Hacker News new | past | comments | ask | show | jobs | submit login

One fascinating outcome of all this fallout is that there's now a readymade excuse to stop using Facebook.

My personal observations are that a good number of people have felt 'fatigued' by Facebook for a very long time, but were also unsure of how best to extricate themselves without incurring a social penalty.

But now there's an impetus that most people can understand. I'm not sure about how many people will move away or how quickly it'll happen, but the network effects Facebook capitalized on can also work in reverse: if you have just one or two very vocal privacy proponents in a friend circle pushing to get off the platform. One group I'm in recently migrated to Telegram for this very reason.




If you truly want privacy and security I would recommend Signal over Telegram -- Telegram has had some controversy with respect to their encryption protocol not being audited, as well as some weird stuff with a very large recent ICO that seems entirely unnecessary except as a money grab and Russian subpoenas for their master private keys.


You are getting off one boat and getting on the other one. Destination is the same.

Any centralized communication network is by definition insecure (one point of failure).

Maybe try Tox.

https://tox.chat/

Telegram copperating with Iran

https://news.ycombinator.com/item?id=16039859


Signal and Telegram are very different. Signal has always been an open source project that allows you to audit the source and run your own server if you so desire [1].

It’s a project that has always put security first but made some compromises for usability — very different from Telegram which has put expansion and monetization first — and it was started by Moxie Marlinspike whose views and contributions are well-known.

With Signal, it is not a single point of failure. The Android, iOS, desktop apps all do end-to-end encryption. So a compromised server wouldn’t mean your messages are compromised.

The client would need to be compromised, and if the client is compromised, tox.chat is toast as well.

[1] https://github.com/signalapp


>>With Signal, it is not a single point of failure. The Android, iOS, desktop apps all do end-to-end encryption.

I meant DoS attack not encryption.

AFAIK all of these secure "apps" are NOT decentralized.

So if you can just block a certain IP, you'd have successfuly performed a DoS attack.


> and Russian subpoenas for their master private keys.

While I cannit defend (or attack, I'm no cryptographer) their crypto they seem to have a solution to this:

They say they don't store keys in the same datacenter or even jurisdiction as the customer data they protect.

According to them this means getting unencrypted data through a legal process would mean getting a warrant in two or more countries at once.


> They say

> According to them

I find it very hard trusting their word. And we know the company has the ability to read messages. How is telegram better from FB messenger?


Sorry for my late reply:

> And we know the company has the ability to read messages.

I don’t think we actually know that.

In fact I think they have a system to keep data and keys apart and in different jurisdictions to prevent USA, Russia or anyone from being able to get access to it.

I am no cryptographer or legal expert though.

> How is telegram better from FB messenger?

This is a bit simpler: while Facebook messenger might be E2E encrypted I have good reason to believe that Facebook will datamine my metadata and sell it to however wants to pay.


This only works in the US due to the Cloud Act.


Definitely. I’ve been off Facebook for years but always felt judged for it. In the past few weeks it’s gone from being judged to being applauded for calling it.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: