this post was submitted on 23 Dec 2024
119 points (91.6% liked)

Technology

60455 readers
3908 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
119
Telegram Profitable for First Time After App Pays Down Debts (www.bnnbloomberg.ca)
submitted 3 weeks ago by Joker@sh.itjust.works to c/technology@lemmy.world
27 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] demesisx@infosec.pub 40 points 3 weeks ago (4 children)

“Trust me bro” style hand-rolled encryption.

[–] pgetsos@fedia.io 9 points 3 weeks ago (1 children)

The encryption is not Trust me bro. It is public and tested multiple times. For example an analysis back in 2021:

https://mtpsym.github.io/

It found somes issues in the implementation of MTProto 2.0 from the official apps, with only one of them being actually usable as an attack vector, and they were all fixed before the disclosure of the analysis. They found no issues with the encryption algorithm other than some choices that may make the implementation of it harder

[–] rikudou@lemmings.world 12 points 3 weeks ago (1 children)

The encryption that only works in one-on-one chats? The encryption that's multiple menus deep in said one-on-one chats? The encryption that no one uses because of the issues above?

[–] EngineerGaming@feddit.nl 3 points 3 weeks ago (1 children)

The encryption that is not even available outside of mobile?

[–] anzo@programming.dev -1 points 2 weeks ago (1 children)

That's actually a perk. Means the decryption key is not uploaded to telegram servers.

And, yes. The encryption all of the normies learnt to use for buying illegal goods while the prices were posted in wide open group chats. At least that's how it was working in latin america with drugs.

[–] EngineerGaming@feddit.nl 1 points 2 weeks ago* (last edited 2 weeks ago)

That's actually a perk. Means the decryption key is not uploaded to telegram servers.

You could make encryption work between multiple ends without the server having to share the keys if each device has its own key - like in Matrix, XMPP, etc. And given that Telegram can't do that, the restriction in question is still very arbitrary - in a one-to-one conversation, they just don't allow you to make your end the desktop and not the phone.

Also yes, here selling drugs over Telegram is a very big thing too and given how hard it is to use Telegram anonymously and safely - it is indeed monumentally stupid.

[–] ouch@lemmy.world 7 points 3 weeks ago

What encryption? There is no E2EE by default. It's all plaintext.

[–] lepinkainen@lemmy.world 0 points 3 weeks ago

I exclusively use it for public chats, like I did IRC.

Neither had any encryption and I have no issue with it.