this post was submitted on 31 Jul 2024
99 points (94.6% liked)
Open Source
31128 readers
369 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
do any of these forks support E2EE? I don't mean the OG "private chat" thingy that Telegram supports.
I mean like an add-on, the way pidgin had an OTR plugin that enabled private comms over Google's unencrypted XMPP servers.
as a consequence, that would also encrypt everything in the cloud and prevent your chat history being ingested for LLM training and whatnot.
That would require the other user to use the same app as you right? Could be interesting.
At that point why not use a different app that supports E2EE natively?
because Telegram's UI/UX is second to none; possibly iMessage or whatever it's called is close, albeit with way limited functionality. Signal and friends look like a PoC from 2015 in comparison. also the apps, on mobile and on desktop, have a low memory footprint with no bloated electron crap, the cross-device sync is phenomenal and there's the virtually unlimited cloud storage. if an addon could piggyback off of that, that would be spectacular.
however, OP's insight as to this being against ToS is obviously a deal breaker. seeing as how they're adamant about leaving all your shit unencrypted in the cloud I'm looking for other havens, begrudgingly; I've been a user from the early days.
The options are basically:
Matrix if you want a Discord-like experience
XMPP if you want a whatsapp/google talk like experience (both of those are based on XMPP)
Signal if you want hyper-secure chat and don't mind some mild inconveniences in things like registration or desktop apps.
All three support or can support E2EE.
well yeah, just a simple private/public key solution for encrypting chat and cloud. transfer your private key to a forked desktop app and access your encrypted chat history from there as well.
just basic stuff, not something for people running from nation-state actors, but to prevent LLM ingestion and mass surveilance. but OP says that's against Telegram's ToS, so no dice here.
E2EE is prohibited by Telegram's TOS (you can't make any feature that requires users to use your client to access it).
Whoa, they not only won't implement it, but will work on not letting anyone else do it. They're more shady than I thought.
They're not shady. They just don't want to lose the market share and I think if they made Telegram really secure, there'd be even more illegal stuff on it and the government wouldn't like it.
"They're not shady." Begins to describe the shady shit they do
How is it "shady" to not want to lose market share and keep illegal stuff off of it?
You could argue it's "shitty" (perhaps, but it is their servers after all) but I don't find it shady.
Market share shouldn't be a concern with encrypted chat. If it is then I don't trust it.
If you're making an encrypted chat, you're going to have illegal things on it. If only the chat owners have the keys then that shouldn't be the server owners concern.
I would strongly recommend
libaxolotl
/OMEMO over OTR, far stronger algorithm.