by Signal, but standardized separately and adopted for XMPP. You didn’t even bother to look it up apparently.
OTR is a time-honored standard. The issue is that it doesn’t work with multiple logins.
PGP is an even more time-honored standard. The issue is that keys aren’t temporary.
Also in cryptography the absolutely basic rule is to trust cryptographers, not “major players”, so what you wrote is not as smart as you think. Actually quite ignorant.
Cool. So that gives people authority to say “if it’s used by signal and is standardized then it should be used by everyone”?
No, just that it’s a real thing and whatever there is in TG is something bogus.
Something not being standardized doesn’t mean it’s bogus.
I think you are arguing against your own imagination. Something not being vetted by someone competent does mean it’s bogus in cryptography. Standardization is an unconnected subject. Most police forces over the world right now are using something standardized, but known to be utter crap.
I think you are falling for the “genius inventor” fallacy clueless normies love a lot.
TG’s E2EE is simply garbage until known otherwise. There’s no more depth to it. The reason it’s not known to be broken is that it’s not a high value target - most people don’t use “secret chats” in TG.
I think you are falling for the “genius inventor” fallacy clueless normies love a lot.
People advertising signal everywhere look like those kind of normies to me too. Doesn’t mean much.
The reason it’s not known to be broken is that it’s not a high value target - most people don’t use “secret chats” in TG.
Fair assumption. But it means you accept most people are stupid enough to not want such a feature or smart enough to not need it. Telegram user base is reported to be 900 million though.
So where am I advertising Signal?
But it means you accept most people are stupid enough to not want such a feature or smart enough to not need it. Telegram user base is reported to be 900 million though.
I didn’t get this.
The Signal protocol is the de-facto standard for E2EE, and it works just fine even in large group chats. But you refuse to accept this reality. The Signal protocol is used by so many apps, obviously Signal itself, WhatsApp, Facebook Messenger, Instagram direct messages, Google Allo (back when it existed), Google Messages (RCS), Skype, Wire and many others. MTProto is developed by Telegram, only used by telegram, not properly audited and full of flaws. No one should actually use it. And the fact that it doesn't support group chats is a design choice, because ultimately Telegram doesn't give a fuck about their users privacy or security. They have repeatedly worked with governments and worked against the interests of their users. Their funding is also pretty unclear and shady, and the entire company just appears scummy. Give me one single reason why anyone should use this trash over a proper E2EE messenger like Signal, Threema, SimpleX or Wire.
You switched the topic of the discussion. My original comment stands, as it corrects some part of your first comment.
I didn’t suggest anyone to use telegram.
They have repeatedly worked with governments and worked against the interests of their users.
Even though those allegations are arguable, I know what you mean. And those cases don’t involve compromising the actual encryption from what I understand.
Stop pretending that Telegram cares about the security of their users, because they clearly aren't, as can be seen in their shitty encryption protocol, and the fact that by default all messages are stored on their servers in plain text
So if an app doesn’t support e2ee all data is being saved in plain text suddenly. You prefer calling telegram shitty because you don’t care to actually learn what it uses. So it should be fair for me to call any other client shitty for other nonsense.
Uh you appear not to understand how encryption works? Either something is end-to-end encrypted, and the service provider doesn't have access to the encryption keys, and thus can't read the messages, or it is encrypted in transit, the keys are held by the provider and the messages are decrypted on the server. The latter is exactly what Telegram does, even though they falsely try to market it as something else.
the messages are decrypted on the server
What you said means they can be decrypted on the server. But there is no proof of that happening in the past. People got into problems not because someone uncovered their content in telegram, but because that content was effectively public from the beginning.
That bad encryption was not cracked for now
There is no encryption by default if you haven't noticed. There only the pseudo-E2EE which has been proven to have critical weaknesses: https://eprint.iacr.org/2015/1177.pdf
can't be enabled by default
Yes it can, every proper E2EE messenger works like that. Signal, Threema, hell even WhatsApp uses E2EE by default.
no support for group chats
Signal has had group chats for many years now. WhatsApp uses the same encryption protocol and it also works just fine. Stop spreading misinformation, and use Signal if you want an actual secure, end-to-end encrypted, open and transparent messenger.
has been proven to have critical weaknesses
Those are not critical, just some aspects being below some arbitrary expectational values. Also it seems there is still no proofs those vector attacks are being used at all.
Yes it can
They chose to target convenience over max security. Shoving strongest options to every user by default is agaiantt that. Reasons include: no history is being saved in this mode, and the desktop client doesn’t support it.
Signal has had group chats for many years now
Just because it was implemented by others doesn’t mean it’s a way to go for everyone. From what I understand, e2e in group chats means that there is going to be a transaction of keys between all members of the chat on adding any new member, and/or on new message, which excessively increases the burden on clients and servers in case of big active chats.
You can ask telegram to implement that, but you can’t blame it for keeping it behind some gates. Telegram got implemented e2e between 2 users before other messengers got it working in any form of group chats.
and use Signal
I’ll think about it if they ditch electron.
Also it seems there is still no proofs those vector attacks are being used at all.
Ah yes, definitely go with a messenger that has known vulnerabilities in its crappy encryption protocol, instead of one with an actual secure E2EE implementation.
no history is being saved in this mode
You can still make encrypted backups of encrypted messages, as can be seen on WhatsApp on Signal
and the desktop client doesn't support it
I don't know what you mean, both Signal and WhatsApp have managed to ship desktop clients with full E2EE support for years now. Only Telegram is too incompetent to do that.
Telegram got implemented e2e between 2 users before other messengers got it working in any form of group chats
Just stop lying. Telegram Secret Chats have been introduced in 2017, both Signal and WhatsApp have had E2EE (including for group chats!) for much longer. Signal has had (encrypted) group chats in 2014, back when it was called TextSecure: https://signal.org/blog/the-new-textsecure/
And WhatsApp followed in 2016.
I'll think about it if they ditch electron.
Are you mad that Signal is focusing on privacy and security by improving their encryption protocol, instead of wasting time on some UI garbage? This shows your priorities really well. Keep using unencrypted Telegram, for the cool stickers and convenient cloud backup, and keep in mind that Telegram can read all of your messages, as well as hand them over to governments.
The New TextSecure: Privacy Beyond SMS
Today’s release of TextSecure is the final step in the transition from a private SMS app to a private asynchronous IM app that does not depend on SMS/MMS. Using the lessons we’ve learned from the SMS environment over the past four years, we’ve developed an open protocol for asynchronous chat that...
Ah yes, definitely go with a messenger that has known vulnerabilities in its crappy encryption protocol, instead of one with an actual secure E2EE implementation.
Feel free to go any way you want. I’m not asking you to use telegram.
You can still make encrypted backups
Spend time for that, and keep them where? Maybe also need a feature to sync them between mobile and desktop?
Only Telegram is too incompetent to do that.
Not an implementation issue but a trust issue.
Just stop lying. Telegram Secret Chats have been introduced in 2017
telegram.org/evolution see October 2013.
both Signal and WhatsApp have had E2EE (including for group chats!) for much longer.
Whatsapp had them inctorudec in 2016.
Are you mad that Signal is focusing on privacy and security by improving their encryption protocol, instead of wasting time on some UI garbage?
I’m perfectly fine with that. More apps using electron means less chance for my pc to run garbage applications on a regular basis.
keep in mind that Telegram can read all of your messages, as well as hand them over to governments.
Keep in mind that any person in your secret chats can read your message, copy or screenshot it and hand it to anyone else. Those people know much better if you’re doing anything sketchy (or something actually good but against their beliefs), than an app developer.
ikiddI don’t use Telegram because I don’t think it’s secure, but this is still bullshit.
Yea, no way I’m giving them my number
You don’t have to, you can use telegram with username only
wazoobonkerbrainWhat do you use?