60Hz refresh rate in 2024? This might be a phone you buy for your parents but with other options available out there, it’s going to come down to whatever specific niche this phone fills and whether that’s enough compared to the competition.
Unlike Telegram, Signal doesn’t allow researchers to make sure that their GitHub code is the same code that is used in the Signal app run on users’ iPhones.
A few things to keep in mind:
Apple’s build process makes reproducible builds near-impossible.
All the effort Telegram went through and it doesn’t completely validate the entire build - there are components that are not fully reproducible [0] and as we saw with the recent XZ backdoor, these could potentially be leveraged to hide a backdoor while claiming to be secure - so was anything gained other than “these things are validated but this black box, which could contain malware, was not validated because we can’t check them”?
Developing Signal is difficult.
Signal is developed by a small team and has to prioritize and coordinate efforts to deliver results - look at how long usernames took or even private contact discovery [1] - nearly 3 years (as a preview) after Signal was created.
Signal has no built-in telemetry, any issues are not automatically logged and reported. The end user has to manually submit debug logs and provide an adequate description of the issue for the devs to even attempt to understand what the issue is and how to fix it. Telegram may also have this issue in their very limited private chats, but as most chats aren’t E2EE, they can already see all your traffic anyways, making things significantly easier in terms of development speed.
Considering the two points above, it’s not irrational to come to state the following:
Signal has been prioritizing a fully end-to-end encrypted (E2EE) platform that shares zero data with anyone but the intended recipient and this decision has slowed down their development speed. Non-E2EE chat solutions have existed for decades and can iterate and progress significantly faster as they don’t have to work on difficult privacy/security/encryption related issues.
Telegram has not been prioritizing a fully E2EE platform and by default do collect most of their user’s data. This makes it much easier to develop Telegram and is why E2EE group messages don’t even exist on the platform - the Telegram devs have spent more time talking about privacy and security than actually implementing it
Given the two statements above, assuming both projects need to balance resource constraints, it’s safe to conclude, :
Signal has spent zero effort working on reproducible builds on iOS because its impossible to completely reproduce a build and would take development resources working on enhancing the platform for minimal gains, as Telegram has proven [0]. Signal has instead placed their efforts on reproducible builds on a platform where it is possible [2].
Telegram, instead of working towards implementing security and privacy by default, have decided to work on security theater by working on reproducible builds for iOS that are not even completely reproducible.
Signal refused to add reproducible builds for iOS, closing a GitHub request from the community.
It was closed because they use Github for bug reports, not feature requests [4]. The dev even pointed them to the right place. That said, I do agree it would be great if there was some progress made on this front for Signal, but realize its a huge effort and may be best avoided for now as the iOS client still needs some “catching up” to do, compared to the Android version.
And WhatsApp doesn’t even publish the code of its apps, so all their talk about “privacy” is an even more obvious circus trick 💤
Agreed.
Telegram is the only massively popular messaging service that allows everyone to make sure that all of its apps indeed use the same open source code that is published on Github. For the past ten years, Telegram Secret Chats have remained the only popular method of communication that is verifiably private 💪
Telegram collects all your data by default in a way that’s accessible to anyone with enough privileges to their infrastructure.
Even without a source I can see how ICE vehicles are cheaper to repair (assuming you don’t have some high-end expensive car. I had a relatively “new”-ish engine replaced in my ICE vehicle (I’ll let you guess the make/model) for just under $2,200, this is including labor.
ICE vehicles are “old tech” and everyone knows how they work and where to source cheaper (new or rebuilt) parts. All bets are off if you’re working directly with a dealer when trying to save money.
I’m looking forward to owning an EV at some point, but will definitely need to find someone who’s competent whenever any major issues appear. Hopefully by then they’re significantly more common and the industry has more people that are competent at that type of work.
You’re looking at it through the eyes of a competent user. It’s obvious to us. It’s not trivial to the general population. Just ask most iOS users what the difference is between green/blue bubbles - they have no idea other than “one sucks and means they use Android”
There’s a few clients for Signal, nobody is preventing developers from creating apps; there’s Molly, gurk-rs, Axolotl, Flare, signal-cli, Pidgin (with the Signal plugin.
The problem is 3rd party clients don’t implement all features because it takes a lot of work and they’re created/developed by volunteers - just take a look at Matrix and how many clients support all features or even just group end-to-end encryption (E2EE). Last I checked many third party Matrix clients didn’t support encrypted group messages, primarily just Element, the reference client built by the matrix developers. So you have the same problem on Signal that you have on Matrix.
This is an often repeated piece of misinformation. The developer of gurk-rs, a third party Signal client, has even said this himself. The client presents itself with a completely identifiable name to the Signal servers - the Signal devs can see this and could easily block this client from connecting but they don’t. This project has existed for at least 3+ years now.
First off, how can you claim RCS "requires you to buy an Android and then state iMessage is "cross platform through Apple’s ecosystem? RCS works on Android and is available in various devices from many manufacturers. iMessage is only available on devices sold by Apple.
Secondly, why would you rate iMessage higher than RCS for “ease of use”? That makes zero sense, they behave basically the exact same way.
Lastly, RCS is coming to iOS - Apple’s just been lagging because implementing a cross-platform solution is detrimental to their profits.
So RCS will eventually work across iOS and Android AND work by default. There’s no reason RCS wouldn’t be easier or rated higher than iMessage in terms of “ease of use”
In Matrix a direct chat is a group chat with two people.
You’re right, I forgot how Matrix handled messages and the current state is that there’s are at least 6 other clients that support E2EE - this is awesome.
That said, as soon as you look for a stable client that supports other features like Native 1:1 calls and Threads the only client listed is Element, check here: matrix.org/ecosystem/clients/
Side note: Looks like ~3 years ago a Fluffychat dev stated they would not implement E2EE in the app [0], this must have been around the time I was looking at other clients because I recall this one “looking” the best and might be viable for non-techy people to use/recommend. I’m glad they changed their mind and implemented E2EE. Time to take a look at it again.
Telegram doesn’t default to encryption. All your messages are stored and can be viewed by anyone with enough privileges on Telegram’s infrastructure.
Telegram’s “secure” 1-1 messages are limited to the point of being useless and not worth using. It’s a dark design pattern created to discourage their use, ensuring you give them all your data.
Session provides protections against these types of threats in other ways — through fully anonymous account creation, onion routing, and metadata minimisation, for example.
Reading between the lines, we can interpret that as introducing security through obscurity, which is generally considered bad practice - cwe.mitre.org/data/definitions/656.html
Am I the only one who has this issue? The volume in calls is way too low, even with the maximum volume set. Regular cell calls have higher volume and thus I can’t fully switch a relative of mine to Signal....
The Internet Archive is under a DDoS attack (bsky.app)
Brought to you by the Department of Erasing History.
Artificial Refugium rule (slrpnk.net)
Toxic Gaslighting: How 3M Executives Convinced a Scientist the Forever Chemicals She Found in Human Blood Were Safe (www.propublica.org)
GSMArena | Sony Xperia 10 VI review (www.gsmarena.com)
10 updates coming to the Android ecosystem (blog.google)
Proton Mail Discloses User Data Leading to Arrest in Spain (restoreprivacy.com)
Telegram founder and CEO alledges signal has backdoors, they don't provide reproduceible builds, etc.
cross-posted from: lemm.ee/post/31431894...
Android 7.6 features (signalupdateinfo.com)
Group call reactions 🎉...
New German research shows EVs break down at less than half the rate of combustion engine cars. (www.adac.de)
Better way to communicate with me
we fell for the corporate propoganda rule (lemmy.cafe)
FireChat was a tool for revolution. Then it disappeared. (www.fromjason.xyz)
Volume is too low in calls
Am I the only one who has this issue? The volume in calls is way too low, even with the maximum volume set. Regular cell calls have higher volume and thus I can’t fully switch a relative of mine to Signal....
its true tho (lemmy.today)