What is better for privacy? Signal or Telegram? I know XMPP is better then both of them.
Unless you use secret chats, Telegram can theoretically access all your conversations, as they are stored in their cloud. It should be a no-brainer, but there’s a couple of cool privacy/anonymity-related things that Telegram has over Signal:
- you can chat with people and join groups without having to share your phone number
- in private chats, you can delete messages for both sides, anytime, and even those that were sent by your chat partner (or directly wipe the entire conversation for both the involved parties)
- in group chats, you can delete your messages without time limit (some forks of the Android app allows to delete your entire messages history, for all members, in one click (eg. Forkgram, it’s on f-droid)). As far as I remember, Signal has a 3 hours threshold
- it’s not based in the US, and it has a good record when it comes to protect their users’ data from governments attempts to sneak into their inbox
I just use Telegram to download movies. 😎Its great for that as well.
In public groups now you can even talk on behalf of a public channel, if you create it, and avoid sharing your number and account!
I would not use either of them.
Currently, a better solution, for me, is Element/Matrix, because the crypto is mostly OK and there is federation. And it is quite featureful.
what about the metadata leaking ?
That’s a problem. But federation at least helps by giving you the choice of who will see these metadata leaks.
Not if you’re in a group chat with someone from that instance
The most that instance gets is a user name. With signal, or telegram, they get your real identity via your phone #.
That’s unfortunately not true. Lots of data in matrix is currently unencrypted. Message content is but state events (like the room topic), reactions, stickers (if your client supports them) are not.
This is slowly improving (the proposal for encrypted state events is going to be a significant improvement) but unfortunately strong privacy doesn’t seem like a strong priority of the spec owners.
If it was up to me I would block every new proposal until it had a strong privacy proposal, but instead their plan is to implement everything insecurely first. Then they will try to get people to propose private versions of the specs and try to drive adoption of those. Not a great plan for something that advertises itself as “an open network for secure, decentralized communication” if you ask me.
While true, it is also true that Matrix never claimed to be especially private. What ever your definition of “secure” and “decentralized” it is not the same as “privacy”.
Matrix is mostly about censorship resilience and distributed networks.
Thank you. I did not know that the state events were not encrypted. That’s very unfortunate. I think I still prefer Element/Matrix over Signal, but slightly less than before reading your message 👍
Yeah, that is what bugs me most about this. They are adding new features and all the clients say “Your conversation is encrypted” but a lot of information isn’t. I also prefer Matrix but I do wish that they would put a higher value or privacy when evolving the spec.
Yes. Element is known to leak metadata.
Using a chat service without disclosing a “strong selector” such as phone number (remember: “We kill people based on metadata”) should be considered freedom0.
Moxie promised (was it in 2016?) that it would be feasible with Signal… since then Signal users got: cool new stickers (!) and a crypto-ponzi scheme. Inexcusable.
All depends on your threat model though. Are you afraid of the security state, surveillance capitalism, or your local PD. Very different threat models, very different needs.
Are you serious? It’s not about pigs, even though they’re often the first to put holes in systems compromising everyone. From that angle I suppose they are a threat to software in general. But privacy for the sake of privacy is correct, even.
Signal for sure. Telegram is bad.
Depends. Having to share your phone number is not exactly privacy friendly. If you primarily care about that, Telegram is a somewhat better alternative.
Unless you only use telegram’s e2e signal is better without a doubt.
Encryption is not the solution to everything. On most group chats I don’t care much about the non-sense that is written being public, but I do very much care about my identity not being revealed, especially not in a way to is linked to a government ID & that can be used to track me and annoy me with unwanted calls.
Get a burner phone number and set up a pin, problem solved. If you think telegram can be anonymous you are being rather naive. Go to your session lists and read information on all of your connected devices, whether connected through proxy or not. That’s not a one-out example. Did you share contacts list? Did you ever enable location? What about your device’s uptime? It is very much pseudonymous.
Many if not most countries do not allow getting a phone SIM without linking it to your official government ID.
Edit: I rather suggest using XMPP. But Telegram is not strictly worse than Signal in every way.
Signal hashes your phone number so you don’t need to worry about it.
deleted by creator
I heard they will make an option soon to hide it and add people by their names
deleted by creator
Same Signal4thewin
they’re both garbage because they exclusively use telephone numbers.
phone numbers are a hassle to get, so most people don’t have more than one - which is the the first thing someone needs to steal your identity, and the only thing necessary to track your location (for anyone with access to the tools). you should never publish the phone number that you use for 2fa. if you’re concerned about privacy and carry a phone, you shouldn’t reveal the number of the SIM in the phone you carry to people you don’t trust.
signal and telegram require that you share a phone number with anyone you want to communicate with. this hasn’t made any sense since around the time signal was called “textsecure” and actually used SMS as a transport.
tldr: they’re both garbage.
deleted by creator
ok, i see i was mistaken about telegram requiring you to reveal your phone number to everyone you talk to, but, you still need one to sign up which makes it unsuitable for anyone who cares about privacy (and potentially harmful to those who don’t, even if they don’t realize it).
deleted by creator
While I do agree that Signal should implement a way to register without a phone number, saying “they are garbage” is not helpful to the conversation.
That kind of statement is also inaccurate, in my opinion. It highly depends onyour threat model, which is something that is often overlooked in these kind of threads. Not everyone has the same needs or is able to make the same sacrifices for privacy, and I’d say Signal is a very good option for the vast majority of people getting into a more privacy-oriented tech “lifestyle” (not the best word, but can’t think of a better one rn).
The phone number is used only for registration by Signal. It’s not used as a ID for registration.
requiring one just for registration would still make it garbage, but, last I checked it was also the only identifier. did they add usernames recently or something? searching for a minute I don’t see anything like that.
Every messaging app has its own problems including Signal and Telegram. If you look here, you will be able to find posts on why some people don’t prefer Signal/Telegram.
I would just recommend you to use Signal. At least their server side code is open source (some of the code is not like the new spam detection tool.)
Telegram is not really great for private communication. Also end to end encryption is not enabled by default and the server side is closed source. But Telegram is a really feature rich and powerful messaging app.
For people wanting to hop off WhatsApp to a similar alternative, Telegram is ideal - it may not beat Signal on security, but it beats it in the aesthetics, UI, user-friendly areas. But aside from Telegram sadly being a haven for fascists and literal Nazis floating around its groups and channels, Signal is seen as a more secure app to use. But other posters here have made some great recommendations!
Disagree on ui and aesthetics. Signal is nice and lean. Very little cruft.
deleted by creator
Great points!
Threema
Threema is an interesting option, but in my limited experience, it seems to drain a lot of battery? My second caveat is the price tag, which makes it difficult to get people to migrate - don’t get me wrong, I think a price tag is an ingenious marketing strategy, it straight up communicates that they don’t need to sell your data for survival (assuming adoption grows).
I’ve been using Session. I don’t know what I think of it. It’s cross-platform at least.
wtv the privacy & security issues, telegram is amazingly fast, thousands of messages with zero lag on a lousy smatphone (and desktop). on signal and whatsapp that device will start burning and crash or hang for abit
afaik, every modern chat program except for telegram is web based (and clients use electron); which is part of the reason why they’re all so slow and prone to lag. hopefully there will be adoption of tauri over electron some day soon, but for now, that means telegram will remain the only snappy chat software on the market.
Ya, telegram is really performant. I really wish they would adopt a 100% private stance, by defaulting private chats for smaller groups and 1-to-1 chats.
Removed by mod
So interesting that people are still recommending Signal. It has always run on Amazon servers so the non-encrypted metadata been harvested by any agency continuously. Last November they introduced first time closed source server code in their centralized architecture to “fight” non-existing spam. At the beginning of January, the founder and ceo - an avid defender of privacy rights - stepped down from his own company… Doesn’t it look like a takeover of the recenty worldwide popular Signal… Wake up guys