xvector 1 day ago

Signal is absolutely better. Telegram is e2ee in name only

1
autoexec 1 day ago

Not recommending Telegram, but personally, I suspect that signal is compromised. They've been permanently storing sensitive user data in the cloud for a long time time (https://community.signalusers.org/t/proper-secure-value-secu...) but the very first sentence of their Terms and Privacy page still claims "Signal is designed to never collect or store any sensitive information." and they've been asked multiple times but refuse to update their privacy policy. I suspect that lie is being kept there as a giant dead canary.

Making the change to start keeping exactly the data that the government has been asking them to turn over isn't a very good look. "Securing" user's data with something as week as a PIN isn't great either. https://www.vice.com/en/article/pkyzek/signal-new-pin-featur... Note that the "solution" of disabling pins mentioned at the end of the article was later shown to not prevent the collection and storage of sensitive user data. It was just giving users a false sense of security. To this day there is no way to opt out of the data collection.

xvector 14 hours ago

Oh wow. Yeah. This changes my opinion on Signal.

Why the fuck did they make such terrible insecure defaults for backups? IMO they should not even be doing backups at all by default, what the fuck.