I haven't used Telegram much. I am just curious as to security of it.
@doifeellucky, @mrosenquist, and @joshman ....what are your thoughts?
I haven't used Telegram much. I am just curious as to security of it.
@doifeellucky, @mrosenquist, and @joshman ....what are your thoughts?
Hello Joe,
much of what is written in this article here still applies to Telegram to my knowledge. Especially the leaking of metadata is apprehensive imho.
In addition to the linked article one additional comment was made:
"Update 8/31/2019: After publication of this article Telegram’s creators implemented several changes that are recognized by qualified cryptographers as a vast improvement to its encryption scheme. Since 2017, for example, the MTProto protocol has been recognized as IND-CCA secure.
Additionally, the story has be updated to clarify that Telegram does not use end-to-end encryption by default. Client-server communication is encrypted by default."
SRC comment
https://gizmodo.com/why-you-should-stop-using-telegram-right-now-1782557415
I have used telegram in the past but especially the leaking of metadata (when one is online, who is he talking too and so on) isn't to my liking at all!
Cheers!
Lucky
@doifeellucky, Muchas gracias por tu aporte, valoro tu comentario!
Ha sido un placer. (google translate helped with that tbh because I don't speak Spanish, sorry!)
Anyways, how did your account end up on the "buildawhale" blacklist?
I understand that there might be different views and opinions to what is spam/plagiarism/"low effort content"... but how did you become a target of @themarkymark?
Cheers!
Lucky
@doifeellucky I saw that too. Interesting.
I remember quite a few posts and projects getting flagged especially in the "low effort category". But with the article he has presented here I can hardly see this! It's nicely put together as far as I can tell after dropping it into "google translate". So I really would be interested in if the author knows what got him on the radar of some of the big gun curators voting him down?
Cheers!
Lucky
Thanks for the reply. Was hoping to get some of the cybersecurity experts to expand on the post.
My pleasure!
@joebrochin From a cybersecurity perspective, I would treat Telegram like any other social media platform. There is little in the way of verifying to whom you are communicating with, if they see the message (non-repudiation), or that the data you send is private in any reasonable way. It is essentially an electronic bulletin board. It can be hacked, spoofed, and manipulated by those with malicious intent (just like other online social networks). I recommend you only share what you would want to be public (even when using direct messages).
Appreciate the response. THe question was more for expanding on the post than for me. Thought I'd get it from the experts.
Any recommendations for a Telegram 'like' application where confidentiality and integrity exists?
That is tough, as Telegram basically fills the niche of an online open bulletin-board. Its very nature is to communicate without major barriers of identification, verification, or robust security of confidentiality/integrity. If you are looking to communicate confidentiality, then you need to switch to something different.
Any recommendations from a cyber security expert like yourself?
I like:
Proton Mail for a privacy email
DuckDuckGo for a privacy search engine
Signal for an instant messenger
Take a look here for a good list of many privacy tools: https://www.deepwebsiteslinks.com/best-privacy-tools/
@joebrochin, creo que @doifeellucky ha respondido tu pregunta en cuanto a la seguridad. Gracias por tomarte el tiempo y comentar.