from JustMarkov@lemmy.ml to privacy@lemmy.ml on 25 Aug 07:11
https://lemmy.ml/post/19546230
(Cross-posted from: lemmy.dbzer0.com/post/26559848/)
Some significant news for Telegram users!
See this article for some interesting backstory context on Pavel Durov and Telegram: spiegel.de/…/the-telegram-billionaire-and-his-dar…
Since the post article is in French, here’s an auto-translation:
Pavel Durov, the founder and CEO of the encrypted messaging service Telegram, was arrested around 8 p.m. on Saturday evening as he got off his private jet on the tarmac of Le Bourget airport. The 39-year-old Franco-Russian was accompanied by his bodyguard and a woman.
The arrest was carried out by the gendarmes of the GTA (Air Transport Gendarmerie). Registered in the RPF (wanted persons file), Pavel Durov came straight from Azerbaijan. He had over his head a French search warrant issued by the OFMIN of the National Directorate of the French Judicial Police, issued on the basis of a preliminary investigation.
Why was he under threat of a search warrant?
The Justice considers that the lack of moderation, cooperation with the police and the tools offered by Telegram (disposable number, cryptocurrencies, etc.) makes it complicit in drug trafficking, paedophile offences and fraud.
This search warrant ran if, and only if, Pavel Durov was on national territory. “He made a mistake tonight. We don’t know why… Was this flight just a step? In any case, he’s locked up!” a source close to the investigation told TF1/LCI. Since he knew he was persona non grata in France, Pavel Durov used to travel to the Emirates, the countries of the former USSR, South America… He travelled very little in Europe and avoided countries where Telegram is under surveillance.
And now?
Investigators from the ONAF (National Anti-Fraud Office attached to the Customs Directorate) notified him and placed him in police custody. He is expected to be presented to an investigating judge this Saturday evening before a possible indictment on Sunday for a multitude of offences: terrorism, drugs, complicity, fraud, money laundering, concealment, paedophile content…
“Pavel Durov will end up in pre-trial detention, that’s for sure,” comments an investigator to TF1/LCI. “On his platform, he allowed an incalculable number of misdemeanours and crimes to be committed for which he does nothing to moderate or cooperate,” said a source close to the case.
His pre-trial detention at the end of his indictment is indeed in no doubt. Pavel Durov, a billionaire, has substantial means to flee and his guarantees of representation will hardly convince the judges.
A net with international resonance
For the investigators, this international sweep has various objectives. First, it makes it possible to kick the anthill, impress and deter the perpetrators of crimes and offences who exchange, until now, freely on Telegram. Secondly, they aim to put pressure on European countries to step up joint work to make secure messaging on terrorist cases bend.
Indeed, Telegram is a hive of criminal content. At the moment, the platform is in the news with the illegal broadcasting of Ligue 1 matches. But on this encrypted messaging service, many accounts are used by organized crime. Beyond terrorism, the most dangerous pedophiles communicate on Telegram to exchange content. “It has become for years THE number 1 platform for organized crime,” comments an investigator.
#privacy
threaded - newest
I don’t care much for the guy, but the fact he gets arrested for the service is a bad sign for private messaging in Europe.
Telegram is not private messaging.
They do support e2ee in private chats
Yes, they do, but it’s very inconvenient. You can’t access such chats on desktop, no cloud syncing…
Hey at least it exists. And don’t that features make it more vulnerable? You need to store the encryption key in the cloud to make that work conveniently.
You don’t have to store the encryption key in the cloud. Just the encrypted data. Signal does it this way.
Signal doesn’t store your encryption key in the cloud and yet it supports e2ee messaging on multiple devices including desktop.
Do we know how it does that. Signal is praised for security, but a lot of things it does feel iffy and don’t make me trust it.
Signal is open source. Go read the source or a write up describing what it does.
Unlike WhatsApp, yet people seem to trust that more lol.
Did you compile and use that on your phone or are you using the app in the app store?
You have to scan a qr code when installing an app on another device. I assume it’s a safe way to transmit the key without having it transmitted over the network.
Like what? It’s open source and has many cryptographer’s eyes on it as it’s the “golden standard” of encrypted messaging apps.
There are some red flags for me:
Molly-FOSS exists and is basically a Signal fork built by a third party that removes any non FOSS components. So there are groups of people who are building the Signal code and enhancing it.
This is a legacy requirement (Signal used to send encrypted messages via SMS) and is now primarily used for spam mitigation. This feature is unfortunately (or fortunately depending on your POV) costing them millions now, so I suspect they will eventually be forced to look to alternative spam mitigation methods as the cost to benefit ratio starts looking cheaper at spending engineer/developer time to figure out some alternative method.
If you’re referring to the expiration of the app ever ~90 days, this is security feature. It prevents people from using old/outdated and potentially insecure or unpatched versions of Signal. Secondly, you don’t need to update via the app store. There are some Signal forks (not sure if Molly is one of them) that remove this expiration, but even they will state that you should not expect the app to work forever as Signal’s always being updated and using an old client will always be liable to break as its basically not being maintained.
It requires a QR code to connect a new device which I didn’t consider convenient but I guess I was too strict on that one.
They use a custom encryption protocol and there’s been bugs that look like a backdoor.
grapheneos.social/@GrapheneOS/113020871978942265
Not activated by default. First strike. Cannot be activated in group chats. Second strike.
To add to that. Russian government was demanding to be able to access messages or will ban Telegram in the country.
Did not hear anything beyond that, but Telegram continues to operate there.
Durov was travelling to France from Azerbaijan, where he had been meeting with Putin. There’s a theory that he basically surrendered to the French authorities so as to avoid retaliation for saying no to Putin too many times.
That’s wild. Remember where you read that?
Him turning himself in for safety is pure speculation at this point, however he was due to meet with Putin in Azerbaijan, until Putin declined.
Where did you read about a meeting with Putin?
I read it on a reddit thread about this arrest story. However, looking it up Putin declined to meet with him. That still kind of fits with him turning to France for safety.
Telegram has been banned in Russia, as far as I heared.
Russia banned Telegram, everyone (incl. the government) continued to use it, Russia unbanned Telegram - that’s how it looks from here. A government official told me Telegram being unbanned was just a matter of time when it was still banned.
That’s what they say. I only trust encryption and not people.
There wasn’t any legal ban. RosCommNadzor slowed down TG like they recently did with YT (it can barely load a music track without VPN) without any court decision because they can, it went for a week or so, and then it was lifted. Nobody knows why, but there is a suspicion that TG started to cooperate with russian authorities, in a non-automatical manual manner. Some suspect it was a PR campaign to make it as popular as it is now.
It didn’t leak stuff as far as I know, that’s done by bots like Глаз Бога that accunulate all info on a person and frequently used in OSINT and deanon\bullying, but blocking popular bots and channels that are too annoying to Russia is what they do. From the top of my head: CleverVoting (Умное Голосование, УГ) channels from Navalny’s team*, channels for cooperation of protest of soldiers’ wives, separatist channels from Bashkortostan and other places. I’ve seen iranians also posted that they had their protest channels banned - and Iran and Russia banned free and popular VPNs at the same time, spoiling their cooperation.
* Durov’s public comment on that gave birth to a meme. He implied that there are just two ways: either banning it from TG or having TG banned on the whole territory of Russian Federation. As a copypasta it was transformed millions of times, and if it hasn’t lost it relevance, we could’ve probably seen a boykisser version of it.
I think it’s even more of a French thing than an EU thing. France is known for implementing censorship and stuff recently.
If you don’t care for the guy, you will nearly certainly lose privat messaging in Europe. Maybe, it’s even too late by now.
No. Pavel Durov is a nut and he is not out there saving private communication. Signal is offering the most accessible e2ee messenger right now. Telegram has questionable security on their optional e2ee chats which is also not the default.
But the people trying to save e2ee in europe are activists and politicians. Patrick Breyer has done excellent reporting on the chat control plans of the EU.
Durov is just some dude peddling his mid messenger
Wasn’t Signal revealed to have NSA backdoor or I am confusing it with something else?
I think you’re confusing it, I haven’t heard that at least but it’s possible I missed it! Though signals apps and I believe even server code are open source so this would have been tricky to accomplish.
Okay, now I’m wondering, can we actually check if servers run on this published code or modified version?
no, but the client code already guarantees e2ee
I have googled it and I just found this report here.
Doesn’t matter. In the reach of EU, some law about Chat Control. If they make this into law, no provider within the EU will have a choice in this matter.
good thing Signal is US-based. I hope it will remain possible to use their service in the EU though…
I think you and most people in this thread have been mislead by the article because of the closing remark.
But it isn’t the private stuff he is being prosecuted for though AFAIK (although it might have been reported by “traitors” within those chats).
Unlike Signal, there are public chat groups and channels and I presume these are the ones which got him into trouble for propagating illegal activity.
From another article…
terrorism, narcotic supply, fraud, money laundering, receiving stolen goods and others… he allowed an incalculable number of offenses and crimes to be committed, which he did nothing to moderate
The platform has faced issues of misinformation and hate speech, especially antisemitic speech following October 7, 2023.
So platforms are now liable for everything people post? This seems like a free pass to censorship and authoritarian control.
The platforms should be held liable when those groups can easily be accessed by anyone, and moderation would be “simple” as the conversations aren’t even encrypted. We aren’t asking for more of Telegram than Youtube or Facebook
What do you mean ‘now’? Even 4chan had to remove illegal things, this isn’t new.
In the US platforms are shielded from liability with the exception of CSAM
Just like how municipal governments are responsible for every crime that occurs in city limits!
Wait a minute
Telegram is good for citizen journalism (like what’s going on on the ground in Gaza and Ukraine), funny videos and memes, tech support, and casual conversation. Never privacy though.
Why not? Unlike whatsapp and signal, telegram private chats are not synchronized. So if you lost your phone and started a new one, the chats will not magically recover as in whatsapp. Because recover is unsecure. So the telegram is quite private.
or do you mean that encryption is not enabled by default in every chat? This is not an indicator of the messenger’s privacy.
Although Tox takes them all by the head, of course.
Russia banned Signal, but not Telegram, to make sure their citizens couldn't plan any subversive activities against the state.
That's all we needed to know for sure.
On the other hand, Durov was arrested in Europe, but the developers of the signal somehow does not.
Well, for some unknown reason, drug dealers still choose telegram. And they don’t just have an unfounded choice, but the profit depends on the messenger. Or say you that Durov was arrested for no reason?
P.S. in Russia now testing system for ban all messengers don’t hosted in Russia. They next after youtube. Telegram too. Information from first hands. =)
Maybe the difference is that the signal developers aren’t rich people flying around the EU on private jets? Maybe there’s no value in targeting the signal devs because they can’t legally be expected to moderate chats they literally can not access? Maybe it’s not worth backdooring because it’s open source?
Telegram is not first durov project. Durov create VK. That is number one Russian facebook.
Can them connect any number of users in chat? That mean that them have access in any chat. And them should follow all USA laws of course.
Telegram open source too. And have many open client apps. For example clients without AD API support. How much custom client apps have signal?
Telegram's servers are not open source. Telegram's client is. If you make a back door in a messaging software, you'd want to do it server-side which means the users can't tell if it's backdoored as Telegram's server's source code is not available.
Alternatively; Signal's server code is open source, so if they put a back door in it they'd either have to lie to their users, or publish the back door in their code.
That’s why cryptography don’t trust ANY server side. For example signal server software can be don’t same as github signal server software. And that’s why alice and bob in crypto chats can check keys after handshake through server. But in signal you crypto for chat rooms with multiple clients. Can you check how much client in you chat? I don’t find how. In telegram you always know that 1to1chat only 1to1.
And what problem with that?
P.S. For example system of technical means to ensure the functions of operational investigative measures installed an all mobile operators anywhere. But someone tell you something about that? No. Because that a law, not backdor.
Signal doesn't backfill your messages though, it just sends the new messages to both devices. I don't see how this makes it less secure than Telegram.
Telegram less secure than signal in normal chats. Key saved on server side and, technically, anyone can read all messages. That’s argument was used when men says that telegram don’t secure some time ago.
But what kind of secure you expect? Random admin in your internet provider can’t read telegram and signal messages anyway. Messengers developers can’t read signal messages in base case, but can read telegram public chats. That’s true.
But what happened if we go to next level and check telegram 1 to 1 crypto chats vs signal chats. Signal chats can read messenger developers with basic hack (add one more person in chat and collect messages on disk). Or can read FBI by law. That mean in signal, as in telegram public, all work on trust, not in cryptography. Telegram 1to1 chats only 1to1. No one can’t access to that (without change keys). And for best secure rekeing happens every 100 messages or 1 week. And one more, you can register telegram account without number and hide your IP with mtproto-proxy. That’s why Durov arrested in frist place. And after that men tell that signal more secure then telegram… An what place?
How exactly do you think that would work? To add a new recipient the client needs to explicitly encrypt messages with a key available to that recipient. What command in the Signal protocol would trigger that action without first establishing trust in the recipient? (FYI when adding a new device, there is a key-exchange and verification process, which requires access to some other device with keys already on it).
Not "somehow". The authorities know Telegram can indeed backdoor their service, since they know it already is. They also know Signal cannot.
Thus, since Telegram can but refuses, he gets arrested.
an interesting assumption. how can private encrypted chats be hacked? On custom self compiled clients if you think that client have hole. I learned telegram protocol and don’t find any case. XD
Your .ru domain makes your comments in this discussion meritless.
...
That’s why I started a domain in the ru zone. I can create domain anywhere else of course. If for you the nationality of the talker somehow affects the security of third-party software, then so be it. In the end, you can always not trust my words but familiarize yourself with the protocol.
Yeah I am a cryptographer, reverse engineer and (whitehat) hacker. I'm also well versed in the russian influence operations having run rampant in the west for a bit more than a decade.
The Telegram-supporters are out in force right now specifically to make sure people keep using Telegram, believing it to be secure. Russia has already made used of their backdoors against Ukraine in the war.
Russia banning Signal now was a huge blunder, since that proves there's nothing in Telegram they don't have access to, having allowed it to keep operating.
No no no. Tell me how Durov, or someone else get access to my one-to-one crypto chat, if I compile mtproto self from github? You white hacker? Great. Try it and if you can you will be money rewarded. 500 dollars. OK?
P.S. If you will have problem with get money from Russia as we have problems to get money from Europe, I can send you money with crypto.
You didn't understand why I quoted that part the first time around. Let's try it again.
And why? because no one do that in real? So, you see on it different if you life or your freedom depends on the messenger. No all countries looks like EU. In my Android phone self compiled linphone and self compiled telegram client. That’s my reality.
P.S. On the other hand, apple still fulfills all the requirements of the Russian authorities in the Russian store. By the way, the store works great. Why do you think that the same thing is not being done in other countries?
@nitrolife @troed
What made you think Telegram was secure in the first place?
Personally, I am studying the protocol. Do you have any exact data on how to hack a one-to-one crypted chat? I am ready to buy this information from you for money, if it is real.
As a separate statement: they can’t (probably).
In context of the discussion: they don’t need to, because secret chats are so inconvenient and fussy that they are seldom used. There is a lot of crime happening in public groups/channels, in “private” groups chats that can not be encrypted, or in 1-on-1’s that are not secret. Telegram has the ability to stop all of that with just some moderation, or turn messages over to the authorities, but they don’t. Which is precisely why Durov is in custody right now. If he actually made a messenger with good, convenient end-to-end encryption, he would be in the same situation with Signal authors, who have perfect deniability since they can’t read anything their users have sent up until this point.
The main draw of telegram is not that it is secure it’s that it’s basically unmoderated. As a Russian I’ve had nothing but bad experiences with government censorship (dissent being equated to extremism and treason, LGBT advocacy equated to pedophilia) and it leads me to be deeply distrustful of the concept in a way similar to first amendment fanatics in the US (the first amendment is one of the uniquely good things about america you can’t get in other “civilized” “western” countries). I suspect durov might have similar sentiments (though ofc I don’t condone all the bad shit posted in the network and would prefer if it was moderated).
Still, whatever its faults, Telegram is the last remaining open social network in Russia where you can write whatever you like to a large audience and the government won’t be able to remove it. They censored and blocked pretty much all the other ones.
Signal doesn’t provide such open and easily found chat rooms.
It’s really much more a messenger (with group chats, but those you have to manually set up)
So it’s not an “open” place like telegram and with that not as attractive for advertising illicit services or products.
besides that, Signal is the technically much more secure variant. No discussion about it.
As telegram. If you think that some drug dealers create public chats with sell drugs, so… you are wrong. All work with darknet. In telegram all of them use only private one-by-one crypto chats.
If you want protect yourself for random network administrator on your network line, of course. If you want protect from anyone (government for example), of course not. Not necessarily in a bad way. Privatecrypto chats one-by-one are equally protected for the Russian opposition and for drug dealers. This is freedom of information. And that’s why Durov was arrested. and not because he can hack chats something but don’t do that. I think in really because that he can’t hack chats and don’t approve hack / insert backdoors for anyone.
Bullshit.
Telegram and Signal both use TLS. They are identically secure from transport-level attacks.
Of course yes. If you want a more private group chat, or an actually useful 1-on-1 encrypted chat that works across multiple devices, Signal is the only option (out of the two, there are way better alternatives like XMPP and Matrix). For 1 device-on-1 device E2E chats, Signal and Telegram are about the same level of security, except Telegram’s protocol sees less scrutiny from the crypto community.
LOL. I see drug ads on the street all the time. The one time I checked, it pointed to a publicly available Telegram bot.
How do you know that not 99% of drug dealers use Signal and 1% Telegram? Could very well be so. You don’t know because it’s all encrypted. That is the whole point. That is also why nobody from Signal got arrested. No law violated if you can deny all allegations.
in telegram all crypted too. and public chats, if you don’t tell me that government check servers in another contry. And I repeat my question. Why signal developer not with Durov?
UPD: and you can read messages and listen calls in any chat in signal. I explain that next to comment line. That no private. As WhatsApp for example. And if you not private with encrypted what are you secure with encrypt?
Telegram chats are not encrypted by default, only Secret chat is which is not synced to Desktop and only works on one-to-one chats, no groups.
Because almost all data is encrypted. They don’t even know who is messaging whom. How can they be charged with crimes they didn’t commit? They don’t know what their users are using the messenger for, so they can just deny everything.
No you can’t unless you have access to the phone itself. It’s impossible. You clearly have no idea what you’re talking about.
Page 47. odr.chalmers.se/server/api/core/…/content
how often do you check encryption keys in chats? How does WebRTC relay work need to be explained?
If Signal was to pull a MITM, it would have been noticeable as it requires active intervention in the protocol (it hasn’t been noticed yet), it would destroy all plausible deniability for them going forward, and it wouldn’t be possible on existing chats (once the key exchange between two parties happens, it’s impossible to do MITM). Telegram can just straight up read your messages, past, present and future, do whatever they want with them, with no way for anyone to check if that happens. It’s two different tiers of communication security.
To quote another commenter,
The KDE would need to intercept every single message from start to finish because of forward secrecy. Mass surveillance of such sort would have been noticed by now, even if only 0.01% of people check their safety number with QR code or manual confirmation.
MITM attacks on specific high-level targets would be still possible of course. But if you consider yourself a high-level target outside of mass surveillance you can just check your safety number before initiating a conversation. Because of forward secrecy, you only need to check that once!
But all of that aside, Telegram has none of these things. Telegram is straight-up unencrypted with their default chats and group chats. Telegram is absolute dogshit.
So, that’s why they call PUBLIC chats in first place. In private chats all work exactly like in signal (DH end-to-end crypto with key verifying). But after 5 years some journalist finally read the documentation and newspapers was exploded. I known that from first day.
Telegram also honestly declares that there is no need to rely on anyone in matters of privacy. For example: We do not store customer IP, says signal developers. And how should I check it? Teleram just honestly says, “You have an mtproto proxy, build any kind of proxying chains and we won’t even theoretically know your address.” Feel the difference.
And I still don’t understand why MITM can’t just match two DH keys so that Alice and Bob’s signature checks match. But maybe I just don’t understand the cryptography chain well.
I don’t want tell that signal have bad crypto or telegram greates private messager. I say that all of that messengers have same security in private messages. Yes, signal support group private chats too, but that’s all. And if anyone can’t read docs, that not a telegram problem.
оо рекабушники в эфире. Реддит ещё там блокировать не собираются?
А кто его знает. Тут как ветер подует так и заблокируют. По телеграмму / ватсапу и т.д. хотя бы предупреждали телеком операторов ещё месяц назад.
Chats are only synchronized in Signal on actively linked devices. If you link a new device, your chat history will be completely blank at first.
and this does not prevent you from connecting the FBI log collector in the background. He will always be active.
I live in a country where, when crossing the border, they can request a phone for check chats, so I can roughly imagine how it works. Government has a much higher level of access. if the account is restored via SMS, this means that any FSB employee can connect your account to himself. if the conversation is not one-on-one, it means that the FSB log collector is somewhere in third place. This is the reality. I don’t understand why you think that your government collect data somehow another. may be from really bad people’s, but with same methods.
P.S. on telegram you have only one-by-one crypto chats. Protocol can’t connect anyone else.
Signal has been pretty throughly audited by data security experts. It’s as secure or more so than Telegram. It uses end to end encryption, same as Telegram. If you’re crossing the border, unlink your device, delete the app, and relink it later. Your account can’t be restore via SMS. I’m not sure what you mean by that. I’m sure my government can collect any data they want if they’re determined enough, but Signal is about as secure as it gets if you’re talking civilian digital communication.
Exactly. But telegram destroy basic tracking paradigm. You can register on really fake number for example, byed thought TON coin. That’s why Durov arrested in the first place.
And that really good for drug dealers. Or for russian opposition who don’t go out from Russia.
P.S. And experts check only Crypto part, by the way. What really happening on signal servers who known. In that part telegram con’t connect anyone to 1to1 chat (but maybe can hack keys. But I cant approve that after check client source code), but signal can convert that chat to 3 persons and connect logger without problems.
That’s not true. Signal stores all messages on device.
Encryption on Telegram only works in 1 on 1 chats and is turned off by default meaning no one use it.
Ok. Signal win one point.
so, I use the telegram crypto chat to get a credit card pin from my bank. do you want to do this with signal? =)
and in turn, this means that the FSB log collector is not connected in the third place. =)
P.S. Do you understand the absurdity of the situation? telegram is not safe enough, but for some reason it is preferred by drug dealers. The lives of these people literally depend on the messenger. and the European Union was so unable to cope with this that it arrested the developer for complicity.
Definitely I would do so in Signal and never Telegram. What a question
OK. Thanks for answer.
Most people are technically illiterate. On top of that, most criminals are idiots (otherwise they’d have calculated risk/reward ratio rather than only looking at the reward side of things). The reason it is used by drug dealers is (1) Telegram is convenient, (2) Telegram is not moderated so they accumulate there due to “moderation selection”, (3) Law enforcement didn’t care enough to do anything about that. Now that (3) has changed and (2) is on shaky grounds, I expect a lot of them will move elsewhere.
It also only works in the mobile clients
There are way better options. Use Signal, Simplex Chat or even Matrix
Signal not good enough after check protocol.
Matrix is overkill. But I was hosted it some time ago.
So, I will check Simplex Chat. Thanks.
The fact that governments want to shut down Telegram and arrest its founder shows that Telegram is pretty good for privacy.
And definitely much better than discord, contrary to what some say
I’m pretty sure no one actually says that
Why not both? Telegram is bad for privacy, and governments still want to arrest the founders of systems they cannot control?
Because we jumped to the conclusion that he is being arrested for providing privacy, and thus our internal biases make it difficult for us to quit that idea. Much easier to force the facts to fit the conclusion than it is to reevaluate the conclusion.
I wouldn’t go that far
What should be alarming is what thus means for other services. Can you get arrested for running a Matrix server in France? It seems like this is very slippery
I personally don’t like Telegram as it is centralized, not private and is to close to the Russian government. However, it should be allowed to exist.
If you own a house, can see crime is being committed there and take no action to stop it you are a criminal and should be arrested. If you own a farm, can see crime is being committed there and take no action to stop it you are a criminal and should be arrested. If you own a school, can see crime is being committed there and take no action to stop it you are a criminal and should be arrested. If you own an office building, can see crime is being committed there and take no action to stop it you are a criminal and should be arrested. If you own an internet service provider (ISP), can see see crime is being committed there and take no action to stop it you are a criminal and should be arrested. If you own any land, can see crime is being committed there and take no action to stop it you are a criminal and should be arrested. If you own a public forum, can see crime is being committed there and take no action to stop it you are a criminal and should be arrested. If you own a public messenger (because Telegram is very much not private or encrypted) can see crime is being committed there and take no action to stop it you are a criminal and should be arrested.
I don’t see this as a slippery slope.
What with public land? Do politicians need to be arrested?
yeah that doesn’t make sense, I meant private forum, public forums belong to the “public” thus nobody can be held accountable.
Durov, as a citizen of France, recently sent them away when they asked for access, and then flew to them to test the strength of democracy. Imbecility and courage.
He just left Azerbaijan after meeting with Putin. I think he decided he’d be safer in French custody.
He wanted Uncle Vova to hide him from the bad guys, but he sent him away, there was no meeting. Pasha went to a foreign land.
You’re right, Putin declined to meet with him.
Source?
turan.az/…/putin-refused-to-meet-with-pavel-durov…
Apparently he didn’t end up meeting with Putin, but that had been the plan.
I’d totally be on board with this if the moderation was aimed purely at such cases.
I’m afraid it will be used to oppress minorities and suppress political opinion. Are we going to keep putting people in jail for their political opinions?
Yes and it will not change because that’s how the vast majority thinks now.
And the majority thinks this way for what reason?
Because “Fake News” and missinformation has been framded as a danger for our societies for a long time.
I believe it’s a much more complex topic than that.
I think, most likely, you overestimated the consideration of the majority. I may be wrong, though. Most opinion I read or heard about are more emotional drived.
But Telegram does give data to law enforcements afaik. So even that is not enough nowadays? Even more sad to see it right after the election. EU citizens really have to reconsider their voting choices now.
This is all perfectly legal. This is about public and unencrypted data not being monitored. This is good. I don’t want child pornography in my Instagram feed and I also don’t want it in a Telegram channel. What voting choices are you referring to in particular?
Same as repressions in DPRK or social credit system in China.
I (and everyone else for that matter) think it’s all about oppression of private messaging, Telegram does ban child pornography as it’s against their TOS and also how is it different to Reddit for example? Telegram is just not completely E2E encrypted and has some data available to read so the government found a “legal” way to oppress it.
Democratic government elections. Idk what parties support such oppressions but people should pay attention and think if they want it to continue.
“Some data”? It has all the data to their exposal. Child pornography and othe, crimes are rampant there. They are doing nothing against it for years. And when you don’t even answer mail from officials then you’re to get arrested at some point. This has nothing to do with private communication or chat control. It’s completely unrelated.
Your opinion is reasonable so I won’t argue with it. I will stay with mine though.
It’s own fault, you shouldn’t have taken the citizenship of this stinking pad… You should have taken the citizenship of the Emirates or India or Brazil, for example… Having French citizenship now is a disgrace.
India is also attacking encryption and I am not sure about Brazil. If he set foot in India he also would of been arrested.
You were right. After the arrest, it caused a backlash in India. An investigation was launched against the encrypted messaging app to find out whether it violated Indian laws.
If we are being honest I wish I was wrong. I wish seeking privacy from mass surveillance was for paranoid people
You don’t seem to know what you are talking about. Are you a child or on a primary school or something? Read more.
He has dual citizenship - French and UAE.
I was too lazy to just google it, but he has citizenship in Russia, the UAE, France, and Saint Kitts and Nevis.
You know you are an authoritarian country when you arrest CEOs of messaging apps.
Which country is not authoritarian by that measure?
All CEOs should be arrested actually.
But’s not just a messaging app. Telegram is a public forum (non-private and unencrypted btw) where they know crimes are being committed and are taking no action to mitigate them.
If you let people commit crimes in your house you are a criminal. If you own a mall and let people commit crimes in it, you are a criminal. If you own a boat and let people commit crimes in it you are a criminal. Same concept here. Pavel Durov created a public forum and not only allows crime to happen, but lies to people telling them its secure and private.
If I were a tinfoil wearing kind of person, I’d think Pavel was in on the whole thing and helping some 3-letter agency because Telegram has been a “privacy” scam from the beginning and it seems criminals are too dumb to realize they fell for playbook similar to Anom, just on a bigger scale.
Does that mean if you provide an E2EE service, you are a criminal too, because you let people to commit crimes on your platform, you’re just unable to see them? It’s like having a mall with no surveillance or security.
Nope! Not if you believe privacy is a human right.
It’s more like renting an apartment or office space and not being liable for crimes that you cannot see. Malls are generally viewed as a public space (think unencrypted chat rooms). If you own a Mall and have no surveillance and security and continue to allow crime to happen after you’ve been asked to remediate the issue, you are aiding criminals, much like Pavel and Telegram if you consider that Telegram is not encrypted and they have the ability to view everything going on in their platform.
Apartments and business offices are more like “encrypted” chat rooms. You can’t be held liable if you’re unable to see crimes being committed.
I feel like the difference is not that big, though.
If you rent, your landlord has a right to enter your apartment, even though they rarely use that right. Sometimes, they can check on things. The same applies to apartments in personal ownership: if police has a warrant, they can enter and see if there’s illegal activity. So based on this analogy, no, apartments are not “encrypted” chat rooms, and I don’t think any significant number of places would be considered “encrypted” or “fully private”, if you must.
Continuing with the analogy, Telegram can view and intervene in the activity on the platform, just like landlords or police, but Durov, let’s call him a landlord, protects privacy of his tenants, not letting the law enforcement in.
Speaking of E2EE platforms, I’m sure there’s crime happening on them, because it’s logical for criminals to use more secure protocols, yet I don’t see the same arguments made about them. It’s just they are providing the same (better!) tools to the criminals without an option for law enforcement to see the content (but perhaps with options to ban on request).
And frankly I don’t think there’s too big of a difference between E2EE and non-E2EE platforms in terms of conscience: the former just deliberately deprive themselves of an opportunity to see what content goes through their services.
P.S. that said, I don’t think it’s ok that Telegram promotes the service as private, and that Durov ignored requests to nuke known illegal activity.
But the difference is massive. Telegram, because E2EE does not work for the majority of its use cases, is hoarding tons of CSAM and other illegal content. This isn’t just about the “criminals” who are adding illegal content, its about Telegram’s access and hoarding of this data.
On the other hand, Signal is simply a transport vehicle for data. No illegal content is stored or accessible by Signal, its developers or anyone who may gain access to their infrastructure - the complete opposite of the situation over at Telegram. Signal cannot be implied to be storing illegal content because they simply don’t store any content. Law enforcement can ask Signal to provide all the data they have on specific users, and they have, but the only data they have is when you created your account and the last day (not time) a client pinged their servers.
Telegram is like CSAM and Nazi Central tbf. The place needs a purge, sucks that it’s capitalist states doing it, they will go after leftists too…
This is a global push to destroy systems the government’s can’t control. He fact he was arrested says everything.
He was not arrested for privacy, there are huge open groups on Telegram for piracy, csam and cyber criminals.
These groups are not encrypted, everything is stored in plain text on their servers. He is being arrested for not removing/moderating this content.
“Sure”.
Well, he caused this himself in the end, he failed to deliver on the part of secure and private messaging because default chats are insecure and secret chats are a buggy joke. If he delivered in the promise of providing a real secure and private messenger and did real effort to fight against spam, then things mind have turned out differently. Decentralization should also have been part of it.
In the end, he chose for fancy features instead.
How so? Telegram isn’t a great choice if you’re looking for privacy: E2EE is disabled in 1-on-1 chats by default in Telegram, so it’s technically possible for Telegram employees to read majority of messages sent on their platform. Group chats and channels have no E2EE at all.
Wrong community mate.
Isn’t everything? shrug
<img alt="" src="https://lemmy.world/pictrs/image/066ca961-ac2a-43ba-a273-966b9f7482a0.jpeg">
Just ask chatgpt, it’s really easy to understand actually
chatgpt.com/…/2ea4cddf-d28b-41af-b221-0a6bb563724…
Dirty statists downvoting, typical heard behaviour !
There are open groups on Telegram in which people post that they want to see person XY dead… Everyone who joins the open group can read it anyway.
They decided not to moderate this and not to delete illegal content once reported, although it’s easily possible without breaking encryption.
IMO, this has not much to do with privacy.
This is like posting that we should kill someone on Reddit and nothing is happening.
It still isn’t a great future to look forward to
Does that mean that French Lemmy admins are now liable for everything that is said by others? That seems like a huge liability and it is impossible for them to catch everything. Also what happens if someone criticizes the French government? Do they have the power to have random comments removed?
If they receive a notice that there is illegal content, that it should be removed and then refuse to cooperate?
Then yes, e2e is not under fire, not cooperating in moderating/Removing known criminals is
They wouldn’t even have to break encryption to moderate, message groups cannot be (end-to-end) encrypted on Telegram, as secret chats only support one-to-one conversations
Have you been there in early 2022? Tons of “we must exterminate Russians”. Or in 2015 or so, go to /Europe, see what they say about migrants. You might wanna lower that high horse of yours
I don’t see how that’s his problem.
People who think it is, should report for their duty in Kursk as soon as possible.
Got carried away with democracy and attempts to feel like someone. So what kind of moron do you have to be to get EU citizenship? Thought he would run away from the democrats and liberals. Well, he’s an idiot and that’s it.
There exist not EU citizenship because the EU is not a country. That aside, EU countries have stronger dmocracies, and especially stronger privacy protection laws than any other country in the world. What are you talking about? Are you in the correct community?
It’s you protonmail who will tell how they disclose user data, which leads to arrest in Spain. Source
Well you don’t even seem to know that the Swizz is not part of the EU. And by being arrested in Spain confirms my point.
I expected you to say that, that it was something else. :D
Feel better grandpa?
Picture this moment, but in 1994 wherein Vint Cerf and Robert Kahn are taken into custody for developing TCP/IP, a protocol that inadvertently enabled drug dealers to communicate.
He is not arrested for having developed the Telegram protocol and apps, but for failing to moderate his platform, where he could totally do so as the messages are not encrypted (except for secret chats which doesn’t even support groups) on his servers, which he has control over.
🙄
This is a actually pretty worrying
Why?
Telegram is not an encrypted platform, so they’re not going after him for providing end-to-end encrypted services. They’re going after him because they have full insight into what’s going on in their platform and not taking appropriate action and in some cases completely ignoring it. It’s pretty common that if you’re providing a public platform that you comply with authorities. Signal doesn’t have this problem, they have no insight into anything their user base is doing; you can’t be asked to enforce things you can’t see.
So you want so start seeing platforms practice mass censorship? That’s what’s going to happen as they aren’t going to take on risk.
What’s worse is that spells the end of the fediverse and smaller hosted media. The admins who are bold enough to host a Lemmy or Mastodon instance are eventually going to get taken by authorities. It doesn’t matter what country they are in. Admins can’t moderate everything and there will always be content that is illegal somewhere.
Telegram never was and never will be a secure messaging platform. Anyone using it as a such is an idiot.
I never said it was
Platforms are already not taking a risk and practice mass censorship. This is why you have words like “unalive” and “grape” becoming part of the American lexicon. It’s not even nefarious. Advertisers don’t want their content near negative content so platforms (without being asked by their government) auto-enforce these kind of policies.
Serious doubt. All the fediverse has to do is comply with the law when asked, it really is that simple. Telegram was specifically not complying with the law, which is why illegal content is so easy to find on there, and thus why they were being targeted.
Frankly, if you can’t keep your house in order, you’re not taking your responsibility seriously enough. Nobody’s forcing lemmy, mastodon, peertube, pixelfed, etc admins to give free accounts to more people than they can manage.
The law will then say E2EE is forbidden. And then the next step is making Telegram as a prime example to strip out E2EE because “Look how many bad guys we can catch without E2EE”.
They’ve already been trying to add backdoors to encrypted platforms already.
It’s going to be hard to ban E2EE globally. If they do propose laws to ban encryption we’ll just need to fight back. The issue with Telegram is completely unrelated to E2EE as they’ve implemented it so poorly, I wouldn’t conflate the two issues.
I and many tens of thousands of others use it for accurate and timely war updates. Where are we expected to go if Telegram starts censoring everything?
This could be catastrophic for the war effort online.
Edit: I should note that with the exception of illegal things, like child pornography, being made aware of to the owner of the platform they should have to act on that. That’s excluded from the ramifications this will have on important matters. Any platform should be made to act IF they are made aware of such activities.
Thanks for the reply. Yeah, losing Telegram as a platform for updates would be pretty unfortunate. Is there something unique about Telegram that prevents alternatives from being used? Is it the group size? Its ubiquity?
Why is this posted here? Telegram is not a private or secure messenger.
No such thing as a secure and private messenger exists
Everything that’s encrypted is private and secure. There are messengers that encrypt your messages, profile, who you message, contacts, etc. Use those. If you’re particularly paranoid, read the code and build from source.
States have armies of cryptographers who have broken all publicly available encryption methods and maintain a propaganda campaign to sustain the belief they haven’t.
How would these armies communicate then?
Private encryption protocol Despite the propaganda, it is possible to create without public scrutiny. All you have to do is not cheap out like they did with DES.
Did you know they use the Signal protocol? So literally the same encryption scheme?
Besides, the military isn’t smarter than 30 universities independently confirming the security.
no idea why you’re being downvoted.
you’re entirely correct, and i don’t interpret you as defending telegram’s lack of user protections
(noticing a real uptick in reddit hivemind around lemmy lately, it’s depressing tbh)
People need their copes, such as believing that privacy isn’t hypothetically impossible
Yea I’ve been getting nuked for my shit opinions instead of discussions. I accidentally posted in Hexbear this weekend…that was an experience.
Not even Signal?