What are the reasons to use Signal over Telegram

amaterasu@lemmy.world

Let me start saying that for convenience I adopted Signal. Now, this argument that it validates your contacts is actually something that isn't the best feature of Signal since it implies that it is requesting and having access to phone numbers.

I don't let my number available as my contact, I created the ID and I'm using it in case someone wants to connect with me but that still not the reality for many and the fact that they retain my number it doesn't digest well.

I'm not sure how is SimpleX nowadays but features like stickers and even some emoticons or message reactions were not possible. Some family members and friends would be very difficult persuade to go back to a very simplistic communication app.

I always keep an eye on best alternatives and if usability reaches a good point we may need to consider SimpleX as the messenger for the mainstream recommendation.

absgeeknz@lemmy.nz

Maybe, but I have had all of my family on Signal for close to 9 years now. Inertia and the network effect is a big part of why platforms stay around.

It took me saying to my mum, that I would ONLY share pictures of her new grandson on Signal to get her to install it. Once mum was on board, the rest followed pretty quickly.

The thought of getting mum to install a new messaging app now, and she is nearly 10 years older. Well it isn't worth the effort. My threat threat model is low enough, to choose the convenience/security slider at Signal.

As a side note, every month or two; another of my contacts shows up on Signal. I have around 50 contacts using Signal now, as I said before around 98% of my messaging is through Signal.

flux@lemmy.world

So if I understand it Signal has your phone number but only logs sign up date and last activity date. So yes they can say this person has Signal and last used it on date X. Other than that no information.

Matrix doesn't require a phone number but has no standard on logging activity so it's up to the server admin what they log, and they could retain ip address, what users are talking in what, rooms, etc. and E2EE is not required.

I think both have different approaches. I'm just trying to understand. On one hand you have centralized system that has a standard to minimize logs or decentralized system that must be configured to use E2EE and to remove logs.

gayhitler@lemmy.ml

There’s a lot of answers itt but heres a simpler one:

If you want to prevent people in power from having access to communications there are two methods employed, broadly speaking:

The first is to make a very secure, zero knowledge, zero trust, zero log system so that when the authorities come calling you can show them your empty hands and smirk.

Signal doesn’t actually do this, but they’re closer to this model than the second one I’m about to describe. Bear in mind they’re a us company so when the us authorities come to their door or authorities from some nation the us has a treaty with come to their door signal is legally required to comply and provide all the information they have.

The second is to simply not talk to the authorities. Telegram was closer to this model than signal, using a bunch of different servers in nations with wildly different extradition and information sharing mechanisms in order to make forcing them to comply with some order Byzantine to the point of not being worth it.

Eventually the powers that be got their shit together and put hands on telegrams owner so now they’re complying with all lawful orders and a comparison of the tech is how you’d pick one.

The technology behind the two doesn’t matter really but default telegram is less “secure” than default imessage (I was talking with someone about it so it’s on the old noggin’).

corsicanguppy@lemmy.ca

Signal needs a phone number.

I don't want to give them one. Also I don't have one.

Oh my, that seems to eliminate Signal as an option.

Next?

davel@lemmy.ml

I’m not here to promote Signal, but last time I checked it no longer required a phone number.

gazby@lemmy.dbzer0.com

I won't be popular in this thread, but I don't fight this battle anymore. Telegram beats Signal in virtually every aspect of user experience. If a person is unlikely to be convinced that e2ee is worth taking all the UX hits, I don't try anymore.

lawn_and_disorder@hexbear.net

Use signal and matrix. Telegram is as people pointed out usually unencrypted. Also unverifieble in its code . Signal is easy uses but phonenumbers ( you can register a fake one however) but always EE2E. Matrix does not require a number at all. But definatly is a bit harder to get started with and are therefore harder to get your contact to use it.

lawn_and_disorder@hexbear.net

There is also desktop clients for both.

zak@lemmy.world

I keep seeing this claim, but I may be too much of a computer nerd to notice when using them both. What does Telegram do better and how?

gazby@lemmy.dbzer0.com

I may be too much of a computer nerd to notice when using them both
That's probably true of just about everyone on Lemmy.

What does Telegram do better and how?
User experience, like I said. How many less technically inclined people do you know who will understand why they have no message history in Signal after moving devices? Yes, they could have kept it if they'd had backups enabled and moved the archive over and restored from it, but it's too late now, their entire contact list has been notified that their safety number's changed (another aspect we get to attempt to explain). It's a bummer.

zzx@lemmy.world

Telegram rolls their own crypto. That should be the biggest red flag by far. I say this as a telegram user

toastal@lemmy.ml

So they have Carbons? Took them long enough.

toastal@lemmy.ml

If they haven’t already, SimpleX registers a URI handler, you could put an ID in a vCard just like your contacts on XMPP show up in a messaging client.

They reason this happens more often with Signal is a) Signal requires a phone number (which is not good for your privacy) b) your contact is more likely to put in their phone number but many forget to add other IM protocols to their vCard & the default contact managers do not make this very discoverable.

toastal@lemmy.ml

Matrix is centralized around Matrix.org or servers they run tho. Since the protocol is a big data/metadata sync by design & medium–large-sized servers are expensive to run, almost all of metadata is with Matrix.org—of which was originally funded my Israeli intelligence & I wouldn’t be surprised if they were getting data out of it to this day.

toastal@lemmy.ml

If we care about the planet & sustainability, we would not be recommending a eventual-consistency model for chat communications. Matrix’s protocol is so wasteful & expensive.

juli@lemmy.world

This entire article is guessing at hypothetical backdoors. Its like saying that AES is backdoored because the US government chose it as the standard defacto symmetrical encryption.

There is no proof that Signal has done anything nefarious at all.

As an outsider, I mean isn't that the same for news coverage for chinese/russian backdoors, but everyone believes it without any proof.

Why is US company being a US honeypot a big surprise, and its government recommending it not a big red flag? but it is when China recommends wechat? Can't we be critical and suspicious of both authoritarian countries?

Do you have access to Signal servers to verify your claims by any chance? Afaik their servers are running modified codebase, and third party apps cannot use them. So how do you claim anything that goes behind closed doors at all? Genuinel curious.

snotflickerman@lemmy.blahaj.zone

Further, they're hosted in Germany, so they must still follow German law and court requests.

juli@lemmy.world

Telegram for random public chatter/file storage(with password lock), talking to strangers without giving them your number. Signal for personal/private conversations.

Your device can handle 2 apps and don't give them permissions willy nilly. Geez, every one of these posts just wants to start a flame war.

wolflink@sh.itjust.works

Note that this is sent at time of syncing rather than being in an archive on the company’s server 24/7