No you can’t unless you have access to the phone itself. It’s impossible. You clearly have no idea what you’re talking about.
Page 47. https://odr.chalmers.se/server/api/core/bitstreams/527d7251-f7f4-4a6c-ac7b-f8253d174336/content
how often do you check encryption keys in chats? How does WebRTC relay work need to be explained?
in telegram all crypted too. and public chats, if you don’t tell me that government check servers in another contry. And I repeat my question. Why signal developer not with Durov?
UPD: and you can read messages and listen calls in any chat in signal. I explain that next to comment line. That no private. As WhatsApp for example. And if you not private with encrypted what are you secure with encrypt?
А кто его знает. Тут как ветер подует так и заблокируют. По телеграмму / ватсапу и т.д. хотя бы предупреждали телеком операторов ещё месяц назад.
Signal not good enough after check protocol.
Matrix is overkill. But I was hosted it some time ago.
So, I will check Simplex Chat. Thanks.
I don’t see how this makes it less secure than Telegram.
Telegram less secure than signal in normal chats. Key saved on server side and, technically, anyone can read all messages. That’s argument was used when men says that telegram don’t secure some time ago.
But what kind of secure you expect? Random admin in your internet provider can’t read telegram and signal messages anyway. Messengers developers can’t read signal messages in base case, but can read telegram public chats. That’s true.
But what happened if we go to next level and check telegram 1 to 1 crypto chats vs signal chats. Signal chats can read messenger developers with basic hack (add one more person in chat and collect messages on disk). Or can read FBI by law. That mean in signal, as in telegram public, all work on trust, not in cryptography. Telegram 1to1 chats only 1to1. No one can’t access to that (without change keys). And for best secure rekeing happens every 100 messages or 1 week. And one more, you can register telegram account without number and hide your IP with mtproto-proxy. That’s why Durov arrested in frist place. And after that men tell that signal more secure then telegram… An what place?
Telegrams servers are not open source. Telegram client is. If you make a back door in a messaging software, you’d want to do it server-side which means the users can’t tell if it’s backdoored as Telegram’s server’s source code is not available.
That’s why cryptography don’t trust ANY server side. For example signal server software can be don’t same as github signal server software. And that’s why alice and bob in crypto chats can check keys after handshake through server. But in signal you crypto for chat rooms with multiple clients. Can you check how much client in you chat? I don’t find how. In telegram you always know that 1to1chat only 1to1.
Alternatively; Signal’s server code is open source, so if they put a backdoor in it they’d either have to lie to their users, or publish the back door in their code.
And what problem with that?
P.S. For example system of technical means to ensure the functions of operational investigative measures installed an all mobile operators anywhere. But someone tell you something about that? No. Because that a law, not backdor.
I’m sure my government can collect any data they want if they’re determined enough
Exactly. But telegram destroy basic tracking paradigm. You can register on really fake number for example, byed thought TON coin. That’s why Durov arrested in the first place.
And that really good for drug dealers. Or for russian opposition who don’t go out from Russia.
P.S. And experts check only Crypto part, by the way. What really happening on signal servers who known. In that part telegram con’t connect anyone to 1to1 chat (but maybe can hack keys. But I cant approve that after check client source code), but signal can convert that chat to 3 persons and connect logger without problems.
Personally, I am studying the protocol. Do you have any exact data on how to hack a one-to-one crypted chat? I am ready to buy this information from you for money, if it is real.
And why? because no one do that in real? So, you see on it different if you life or your freedom depends on the messenger. No all countries looks like EU. In my Android phone self compiled linphone and self compiled telegram client. That’s my reality.
P.S. On the other hand, apple still fulfills all the requirements of the Russian authorities in the Russian store. By the way, the store works great. Why do you think that the same thing is not being done in other countries?
No no no. Tell me how Durov, or someone else get access to my one-to-one crypto chat, if I compile mtproto self from github? You white hacker? Great. Try it and if you can you will be money rewarded. 500 dollars. OK?
P.S. If you will have problem with get money from Russia as we have problems to get money from Europe, I can send you money with crypto.
That’s why I started a domain in the ru zone. I can create domain anywhere else of course. If for you the nationality of the talker somehow affects the security of third-party software, then so be it. In the end, you can always not trust my words but familiarize yourself with the protocol.
OK. Thanks for answer.
So it’s not an “open” place like telegram and with that not as attractive for advertising illicit services or products.
As telegram. If you think that some drug dealers create public chats with sell drugs, so… you are wrong. All work with darknet. In telegram all of them use only private one-by-one crypto chats.
besides that, Signal is the technically much more secure variant. No discussion about it.
If you want protect yourself for random network administrator on your network line, of course. If you want protect from anyone (government for example), of course not. Not necessarily in a bad way. Privatecrypto chats one-by-one are equally protected for the Russian opposition and for drug dealers. This is freedom of information. And that’s why Durov was arrested. and not because he can hack chats something but don’t do that. I think in really because that he can’t hack chats and don’t approve hack / insert backdoors for anyone.
an interesting assumption. how can private encrypted chats be hacked? On custom self compiled clients if you think that client have hole. I learned telegram protocol and don’t find any case. XD
Maybe the difference is that the signal developers aren’t rich people flying around the EU on private jets?
Telegram is not first durov project. Durov create VK. That is number one Russian facebook.
Maybe there’s no value in targeting the signal device because they can’t legally be expected to moderate cats they literally can not access?
Can them connect any number of users in chat? That mean that them have access in any chat. And them should follow all USA laws of course.
Maybe it’s not worth backdooring because it’s open source?
Telegram open source too. And have many open client apps. For example clients without AD API support. How much custom client apps have signal?
That’s not true. Signal stores all messages on device.
Ok. Signal win one point.
Encryption on Telegram only works in 1 on 1 chats and is turned off by default meaning no one use it.
so, I use the telegram crypto chat to get a credit card pin from my bank. do you want to do this with signal? =)
in 1 on 1
and in turn, this means that the FSB log collector is not connected in the third place. =)
P.S. Do you understand the absurdity of the situation? telegram is not safe enough, but for some reason it is preferred by drug dealers. The lives of these people literally depend on the messenger. and the European Union was so unable to cope with this that it arrested the developer for complicity.
and this does not prevent you from connecting the FBI log collector in the background. He will always be active.
I live in a country where, when crossing the border, they can request a phone for check chats, so I can roughly imagine how it works. Government has a much higher level of access. if the account is restored via SMS, this means that any FSB employee can connect your account to himself. if the conversation is not one-on-one, it means that the FSB log collector is somewhere in third place. This is the reality. I don’t understand why you think that your government collect data somehow another. may be from really bad people’s, but with same methods.
P.S. on telegram you have only one-by-one crypto chats. Protocol can’t connect anyone else.
On the other hand, Durov was arrested in Europe, but the developers of the signal somehow does not.
Well, for some unknown reason, drug dealers still choose telegram. And they don’t just have an unfounded choice, but the profit depends on the messenger. Or say you that Durov was arrested for no reason?
P.S. in Russia now testing system for ban all messengers don’t hosted in Russia. They next after youtube. Telegram too. Information from first hands. =)
Why not? Unlike whatsapp and signal, telegram private chats are not synchronized. So if you lost your phone and started a new one, the chats will not magically recover as in whatsapp. Because recover is unsecure. So the telegram is quite private.
or do you mean that encryption is not enabled by default in every chat? This is not an indicator of the messenger’s privacy.
Although Tox takes them all by the head, of course.
So, that’s why they call PUBLIC chats in first place. In private chats all work exactly like in signal (DH end-to-end crypto with key verifying). But after 5 years some journalist finally read the documentation and newspapers was exploded. I known that from first day.
Telegram also honestly declares that there is no need to rely on anyone in matters of privacy. For example: We do not store customer IP, says signal developers. And how should I check it? Teleram just honestly says, “You have an mtproto proxy, build any kind of proxying chains and we won’t even theoretically know your address.” Feel the difference.
And I still don’t understand why MITM can’t just match two DH keys so that Alice and Bob’s signature checks match. But maybe I just don’t understand the cryptography chain well.
I don’t want tell that signal have bad crypto or telegram greates private messager. I say that all of that messengers have same security in private messages. Yes, signal support group private chats too, but that’s all. And if anyone can’t read docs, that not a telegram problem.