Background: @Telegram has a special position in Iran. Its "public channels" are an important source of news for many low-tech users. Competing services are often blocked, but Telegram makes concessions to avoid this (like setting up local CDNs https://www.iranhumanrights.org/2017/07/telegrams-efforts-to-increase-download-speed-in-iran-could-aid-state-censors/ … ).
-
-
Show this thread
-
This is both a good and bad thing. On one hand, keeping people who don't understand and will never learn what Tor and VPNs connected to a big and difficult-to-moderate communications ecosystem is valuable, when the government largely has but two moves: "block" or "not block."
Show this thread -
On the other, it means
@Telegram will face increasing pressure over time to collaborate with the Iranian government's demands for this or that. Today we saw the communications minister demand a big channel be shut down. And here's where we start getting into complexity.Show this thread -
Should Telegram shut one Iranian channel down to preserve access to all the others? Most would say "of course." It's more important to keep that tether to their ecosystem alive, right? They're in something close to a monopoly position, where the fallback for many is unsafe SMS.
Show this thread -
If we presume
@Durov is acting morally, this might sound like an argument for Telegram to do whatever they can to keep their Iranian presence alive. But this is unsustainable, which he should know: after all, he was forced from Russia for not doing enough favors at Vkontakte.Show this thread -
You can't keep an independent, destabilizing service from being blocked in authoritarian regimes, you can only delay it. So you need to be thinking about how to continuing protecting people by making the service accessible *even after the block.*
Show this thread -
And this is where we start getting to my core concerns.
@Telegram has for years faced criticisms about the basic structure of its security by prominent cryptographers and technologists. Many defenses rely upon unbroken trust in a central authority (the company). "Trust us."Show this thread -
Trust us not to turn over data. Trust us not to read your messages. Trust us not to close your channel. Maybe
@Durov is an angel. I hope so! But angels have fallen before. Telegram should have been working to make channels decentralized—meaning outside their control—for years.Show this thread -
We've seen some improvements, and that's not nothing. But not the revolutionary rework it needs. Telegram still seems to encourage dangerous cloud messaging instead of secret chats. Experts ask "why?" And the answer is "convenience." That's unsafe.
Show this thread -
Governments learn slowly, but they do learn. There comes a day when it will be too late to fix these problems, and I fear it is sooner than we think.
Show this thread
End of conversation
New conversation -
-
-
I appreciate your efforts in security but you also praise Signal to be the holy grail, whereas giving your *real* phone number to everyone who wants/needs to communicate with you is bad for security overall.
-
I agree that Signal might want to look into secure alternatives to providing your phone number. However Signal is the *securest* messenger app, not the most private, and I believe Snowden’s been honest about it being the most secure.
-
Assuming something is the *securest* is the biggest insecurity there is.
-
I disagree. Assuming something is 100% secure us the problem. Working with something that is more secure than the other options (the most secure) is your best option.
-
He has also said some times that
@wire is as secure if you don't want to give your number. Check it out. -
I’m aware of Wire just waiting for some more security reviews & audits before I check it out. I do sometimes recommend it as an alternative to Signal though.
-
I prefer
@ThreemaApp. It doesn’t require a phone number nor an email you just get an ID. -
Isn’t it also closed source or am I mistaken
- 9 more replies
New conversation -
-
-
Yes, it's unsafe. But in my view, Telegram has chosen a reasonable balance between being secure and giving control to the government. Being censorable is not as bad as giving access to the private data of users. You should know about the power struggle in Iran, to understand ..
-
.. why Telegram is not "filtered" yet. The current government doesn't like Telegram to be filtered, because they have not much influence on IRIB. Telegram has helped them through the previous elections. But they can't keep Telegram accessible unless they show that Telegram is ..
-
censorable. An uncensorable media is not a tolerable option for the security organizations of Iran. And unfortunately there are rules passed by Iranian parliaments which allow them to control the Internet.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.