this post was submitted on 25 Aug 2024
253 points (95.7% liked)
Technology
59588 readers
2927 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Facebook licensed Signal's encryption: https://signal.org/blog/facebook-messenger/
Yeah, the fact that FB messenger uses Signal protocol, means the encryption is better recognized than the one used in Telegram. But the lack of on-by-default or the need to drill in a few options before enabling secret chats.. I mean it’s even named the same thing as Telegram.
MTProto 2 has not been cracked. MTProto 1 had a weakness and Telegram addressed it. That was many years ago. I'm not aware that MTProto 2 has ever been cracked in all these years. Telegram's unwillingness to cooperate with governments is an additional security layer.
In my OP, I was merely referring to how FB Messenger and Telegram functions the same.
Speaking to the protocol used for encryption is a moot point… because even if MTProto 2 was better, it’s still not enabled by default in both messengers.
What's important is that it hasn't been confirmed good by actual normal cryptographers. It's science, not school debates.
No person ever instructed in security would say something this childishly asinine!
Why not?
I dunno. It's just not.
Shows like "we have a reward to crack it, nobody's done this, so we're very cool" are not sufficient.
It doesn't matter what Facebook or WhatsApp say they use, their source code is closed, you can't prove their words, meaning they don't have e2ee. You can with Signal, you can with Telegram.
Telegram needs to enable e2ee by default, cause the way it is now, you may as well not have it.