And E2EE is only available on phones, circa a couple of years ago anyways
Terminal stage of console
- 0 Posts
- 9 Comments
Joined 1 year ago
Cake day: June 12th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Telegram’s servers are located in US, Singapore, Netherlands (and maybe some other countries) from what I’ve gathered. And all chats that are not E2EE’ed are stored there, encrypted at rest at best with keys in the same database, or somewhere else that can still be accessed in automated way. Maybe it is not even encrypted at rest.
The point is, all those countries are either in 5 eyes or have information sharing agreements with 5 eyes countries. So as far as I’m concerned, TLAs can still have their fingers in those pies, in addition to Telegram’s overall shadiness and Russian ties. So maybe you get KGB strongman keeping a watch over your chats too.
This is not something I’d have much confidence in to be honest.
Switch to Telegram
You know it’s not even E2EE by default, and when it is it uses a homegrown algo that is not exactly well spoken of? (at least V1)
1·1 year agoIt is reasonable yet subpar under a threat model where you do not trust any single provider, which is a model I find appropriate most of the time.
You should not assume your password manager is unhackable.
That’s my main point. Perfect is an enemy of good indeed, but I feel that doing things properly the first time is a good idea in general, especially when it as easy as using a different app for your TOTP tokens. It’s a low hanging fruit really.
Please don’t use your password manager for TOTP tokens. It is called two factor authentication for a reason.
Until next time they try to push through something similarly stupid. Now it’s EU’s turn to make their mind too.
The enshittification of the internet shall continue.
We will fight and we will lose, as depressing as it sounds. The vast majority of people just don’t and won’t care.
lol