• 0 Posts
  • 54 Comments
Joined 1 year ago
cake
Cake day: June 30th, 2023

help-circle




  • You switched the topic of the discussion. My original comment stands, as it corrects some part of your first comment.

    I didn’t suggest anyone to use telegram.

    They have repeatedly worked with governments and worked against the interests of their users.

    Even though those allegations are arguable, I know what you mean. And those cases don’t involve compromising the actual encryption from what I understand.


  • Ah yes, definitely go with a messenger that has known vulnerabilities in its crappy encryption protocol, instead of one with an actual secure E2EE implementation.

    Feel free to go any way you want. I’m not asking you to use telegram.

    You can still make encrypted backups

    Spend time for that, and keep them where? Maybe also need a feature to sync them between mobile and desktop?

    Only Telegram is too incompetent to do that.

    Not an implementation issue but a trust issue.

    Just stop lying. Telegram Secret Chats have been introduced in 2017

    https://telegram.org/evolution see October 2013.

    both Signal and WhatsApp have had E2EE (including for group chats!) for much longer.

    Whatsapp had them inctorudec in 2016.

    Are you mad that Signal is focusing on privacy and security by improving their encryption protocol, instead of wasting time on some UI garbage?

    I’m perfectly fine with that. More apps using electron means less chance for my pc to run garbage applications on a regular basis.

    keep in mind that Telegram can read all of your messages, as well as hand them over to governments.

    Keep in mind that any person in your secret chats can read your message, copy or screenshot it and hand it to anyone else. Those people know much better if you’re doing anything sketchy (or something actually good but against their beliefs), than an app developer.


  • I think you are falling for the “genius inventor” fallacy clueless normies love a lot.

    People advertising signal everywhere look like those kind of normies to me too. Doesn’t mean much.

    The reason it’s not known to be broken is that it’s not a high value target - most people don’t use “secret chats” in TG.

    Fair assumption. But it means you accept most people are stupid enough to not want such a feature or smart enough to not need it. Telegram user base is reported to be 900 million though.






  • has been proven to have critical weaknesses

    Those are not critical, just some aspects being below some arbitrary expectational values. Also it seems there is still no proofs those vector attacks are being used at all.

    Yes it can

    They chose to target convenience over max security. Shoving strongest options to every user by default is agaiantt that. Reasons include: no history is being saved in this mode, and the desktop client doesn’t support it.

    Signal has had group chats for many years now

    Just because it was implemented by others doesn’t mean it’s a way to go for everyone. From what I understand, e2e in group chats means that there is going to be a transaction of keys between all members of the chat on adding any new member, and/or on new message, which excessively increases the burden on clients and servers in case of big active chats.

    You can ask telegram to implement that, but you can’t blame it for keeping it behind some gates. Telegram got implemented e2e between 2 users before other messengers got it working in any form of group chats.

    and use Signal

    I’ll think about it if they ditch electron.





  • That bad encryption was not cracked for now. The other one, that is used to process chats between 2 users in end to end mode, can’t be enabled by default because it assumes no history is kept and no support for group chats.

    Also, the arrest doesn’t seem to be related to any of the things you mentioned. If anything it shows there are no ways for (certain) governments to affect the messenger, for now.



  • You want unlimited filename length??

    No. But a limit at least better than Windows has to offer would help a lot (already because switching is a common thing and should be made breeze for everyone). And 256 bytes is bad no matter how you look at it.

    Skills+time, or money to pay someone with the skills, that’s what is needed.

    No, that’s not needed I think. Some file systems supported by Linux already support longer names, it’s Linux VFS that is limiting them. This is an artificial limit basically. It will be changed eventually, I only say that it’s long overdue already.

    I assume you know of Stream’s Proton and just Wine.

    I assume you know it wasn’t always like that. Surely a lot of Linux developers never thought it was a good idea to support many more windows-related systems (one could say it would be implemented if it was a big issue), but here we are.


  • You aren’t getting it.

    It’s not about bricking, it’s about relying on “standards” (limitations actually) that should be obsolete in 2024, in multinational technology world. About the fact that they are effectively limiting how people from all around the world can use characters, words, names etc. anywhere.

    It’s not about money, not about patches or developing them. It’s about what users expect. They surely don’t expect to be told “fix it yourself if you don’t like”.

    This is by no means a “big” issue because it affects less than 1 percent of users, sure. Not many people hit the NTFS limit on windows either, yet you can see thousands places where people discuss that long paths setting, people who need to overcome it, people who maybe even grateful that such an option appeared in later windows versions.

    It filename, not filesentence.

    😒 Yep, that’s useless. What’s next, “hey Linux doesn’t support .exe, those are games for windows so you play them on windows”?


  • clearly isn’t as big an issue as you feel or it would be fixed.

    I might have agreed with such statements 20 years ago. But not anymore. I can’t count the times I’ve seen how certain software, game, system or a service literally brick themselves when a use case involves using non-ascii, non-english or non-unicode characters, paths or regions. Not Linux related only or specifically, but almost always it looks and feels embarrassing. I’ve seen some related global improvements in windows, NTFS, and some products, but all that is still not enough in my opinion. The thought that people shouldn’t need >255 bytes (or symbols) sounds not different from that 640k ram quote.