I am a little confused as to why a blockchain was necessary here? Since Telegram is a centralized platform, couldn't they just roll their own "usernames" which they already do.
Honestly. Telegram is a superb chat client, but there’s no reason for this blockchain nonsense. Let users choose a username and password like services have been doing for decades.
Sleek, fast, intuitive, and seamless across devices. From a software standpoint it’s incredible, compared to something like Discord which takes longer to launch than it takes my PC to power on and get to the desktop.
Discord is a bloated UI nightmare. There are so many awkward choices. Most annoying is that the server list is icons only. There are many servers with similar icons. Just allow me to have actual text there.
Discord straight up doesn't work on the web for me anymore. The enter key doesn't trigger anything, so I can't search or write anything. It's the most obnoxious bug I've ever witnessed.
None of these bloated apps work on the web very well anymore on Firefox I've found, even Twitter and Instagram. Especially true if you have even minor privacy settings/adblock toggled on in your browser.
I think sites like Discord just assume you'll install the app and that browser users are just boomers or the 0.1% who are more security+privacy oriented.
On iOS it’s written using a fork of Texture, formerly AsyncDisplayKit. In my experience, Texture outperforms UIKit’s auto layout and rich text widgets significantly.
Durov has been pushing a lot of blockchain nonsense over his app. I really like Telegram as a chat app, but his stunts are making me wonder whether it's still a good idea to depend so much on it.
They need to monetize. Blockchain is one way to capture value (unfortunately, the hype train has long left the station). Given Telegram's functionality (file sharing, large groups in particular), it is likely the costs are way too high.
They could just literally charge the $16 or roughly whatever it is upfront. It means nothing for them to be in a blockchain except waste of resources (ironically increasing their costs...)
> They could just literally charge the $16 or roughly whatever it is upfront. It means nothing for them to be in a blockchain except waste of resources (ironically increasing their costs...)
I don't think so. When you own a lot of crypto, and have lots of real dollars (Pavel has lots of real dollars!), you can manipulate price a little bit.
In 2019/2020 Telegram had to give investors all their money back, and the new TON project started without venture capital with a value of 0$. It's now 1.84$.
If their market makers are sophisticated enough, they will create enough liquidity grabs to sell telegram's TON bags over time for a nice sum.
I think they are aiming for creating a market + "eco system" similar to ETH.
I've been pushing people to use Element (matrix) rather than Telegram whenever possible but Telegram has that critical mass and beats Element's usability by a mile.
To extend your wish: i wish i had a ton of cash to dump into development of matrix's 3 top most client apps (including Element)...to diversify things, and to ensure they compete with each other for improved UX...and of course to speed towards a more p2p world (at least p2p for messaging). ;-)
Most of us simply charge fees for stuff to make money. I haven't had to create a bespoke distributed ledger or fabricate a currency to charge fees yet, and don't expect to.
Very sad. I loved the fact I could change my username whenever I wanted. Ideally I would want no username as well as no phone at all, just a random numeric ID like ICQ had.
I really hate being forced to invent a nickname and be hard-glued to it forever.
No, absolutely no. Private keys as a form of identity are flawed because they can't be recovered if lost and can't be revoked if leaked. In the real world, as opposed to crypto dreams, both these capabilities are not "nice to have", they are hard requirements. People lose their passwords — something they can remember — all the damn time, yet you're suggesting to use something that has to be stored as a file, but must be kept secret but at the same time stored reliably. And it's not just for authentication, it's the identity itself.
Private keys as a form of identity can't possibly work in the real world.
And how pray tell will you authenticate with this numeric user id or username in the system? Is it like social security numbers where everyone just lets you input anything?
I have no idea how SSNs work as I'm not from the US. Usually you'd have a password. The username is for identity, the password is for authentication, possibly combined with additional factors.
Because you just said people lose their passwords all the time. So then what?
Unlike private keys they can also enter them in other sites, reuse them, and get phished and much more.
But yes, private keys bad! because they are cryptography and cryptography is crypto and crypto is scams and grift and there is a whole new cargo cult we have to be in now…
Passwords can be reset. There's always a manual override. For most online accounts, you can restore your access to them from absolute zero — i.e. when you find yourself naked on the other side of the world and your house has also burned down and you also forgot all your passwords. It'd take time and it won't be an easy process, but it is ultimately doable.
But if it's a private key, you lose it an it's game over. You have to create a new identity and start over with everything that was tied to your old one. Worse yet, if you leak your private key, you can't stop other people impersonating you.
Oh is it magic? How do you authenticate yourself enough to reset a password? It’s almost like, you need something else. Such as a device that stores a private key.
Also, everything you said about resetting passwords can be done for resetting private keys too. The difference is that you don’t go around reusing it and typing it into phishing sites.
And if you think getting access to an account where you are totally butt naked and forgot the password is normal, I have a million gmail users who would love your wisdom.
Look, I get where you’re coming from. But all this can also be done with cryptography. What you’re describing has a standard called Verifiable Credentials. They can be issued by some trusted organization.
The trouble is, of course, that this organization can have corrupt employees issue the credentials to anyone if the amount of (social or moneyary) capital to be stolen is large.
And furthermore, the credentials like an identity document can be trivially copied and presented online, by anyone you ever presented it to. So can credit cards.
Identity Theft is quite common around the world since many organizations allow people to make accounts over the internet, without even notifying your phone about it.
And finally, by trusting the government with your very identity, you give them the power to encroach further on your privacy:
Since you are against relying on cryptography for authentication and instead prefer to rely on the government to supply your very identity, I suspect you wouldn’t have a problem with requiring a passport to use Facebook. But perhaps you’d have a problem with what they will do NEXT once everyone is required to collect this information from you. After all, “crypto bros” are just about ponzi schemes right?
You have to spell your ID to people so they can contact you anyway and a number is the easiest to spell aloud when communicating to people from different countries because everybody (every language) calls the same letters a different way and almost nobody cares to study proper letter names as this is the most useless knowledge about a language otherwise.
> Send a QR code or a link that can be used only once.
I most often have to spell my contact details in a voice phone call because my primary job is to communicate to live people all over the world, not to code. Believe it or not but people actually call my office desk phone regularly (although I always prefer email if possible). Even in the IT sector (let alone administrative tasks, healthcare, utilities, etc), whenever you need a rack in a datacenter, new servers or whatever you often are meant to submit your phone number on their website and then they call you. Some very big Internet and datacenter operators don't advertise any ways to contact them other than by phone, some would publish an email or a contact form but ignore you until you call them.
> Why have an identifier that any number of people can use to contact you?
Well then you are a special case different than most. You might not need the privacy we’re talking about here. You’re giving out ways to contact you that, if abused, will result in irreparable spam to that account. But it’s just part of a job you do. So that’s fine.
I don't use Telegram for anything that requires "real security", and advise against doing so. I assume that 100% of what I say in Telegram would be accessible to whatever authorities there are. I only assume that low-skill script kiddies won't be able to read my encrypted chats. I use Telegram the way I would use Facebook, or post-it notes in an office coffee point: with no expectation of real privacy.
It still covers a lot of mundane communication cases.
Clicking the link to that blockchain service informs you that it is "Not Available in the U.S." Some blockchain.
To answer your question - the point of a blockchain would be a universal and uncensorable key store the Telegram client can point back towards. The fact that Telegram is centralized is less important when messages are encrypted. It would still in theory offer a way to bootstrap connections with people that is less vulnerable to censorship than relying on a central server, but I don't know and won't speculate more on the details of the specific blockchain they are using.
They do so, you can choose almost any free username out there. Telegram wants to popularize its side blockchain project called TON (which could make an ICO, due to SEC limitations). So they decided to utilize it by making an auction for l33t usernames. Today they launched virtual sim service on the same platform (https://fragment.com/numbers), so anyone can buy virtual number and create a Telegram account.
I’m absolutely astonished that anyone trusts Telegram for their communication. Both on a technological, ownership, operational and geopolitical basis. Their “agreement” with the Russians government is beyond sketchy, they’re 100% authoritarian located/exposed and they’ve a track record of bad encryption, what am I missing?
As Russian, I can say that Telegram in Russia is the number one messenger among Russian government's oppositionists. Simply saying, if you have anti-goverment channels/chats/friends in you Telegram, before walk outside, you remove/hide them in order no to have issues if police officer stop you and ask to unlock your phone (rarely, but happens). Same for Belarus.
Many reasons why Telegram is (most probably) safe. There are a lot of black/gray area stuff here like drugs etc. That people (i don't support them) trust Telegram showing us it's secure.
And the Telegram's owner (Pavel Durov) relocated from Russia for ever due to issues with his previous project (VK) when goverment asked to show private/personal data.
I rather meant, if a significant bunch of people use this service for illegal things still being out of prison, hence you can consider this "metric" too (along with others) whether Telegram is secure. However, thre is no statistic for "being out of prison" people who used Telegram like this.
This particular surveillance and espionage tool might be far too valuable to employ it against some petty criminals. It is known that a lot of Russian dissidents and members of the opposition use Telegram - so covertly spying on them might be much more important for FSB directorate.
Regardless of encryption or authorities cooperation shenanigans, Telegram has (had?) a serious privacy issue in that your number is public by default, and even if you set it to private after the registration, it gives enough time for a state actor to siphon your phone number off your profile, by running a bot with access to SMS. Which is enough for all practical purposes.
The only real reason ex-Soviet drug users keep using Telegram is they are careless and it's popular. Another suspicion of many is that most of the drug trade in Russia is under FSB "protection", and they have no reason to kill the goose that lays golden eggs. Drug dealers only run Telegram for their clientele though, with anonymous SIMs and Tor; for more serious purposes, they and other criminals use more secure communication channels, XMPP in particular.
>the Telegram's owner (Pavel Durov) relocated from Russia for ever due to issues with his previous project (VK)
...while keeping Telegram developers in Moscow and regularly showing up there himself. (no idea whether it's still true, probably not)
I can't say with 100% confidence that Telegram itself is compromised, though, there's no clear evidence for that. Some smoke probably, but no fire, sketchy indeed.
Unfortunately, Telegram is blocked by GFW. To do so, the police office has to demonstrate how to get around it in front of me, which is pretty unlikely :)
Telegram has been used by opposition and protestors in Hong Kong, Russia, and Belarus. Where are the reports of arrests based on intercepted Telegram messages? Russian police force people on the street to show their messages, but that kind of rubber hose attack is the same for all chat apps. Are there any police investigations from democratic countries where the investigators used Telegram communication in a prosecution?
I haven't seen anyone show that Telegram uses bad encryption. I've seen plenty of people repeat the "don't make your own crypto implementation" mantra, but just like the "don't optimize prematurely" truthism it's not always true. Where's the exploits?
And then there's another reason, most communication isn't particularly sensitive. Dinner suggestions, memes, thoughts on the latest season of The Crown... I chat about the same things that I talk about on the unencrypted phone "line", or at a cafe surrounded by strangers. If Telegram turns out to be unsafe, I wouldn't have any issue with continuing using it for everyday stuff, and using a different app for secrets. Compartmentalizing is probably a good idea anyway, I use my real name on Telegram with my family.
> I haven't seen anyone show that Telegram uses bad encryption
The bigger point isn't that Telegram uses "bad encryption", it's that it isn't encrypted by default in all scenarios. This is a conscious choice they've made.
> If Telegram turns out to be unsafe, I wouldn't have any issue with continuing using it for everyday stuff, and using a different app for secrets.
Great, now every time you're talking on the "other" app the State knows you're talking about something sensitive. The point of encrypting everything is to ensure that encryption - by itself - is not a sign of illicit activity.
That wasn't by breaking the encryption, it was by court order.
> it isn't encrypted by default in all scenarios.
It is using encryption in all cases, but it's not using end to end encryption in all cases. I know plenty of people will argue that it's the same thing as no encryption, but by using encryption you then force anyone who want's to eavesdrop to go through court to get the data from Telegram, and not just listening on the same Wifi network. Saying it's unencrypted is disingenuous.
> Telegram has been used by opposition and protestors in Hong Kong, Russia, and Belarus.
How successful have those protestors been? In each case it seems like the government was always one step ahead of them and all there. So I don’t think it’s a giant leap to think they’re communications are compromised.
I don't know what instances you're referring to, but few protests happen without any spectators so maybe the fact that a protest will happen isn't a well guarded secret. Was any of the organizers compromised because of Telegram?
The FBI says they can't get message content, and only IP and phone number for convicted terrorists.
Considering the current geopolitical situation, as someone living in the EU, it's safer for me to have my data/chats leaked to the russians than to facebook (whatsapp) or google (whatever their chat app of the day is named now). I'm pretty sure our law inforcement doesn't have a direct access to private telegram data.
Can you point to the Git repo for WhatsApp, or iMessage, or Facebook Messenger? I sure can't, and don't trust any claims of backdoor-free E2E messaging until I see that.
Other than Signal, Telegram is one of the very few messengers that happens to be both E2E capable in some way, open source, and sufficiently heard of that people won't give you weird looks when you suggest downloading the app.
No objection to Signal, but mentioning that in the same breath as Telegram hurts my head.
Telegram is not end-to-end encrypted in any practical scenario (you can‘t use it on multiple devices, for example), their end-to-end encryption uses some ridiculous/scary homebrew cryptography ("with the power of 5 math PhDs and a bug bounty worth millions!!!"), and being open source doesn‘t help a bit if the service provider just gets everything in plaintext anyway by default.
I haven't looked at Telegram's blockchain thing yet, but the non-blockchain version is not very private (and the same applies to Signal).
xx Messenger (https://elixxir.io/; source https://git.xx.network/elixxir/) has very solid encryption, metadata protection and decentralized gateways. But it's less polished, blockchain-based, and has few users.
People complain about the use of blockchain in messengers, but they offer no solutions on how to address app sustainability or eliminate metadata centralization, censorship, or risk of having your data handed to the government by the organization running the network. We'll see how sustainable your centralized donation-ware is.
Btw somebody mentioned "only" 1:1 encrypted chats: who does it better?
xx Messenger can do group chats but you can't add people to a chat after the group has been created.
> People complain about the use of blockchain in messengers, but they offer no solutions on how to address app sustainability
What are you missing on Signal? The ability to sign up without a phone number would indeed be great, but other than that, they seem to be collecting effectively nothing.
> People complain about the use of blockchain in messengers, but they offer no solutions on how to address app sustainability
If this is about funding, just make it paid/freemium! Effectively that's the same thing as launching an own token or even blockchain, just without all the complexity of launching and sustainably managing what might easily become a pyramid or Ponzi scheme and/or a security in scope of regulations.
> Btw somebody mentioned "only" 1:1 encrypted chats: who does it better?
Signal, and everything based on it (e.g. WhatsApp), Matrix, and Threema immediately come to mind, and they all don't have this weakness:
> but you can't add people to a chat after the group has been created.
Well there you go, use Signal. Telegram only has opt-in secret chats and they only work 1:1.
I'm not willing to have all of my personal communication sitting in plaintext controlled by an unprofitable company founded by Russians and located in the UAE. Even if they're not compromised, that's an incredible target for a state actor.
Two things: Telegram hit that critical mass of users early on that ensures there are enough reasons to use telegram that new users sign up and stay, and the client itself is a solidly good user experience. Contrast that with something like Element or Session where there aren't many people to talk to and the client is buggy jank and you've explained why people are still using Telegram.
You are missing the concept which made Apple successful - polished and simple UI which just works. Telegram is same. And the fact that Telegram is not really secure? Most people does not care.
How is that any different than facebook/whatsapp/etc? I can't comment on the encryption part but in a post NSA, which seems to have only worsened, trusting US publically traded companies is just as bad, russia isn't china, and for better or worse pavel seems to be an ideologue.
If you want really safe comms I don't know if any popular chat app would do the job, maybe signal? don't know much about it however.
> I’m absolutely astonished that anyone trusts Telegram for their communication
Why ? Are you russian ? Do you travel to Russia ?
A lot of people also trust WhatsApp and Signal for their communications and i'm sure that no western government will ever spy on them. I'm joking.
Just be aware that encryption is not useful when your OS provider has access to your keys.
Youre just missing the feigned shock that will be expressed when the inevitable happens. Im no RMS fan, but man if my privacy-first, open-first approach to things hasnt borne fruit year after year after year. It seems peoole often cant be arsed to care until theyre invested and the blast radius is wider. But those stickers yall.
Their offices of record were empty when check by journalists. The founder is Russian, most of the engineering team is Russian. The founder visits Russia regularly. I assume their non-resident Russian engineers visit Russia too.Most of their user base is Russian. And they have an agreement with the Russian government not to be blocked if they cooperate on combatting terrorism.
who had his billion dollar business (vk.com) stolen by the russian government, left the country and acquired cirizenship elsewhere
it's a pretty good indicator that he is not a putin's stooge
>most of the engineering team is Russian. The founder visits Russia regularly. I assume their non-resident Russian engineers visit Russia too.Most of their user base is Russian.
is Microsoft an Indian company? the CEO is Indian, half the engineers are Indian, yada yada yada
>And they have an agreement with the Russian government not to be blocked if they cooperate on combatting terrorism.
I got the impression that it was just a way out for the russian government to give up on trying to block it, after they have repeatedly failed to do so
Seems reasonable considering that the Russian government tried repeatedly to shut them down and the founder fled the country and got citizenship elsewhere. How sure are you thay they do have ties with the Russian government?
So it looks like you have to pay $16 minimum for one of these 'anonymous numbers'. How can it be anonymous if you have to purchase the TON required to bid on them, and therefore have done KYC at an exchange or used your credit card?
This seems like a pretty big leap from true username sign-in, and I really like Telegram.
'Anonymous login' seems extremely misleading in this case.
Misleading claims about privacy isn't surprising coming from Telegram, who have consistently marketed themselves as a secure messenger comparable to Signal/WhatsApp in spite of the fact that the vast majority of messages are not end-to-end encrypted.
The material difference between E2EE (where the network controls the client completely and pays lip service to reproducible builds) and encrypted traffic to the network itself: is not actually all that different in reality.
If signal wants to be seen as better; third party clients are a huge step.. Failing that: provably P2P messaging.
As it stands it's only really "better" on paper, you still have to trust the network provider.
WhatsApp pushes users to backup keys to Google Drive, so even if you haven't done that your conversation partner might have. So unless you call Google holding the private keys 'E2E encryption', then it isn't.
Signal had a bug where it sent private photos to random contacts, so it seems like that can't possibly be called safe either, if they're making junior level UI state mistakes like that (it's also not E2E encryption if the app switches one of the ends without your consent).
I mean, there's a threat model here. Some people are worried about Telegram knowing who they are, others are worried about Telegram's users knowing who they are. I can see some people being satisfied by a "pay-for-identifier" scheme. Wouldn't bother myself due to the blockchain obfuscation when it could have just been a username login.
I don't know much about crypto so maybe I'm wrong here, but can't you purchase an anonymous coin like XMR and exchange it for TON in a way that can't be traced?
Are you saying it's impossible to do anonymously, or just that it's not anonymous by default?
Right! Google in this case is, interestingly, wrong (or precisely, very misleading) in their QA:
Does Coinbase have TON?
Buy TON Token with Coinbase Wallet
TON Token is only available through Coinbase Wallet. Assets on Coinbase Wallet are not held by Coinbase.
Any exchange -> XMR -> ETH -> TON, the XMR step should provides sufficient anonymity.
My gripe is that how awkward the whole process is, especially the fact that you're locked into using Metamask to be able to transfer TON into their network via bridge.
I wonder if relatively small number of people who are able (and willing to) jump through all these hoops will stand out like a sore thumb and this in turn would actually reduce anonymity.
in many countries you cannot get a SIM card without providing an ID (or in some cases you can but you have to activate it by providing your ID information - otherwise it would be deactivated and you'll eventually lose access to your phone number)
In the UK you can buy a SIM card for 1 pound, and a 10 pound topup will activate it for 6 months, all with cash from your local garage.
It's always surprised me how they go on about encryption being the worst thing ever and we need to protect the children, while anyone can get online anonymously for 11 pounds. Also very odd how anybody can snoop on the unencrypted nationwide pager messages containing hundreds of thousands sensitive information in a steady stream, all it costs you is a 15 pound usb sdr and you can see pagers being sent to doctors on call all over the nation. Instead of solving this they spend millions on convincing you that encryption is bad, and want to prevnt you from talking to your loved ones privately.
Well you're going to use either your own IP address or a VPN to connect to Telegram, right? So what difference does it make if they see that you mined coins from the same address? It doesn't give away any additional info.
In retrospect, i.e. going back a month or six when you mined that crypto that you're now spending?
What nation states even have the capacity to collect (a lot of) metadata on all connections that happen anywhere on earth? They'd need to see you connecting to the VPN (easy), and they'd need to see the VPN server connecting to the mining pool server (hard unless you have access to a lot of backbones), and then correlate that data. Add additional VPN servers to make it harder as you wish.
I'm pretty sure we could narrow it down to a handful of states having the ability to get data from a lot of the web, so unless your beef is with one of them, you're pretty secure.
I don't understand why people don't understand this. Telegram is already full of spam. If it was possible to sign-up with just username and password, Telegram would die overnight.
I understand putting a physical cost on an account in terms of spam prevention. This is actually a really good idea because spam thrives mainly due to it costing so little.
However why the fake number? Why not ask for money directly?
The codebase is a good point, hopefully this will be fixed in the future.
Backwards compatibility probably? I think having a phone number present is built so deep in the architecture that it’s easier to add a fake number than change it overnight and wait for universal adoption of new client versions.
I would have been fine with a landline, but for some reason did not realize it was possible with Signal. Maybe call verification got implemented after I signed up...
And for the purposes of anonymity I am definitely more fine with a landline than any method that requires me to make a payment
- no big attachments for time being, but once they come (in 2 months, I hope) they'll be affordable and stored encrypted on IPFS
- no data collection of any kind
- (my guess) better privacy and security
- less polished
- optionally searchable by in-app nick or phone number, or not, in which case you get a cryptographic ID. Identity can be backed up to SFTP and restored from it
Unlike Telegram, xx Messenger app has a publisher, but the app can be installed independently (F-Droid) and there's no centralized entity that runs messaging gateways that can deliver any data about your identity or communications.
Not related to parent comment, but I see some people are bitching about the use of blockchains as if they've figured out a way for Signal or Telegram to provide for their messaging needs without selling ads or metadata.
If funding free messengers was easy and blockchain merely a distraction, Signal wouldn't have those pop-ups that reminder you to donate.
> Landline is even worse. Do they rent burner landlines?
You can try with VoIP, usually works as well.
The point is, some people seem to assume that "no-SIM" means "anonymous", but to many others "no-SIM" means just "without a need for a mobile phone/number". So it's just a question of interpretation. There are many uses for "without a mobile number" that don't have the "anonymous" requirement.
Which I can see the point of for a good app, which it is. But in terms of "anonymity for the masses" it's a hard sell when you could use Element with roughly the same features if less stability.
Yep, people aren't objecting that they don't have enough methods to give them a phone number. People are objecting to giving them a phone number at all.
There are often conflicting requirements of privacy, security, and something else...resistance to inauthentic actors, bots, spam?
Is Telegram supposed to be private? I always thought they were more security than privacy focused. Now how do you allow private and secure messaging without being overrun by every bad actor on the planet? They'd flock to the platform if there were no hurdle to account creation or ensuring authenticity.
Their "security" focus was always just branding. Telegram is about as centralized as it gets, architecturally, with the service provider trusted ultimately.
Something I missed at the first read: The "phone numbers" they sell are in the fictional +888 country calling code.
This is beyond bizarre: They are selling numeric-only identifiers (for no technical reason), looking like and clasing with a namespace they don't own, for money that they made up.
You can sign up without a SIM now, BUT it doesn't work outside the US! When there are country restrictions on username verification, it renders this 'feature' worthless.
Telegram disguises itself as an encrypted chat app, when it is actually just a regular centralized plaintext messenger that has an encryption feature that nobody uses.
Ummm, but are our raw messages being stored at their servers, in a form of encrypted data-at-rest (such that no one can get to the message on the hard drive, if stolen, powered down, or an errant process accessing them ... without a key),
... AND are the keys being kept only on the clients' side (such that keys are generated only by client-side and its keys are never sent to Telegram servers)?
> ... AND are the keys being kept only on the clients' side
Nope, and that's why I use it!
I like the fact that I can just open it on any device and have my chat history available. I like the fact that damaging my phone doesn't lose me access to my contacts or chat history.
I'm more worried about usability and UX than I am whether Ivan Kgbinov is reading my insipid chats.
Uhh, how about let me sign up with a throwaway email like a NORMAL piece of software?
Screw you, telegram. I'll stick with open-source Jitsi Meet hosted on my own Debian Virtualbox machine using DDNS and Let's Encrypt so I can give people a link to instantly be in text/E2EE voice chat with me. No software. No app. No login. No password. Just over the browser WebRTC.
Oh, you're poisoned. There's something shady about all these new "chat clients" that require so much personal crap. I tend to prefer software that allows you to host your own server - Jitsi and Jitsi Meet allow that. Jitsi has ZRTP encryption and Jitsi Meet uses WebRTC for end-to-end encryption, but I like that even if you don't want to host it yourself, you can still use it without software/logins here on their official site:
I very much doubt you could use this with an average set of friends and family no matter how hard you try. You're going to lose touch with at least half if you insist that Jitsi is the only replacement you have to offer people for a chat application and you don't reach out to them using something they can read like email or snail mail or dropping by if you live close enough. (That's why I think GP took your post for potential irony.) Kudos to you if it works for you, but it's not a serious option.
I don't have a Facebook messenger and believe me that's bad enough without also ditching Signal because eww phone number, Threema because eww nonanonymous payments, Telegram because eww no encryption, Element because it's unstable and I don't think my mom (let alone my grandma) would be able to use that UI effectively, Briar which can fundamentally not support voice calls, Jaimi which is about as stable as Windows 95 at launch when I tried it (and this wasn't an early beta, it was called Ring before iirc, it's gone through years of development), Wire which runs on USA infrastructure and isn't focusing on consumers anymore, et cetera and so on and so forth. I've actually got most of these apps and it's already hard to find common grounds when literally everyone else has Facebook's WhatsApp and they're wondering why I'm being difficult if they're not techies or privacy nuts themselves.
So people can't bookmark websites anymore? They need a stupid APP? What are they doing on the internet exactly?
I'd rather have nothing to do with weirdos who require an "app" to communicate, and I say that having been using voice chat online since Iparty. (1997)
Iparty. Battlecom. Roger Wilco. Ventrilo. Teamspeak. Skype. Mumble. Discord etc
Until recently, you could host your own server on most of these. I want to go back to that. I'm sick of relying on other people for things to be up. Jitsi Meet is great.
I don't think many people troll in voice, either, so then it doesn't make sense to say that. But this is getting quite meta. Point was that your claimed opinion is so far out there compared to typical life that I don't know if you're serious about not installing any apps for legitimate and useful purposes ever.
no sim signup? What in the fuck is that? Don't you see the way the internet is going lately?
Do you need to give a phone number or even email address to get on IRC? No. What about Ventrilo, Mumble, or Teamspeak? No. What about Skype? Yeah. Email.
Email is about as far as I go. If they want more than that (phone number etc) they can fuck off. How is that out of the ordinary? Because I'm not a cell phone newbie to the internet? I've been here for a long time and the personal information demands from all these piece of shit "services" are egregious when we have open source and self-hostable options that STILL WORK.
One step forward, two steps back. No need SIM, but you need even worse Blockchain account.
Telegram is not worth recommending to anyone until they require SIM (or some Blockchain nonsense) and all chats/calls/content is not E2EE by default, even Whatsapp is safer option, if you don't want some proper alternative like Matrix (Element, FlufflyChat), Briar, Session etc.
"Today starts a new era of privacy. You can have a Telegram account without a SIM card and log in using blockchain-powered anonymous numbers available on the Fragment platform."
My bet: the people behind Telegram got massive stakes in this cyber coin and now (ab)use their power to attract some of their users into this ecosystem. I guess the intersection of users with "advanced privacy needs" and those open to any sort of crypto scheme is significant.
"Hey here's this really useful thing you've wanted for a long time. We're tying it to our FTX-replacement to kickstart us in the race for the next leader in that space"
There's a whole bunch of russians moderators of protest channels who get raided because they think telegram is secure, while in reality it's very easy to leak your phone, which can be used to find where you are. And now they want to monetize anonymity by tying it to crypto that most people will buy with their own cards and can be traced to legal id. Think of it what you will, but personally I will not be using neither recommending anyone to use telegram.
That's why they're introducing No-SIM signup, so that they don't have to give away data that can be tracked.
IPs are a bit tricky to handle though, because they're required to be stored for session management since Telegram is cross-platform and has independent multi-device login.
The article is incredibly patronizing, while being also incredibly stupid. If the orcs were half as smart as would be needed to extract metadata from (poorly) encrypted traffic, they would just sidestep that altogether by adding a second device to the Ihor's Telegram account. That would have given them plaintext.
This low-tech "attack" would also work even better with WhatsApp and Signal (better because in Telegram secret chats don't get shared between multiple devices while in WhatsApp and Signal they obviously are - cause every chat is encrypted).
