What's your excuse for not using it?
>>51280035
I have no friends using it.
>>51280040
We can be your friends Anon.
Mandatory information collection group.
https://telegram.me/joinchat/AzV1-wL9KfRTvwqfIUBa_A
>>51280035
botnet?
>>51280061
no.
>>51280035
There's this thing called "text messaging" you probably never heard of it
We've had it since 1992
>>51280035
I didn't know it existed until you posted this thread.
https://telegram.me/joinchat/AzV1-wF5RcCFbYcbhtvtMg
here's nice chat about linux
>>51280203
10/10 chat, it gets absolutely cRAZY sometimes.
>>51280035
I do.
But today I had to use Skype instead.
Holy shit what a piece of garbage has that become. - why are people still using such terrible software?
>>51280142
I mainly share pictures and files over Telegram to be honest senpai (family).
I am using XMPP.
>>51280116
You are a botnet
>>51280035
Leaks IPs.
I like it, I had to create an undertale sticker pack to convince my friends to use it
One of them still won't use it because of all of the Arabic reviews on the windows store
>>51280363
give link to undertale pack pls pls pls
we shitpost mettaton CONSTANTLY
I have nobody to talk to
>>51280035
I do use it, but the lack of end-to-end encrypted "secret chats" in the desktop version for so long is really making me want to switch to something else, though every alternative also lacks some functionality.
>inb4 tox
>>51280363
>undertale
https://telegram.me/addstickers/vomitchan
>>51280450
>https://telegram.me/addstickers/vomitchan
Trolled :^(
>>51280040
This.
Other than that, I think the program looks great and works very smoothly.
>>51280035
It requires a phone number for signing up.
Requires a phone number for registration and wants to upload my contact list to their servers.
it has cute furry stickers
>>51280450
>making me want to switch to something else,
hopefully i can get my web based alternative done by christmas, so many would use it.
Full web-based end to end encryption, with a desktop app shortly planned after, and mobile apps if i can pull in money.
>no tracking
>no requirement of phone number
>email optional
>all your keys stored in da-cloud, encrypted with a passphrase YOU create
>stored in da-cloud until an actual app is made to save your data locally
would you pay $5/year to use this service?
No ads will ever be used, i'm not even using google analytics in the prototype, the only JS loaded is that which you need to operate the site.
It will be free for a year, that much i do know, but what /would/ people pay if/when it goes paid?
>>51280035
I use my own XMPP server and Conversation on android to communicate with family and girlfriend, everyone else SMS.
Fuck the kikes behind telegram and every other instant messaging cancerous app.
>>51280883
>Fuck the kikes behind telegram and every other instant messaging cancerous app.
why
>>51280736
I'll pirate it, yep
Can't wait :^)
rate it 9/11
>>51280736
If you managed to make a fully functional and truly secure protocol/applications not just some github copypasta I, myself, wouldn't mind the small fee, problem is the more "technologically challenged individuals" who wouldn't find any benefit from it will find outrageous having to pay for the "same thing" they can get for free.
And then the lack of users would discourage the people that are -actually- interested in the service.
Maybe you should consider making the web/desktop app free to build an userbase and make the phone app a one-time paid or some other funding method.
>not even using google analytics
nice, even though people who care use noscript/matrix/whatever already, everytime I see analytics in a web that defends privacy it just hurts.
>>51280035
no friends
>>51280035
Why would I use it?
>>51280974
>who wouldn't find any benefit from it will find outrageous having to pay for the "same thing" they can get for free.
ah damn never thought of that, and i'm trying to make this normie/autistic friendly.
>Maybe you should consider making the web/desktop app free to build an userbase and make the phone app a one-time paid or some other funding method.
hmmmm, maybe i'll have to resort to paid messaging packs, or something, I don't like the idea of a paid app, because people will just pirate it.
And im sure you can patch network activation out of an apk.
I mean shit, palringo got out of bankruptcy thanks to arabs and message packs.
>piracy doesn't hurt sales mate
No, it just hurts your privacy, I don't want you to be "forced" to download the pirated copy that has an exploit to log your messages.
>>51280035
Russian botnet.
>>51280736
There is already something like that: cryptocat.
And pretty much no one gives a shit because the only thing people care are mobile phones apps.
>>51280917
Because one way or another they are all shit.
-Telegram is partially opensource, use their own rolled crypto which is shit and in any case all traffic goes though their servers
-Whatsapp is centralized and closed source dogshit owned by an advertisement company
-facebook messenger is closed source, centralized and literally a fucking resource hog.
-hangouts is just like messenger
If the majority of people wasn't retarded we would all be using federated XMPP servers and apps like Conversation on android.
We have XMPP which is open, works fine and all in all is pretty decent but no, let's fucking make my own protocol, crypto and build a fucking square wheel like another thousands of faggots already did last year.
>>51281120
>-Telegram is partially opensource, use their own rolled crypto which is shit and in any case all traffic goes though their servers
i totally understand the crypto part, its why i'm sticking to properly researched algos (while still staying opensource).
But if it's end to end why does it matter if it goes through their server?
If properly using keypairs and such, the server should never have access to your data, how would one build an XMPP framework without doing the same.
not trying to shill you, this is mainly a personal project thats been on my head for years, and i just want to finish it so i can work on something else, so i'm just discussing why YOU wouldn't use it.
If i can smash enough features into it maybe someone would use it.
i'm a bit ignorant on XMPP, but once implemented inst it basically different for each rollout? the protocol behind say MSN and Yahoo may use XMPP but are vastly different services. (not sure if they actually do)
Wouldn't it just make more sense to roll your own, so you can just build what you need.
How could you manage a decentralized system with mobile in the mix?
Is there any example of something like that currently out there?
>>51280035
I use Signal, a secure messaging program.
>>51280375
https://telegram.me/addstickers/undertalepack
fuck yall, telegram is da best
>>51281228
>If properly using keypairs and such, the server should never have access to your data, how would one build an XMPP framework without doing the same.
I have to check, but there might be metadata that is visible to the server. That is not as bad as having clear mesages visible to the server, but it makes me, and others, wary.
Think about it; if your phone calls are encrypted, but the metadata is clearly avaliable, someone might not be able to tell what you were talking about with your doctor (and immediatley after your close family) about, but they could guess the nature of the conversation.
>>51281268
Thank you, you wonderful person.
i don't want to be messaged by isis
>>51281327
No problem, I'll probably be adding more characters to the pack at some point. Share with your friends and shit
>>51281330
Well don't add them as your contacts. Sheesh
>>51281228
>But if it's end to end why does it matter if it goes through their server?
Because that's a single point of failure. A three-letter agency can come to you with a national security letter and demand access to that server. And once they can do that they can MitM you or all sorts of other things, even if they can't otherwise break the crypto.
iMessage works like this. They boast about end-to-end, but Apple has their own key-distribution server. When you send a message to someone, you need their public key, and don't know what it is. When you add a device, all the devices need to know each other's keys. They phone home and ask Apple "Hey, I need the key to talk to so-and-so", and Apple's server gives it to them. Now if you're the NSA, you can come to Apple and say "We want to read everything Joe does. Whenever a device asks for Joe's keys, give them this additional one that we can read along with all the public keys for Joe's devices." And that's the ballgame.
>How could you manage a decentralized system with mobile in the mix?
>Is there any example of something like that currently out there?
The easiest way around this is to not handle key distribution and make the users do it. This does however require you to communicate with someone (ideally in person) before you can communicate with them. PGP and GnuPG do key-signing and web-of-trust stuff, but it's rather a bloody mess.
>>51281363
Done, we're currently worshipping you.
>>51281382
Signal his solved this, I think, check it out
>>51280035
>What's your excuse for not using it?
Not knowing what it is.
>>51281228
>i totally understand the crypto part, its why i'm sticking to properly researched algos (while still staying opensource).
That's a good start, don't reinvent the wheel.
>But if it's end to end why does it matter if it goes through their server?
end-to-end by default is disabled and anyway it works only in single user chats.
Telegram uses thier own custom protocol, custom encryption, closed source server component and servers hosted god only knows where (maybe even behind a CDN).
I don't trust that shit, they probably can already intercept and read most of the traffic (group chats and non end-to-end enabled chats) and I wouldn't be surprised if in 3 or 4 years we will see a news telling us how their fucking home rolled crypto wasn't as good as they said or even contained some backdoor.
>If properly using keypairs and such, the server should never have access to your data, how would one build an XMPP framework without doing the same.
>not trying to shill you, this is mainly a personal project thats been on my head for years, and i just want to finish it so i can work on something else, so i'm just discussing why YOU wouldn't use it.
That's a big if considering custom crypto and custom protocol.
XMPP is still sorta centralized but at least supports federation, use TLS and other well known and tested protocols and is 100% open source (app, protocol, server, encryption).
>i'm a bit ignorant on XMPP, but once implemented inst it basically different for each rollout? the protocol behind say MSN and Yahoo may use XMPP but are vastly different services. (not sure if they actually do)
Yahoo and MS version of XMPP are all bastardized and modified.
>How could you manage a decentralized system with mobile in the mix?
>Is there any example of something like that currently out there?
Tox probably is the only example of p2p instant messaging program.
>>51281245
Signal is a joke since it requires google play services.
>>51280035
i dont talk to people
>>51280035
>>51280035
ayy
it's good but it needs to go full opensores and also have a proper security audit, but definitively better (mainstream alternative) than WhatsApp
>Is Telegram secure?
http://security.stackexchange.com/questions/49782/is-telegram-secure/49802#49802
https://levels.io/telegram-messenger-access/
>How do I verify that WhatsApp is using (e2e) encryption
http://security.stackexchange.com/questions/79070/how-do-i-verify-that-whatsapp-is-using-end-to-end-encryption
TL;DR Telegram is not "that" secure, but it is definitively better than WhatsApp since you can at least verify you're encrypting stuff. Or else you have to trust WhatsApp.
Instant messaging is for normies.
I'm not a normie.
>>51281120
>We have XMPP which is open, works fine and all in all is pretty decent but no, let's fucking make my own protocol, crypto and build a fucking square wheel like another thousands of faggots already did last year.
The Problem with XMPP is that its actually pretty shit. It lacks the ability to sync messages in chats or IMs between multiple devices, means if you receive a message on your phone you won't receive it on your desktop, which in turn means you do not have a gapless conversation history.
There's no support to fetch past history for chats, which is annoying cause that means that you can't have group chats like Telegram or Whatsapp, where you are ensured to get *any* message.
There are no message read recipes and there is no end to end encryption by default.
There are multiple protocol extension that can *partially* fix all those issues, but you need to take care that your client supports it, that your server supports it and in some cases that your peers client supports it too. Then there are 4 different incompatible protocol extensions that all offer end to end encryption in some way (one being OTR, to be fair). Nobody wants to deal with this shit, they prefer a messenger that just works.
Even if you created your own XMPP-Based messenger and locked out all clients/servers that don't support all those needed protocol extensions to keep the features working, you'd still end up with something very slow cause the whole thing is XML based on top of it.
>>51280035
TextSecure is better
>>51282097
>Nobody wants to deal with this shit, they prefer a messenger that just works.
there's a continuum for all communications systems, with security and privacy on one end and just werks on the other. the more you have of one the less you have of the other.
>>51282032
>unironically saying normies outside of /r9k/
reeee
>>51280040
you probably have no friends in general, right?
>>51280035
it's not FOSS
I would be if I had friends, and since my shitty meme game is linked to a burner email I see problem in using it for communicating with strangers.
>>51282097
>The Problem with XMPP is that its actually pretty shit. It lacks the ability to sync messages in chats or IMs between multiple devices, means if you receive a message on your phone you won't receive it on your desktop, which in turn means you do not have a gapless conversation history.
Carbon copy: https://xmpp.org/extensions/xep-0280.html
99.9% of people don't use multiple devices anyway.
>There are no message read recipes and there is no end to end encryption by default.
Stream management: https://xmpp.org/extensions/xep-0198.html
Message delivery receipts: https://xmpp.org/extensions/xep-0184.html
>There are multiple protocol extension that can *partially* fix all those issues, but you need to take care that your client supports it, that your server supports it and in some cases that your peers client supports it too. Then there are 4 different incompatible protocol extensions that all offer end to end encryption in some way (one being OTR, to be fair). >Nobody wants to deal with this shit, they prefer a messenger that just works.
Ejabberd (server) and Conversation (android app) support all this shit out of the box.
Client to server communications are all encrypted by default using TLS (which support perfect forward secrecy and deniability) and there are multiple end-to-end encryption options available (the most effective and easy to use is OMEMO).
>Even if you created your own XMPP-Based messenger and locked out all clients/servers that don't support all those needed protocol extensions to keep the features working, you'd still end up with something very slow cause the whole thing is XML based on top of it.
It all depends on the implementation, ejabberd for example is a fucking tank.
It's not 2006 anymore, XMPP is a mature protocol and there are multiple good implementations of both client and server.
>>51282158
None of those points I've mentioned has anything to do with security. You can have security and still have a protocol with working read recipes, history and cross-device sync.
>>51280035
JOIN THE TELEGRAM /G/ GROUP AND START SHITPOSTING
Send !join g to @botmenot to get invited
>>51282272
Yes there are protocol extensions that support it, I already wrote that.
>It all depends on the implementation
not really, cause you still have to send all of that stuff through the network.
>by default using TLS
Which also requires 5 handshake messages every time your client connects to the server, before it even starts sending messages.
>It's not 2006 anymore
But bandwith limitations are still problem on mobile phones, and even if you have shit-tier connectivity you still want to receive messages fast.
Compare all of this to the Telegram protocol, they have barely any overhead in their protocol. They use a stream cipher that initializes the key one time at the first login. From that point, the client only needs to open one single TCP connection and can immediately start sending encrypted payload. The protocol overhead for the whole connection is something like 16 bytes, and the RPC calls have a 4 byte overhead for the message call identifier.
Not that I'm defending their decision to roll their own crypto (this isn't excusable), but at least I can understand why they did it.
>>51282309
Can't. Already got banned because the moderator is a dickhole.
>>51282463
We've got rid of the furries, you can spam '!' on the bot to get yourself unblocked
>>51282463
moar qt pixie manic tfw no gfs plz
>>51282489
Oh thanks anon :^)
>>51281531
Everyone already has google play services installed. Also a future version won't strictly require it.
>>51282515
>>51280040
I'm your friend
https://telegram.me/khilafahnews
Official /g/ broadcast
i use it, but don't talk to people much desu
>>51282534
ty fap fap
>>51282526
>Everyone already has google play services installed.
KEK, not him but until it stops requiring it, I'm not gonna use it either.
>>51280142
>2015
>Not using encrypted communications ever
Nigga, you like being fucked don't you?
>>51280239
Worst bait ever.
>>51282439
>Yes there are protocol extensions that support it, I already wrote that.
If there are protocol extensions that implements said features your point of XMPP being incomplete is invalid.
>not really, cause you still have to send all of that stuff through the network.
I personally manage an ejabberd server and use Conversation on android, network is always forced in Edge because it's more than enough for email push and XMPP.
Data usage is higher than with whatsapp for example but still not enormous and definitely not an issue considering 3G, 3.5G and 4G are common nowadays and no one except me force network connection in 2G.
Higher overhead is an infinitesimal problem when compared to shitty cryptography, lack of privacy, closed source server implementation, etc.
>>51282526
If with everyone you mean "everyone who doesn't give a shit about privacy and willingly run a spyware in his smartphone" then yes, I agree with you.
Advertising an app as the holy grail of secure messaging and then requiring google play services is a nonsense.
It is no wonder that the faggot behind that shit of an app is literally a fucking kike.
>>51280061
>>51280035
Because its crypto sucks. Despite their Ph.Ds, the authors have absolutely no idea what they're doing. MTProto failed security review from several cryptographers I know, who have described it as "bizarre", "nonsensical" and "stupid". I mean they use IGE mode, for God's sake, and SHA-1, and the end-to-end mode doesn't work correctly.
Use Open Whisper Systems' "Signal" instead. It passed.
https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms
https://itunes.apple.com/app/signal-private-messenger/id874139669?mt=8
>>51282994
Yes, the Android version uses Google Play Services for wakeups at the moment (via Google Cloud Messaging - note that messages are NOT delivered that way, only wakeups). It has to; wakelocks don't work reliably otherwise (especially in Deep Sleep mode under Marshmallow, which has officially deprecated wakelocks). There's an alternative waiting in the wings however as not everyone has that, particularly the most privacy-conscious.
That still has the metadata problem, but so does basically everything else (and if you're on a phone, you have bigger, baseband, problems). There are a few other messengers in development which use Tor as a transport, but they will never work particularly well for the mobile messaging use case - Tor isn't efficient enough as it stands. A garlic routing network might stand a chance, but there wouldn't be enough cover traffic - yet.
For people complaining about servers privacy and end to end encryption what do you think about their "private" chat option that is supposed to be end to end encryption?>>51280035
>>51283788
personally only use that.
hits all the marks on the EFF scorecard, so i'm good with it.
>>51280035
got keked on it by ex
>>51280621
This to be quite honest.
I've been wondering for a while now: what's stopping people from using a Telegram bot to serve ebooks like IRC bots do? Because good god, IRC bots are bad.
>>51280142
SMS sucks. Murka is about the only place that still uses it.
>>51280621
Using a phone number for signups is a great idea. Phone numbers are unique, everyone has one, and everyone knows everyone else's.
>>51280621
Not using a free one on the internet.
>>51280035
I already have Gmail
