“Telegram is not a private messenger. There’s nothing private about it. It’s the opposite. It’s a cloud messenger where every message you’ve ever sent or received is in plain text in a database that Telegram the organization controls and has access to it”
“It’s like a Russian oligarch starting an unencrypted version of WhatsApp, a pixel for pixel clone of WhatsApp. That should be kind of a difficult brand to operate. Somehow, they’ve done a really amazing job of convincing the whole world that this is an encrypted messaging app and that the founder is some kind of Russian dissident, even though he goes there once a month, the whole team lives in Russia, and their families are there.”
" What happened in France is they just chose not to respond to the subpoena. So that’s in violation of the law. And, he gets arrested in France, right? And everyone’s like, oh, France. But I think the key point is they have the data, like they can respond to the subpoenas where as Signal, for instance, doesn’t have access to the data and couldn’t respond to that same request. To me it’s very obvious that Russia would’ve had a much less polite version of that conversation with Pavel Durov and the telegram team before this moment"
Sure, you can absolutely decide that it’s a reasonable trade off, but your original claim was that sealed sender addressed the problem. Sounds like you’re now acknowledging that’s not actually the case…
i think it’s a very clever partial solution, but when combined with signals other ethos (making privacy simple so that more people use privacy-centric options), that means people aren’t going to change IPs between temp token and message to solve the last part of the puzzle: thanks for explaining your line of reasoning
i also think that there’s a way forward where messages are sent or tokens are retrieved via a 3rd party proxy to hide IPs (i thought i read something about signal contracting a 3rd party to provide some of those services but i can’t find the reference to that, and also it’s not verifiable so limited in usefulness), which is a complete solution to the problem, as long as said proxies aren’t controlled by signal (thinking about it now, you could also simply route signal traffic through a proxy so many people share an IP, and they do provide proxy functionality separate to the system proxy configuration)
i still think that signal has made a pretty reasonable set of trade-offs in order to balance privacy and usability in order to have a large impact on global privacy
*edit: actually, adding to the proxy point, turns out EFF run a public proxy
and there’s a big list of public proxies available(not a big list to avoid censorship, but still a good resource)and they also have support for tapping a link to configure the proxy, so very quick and easy
It’s not really a partial solution, it’s just sophistry to obscure the problem. The fact that I’ve had this same discussion with many people now, and it always takes effort to explain why sealed sender doesn’t actually address the problem leads me to believe the the actual problem it’s solving is not of making the platform more secure. The complete and obvious solution to the problem is to not collect personally identifying information in the first place.
You have a very charitable view of Signal making the base assumption that people running it are good actors. Yet, given that it has direct ties to the US government, that it’s operated in the US on a central server, and the team won’t even release the app outside proprietary platforms, that base assumption does not seem well founded to me. I do not trust the people operating this service, and I think it’s a very dangerous assumption to think that they have your best interests in mind.