Whenever I glance at darknet forums, people there always use Telegram for instant messaging. This seems like a strange choice for their use case, considering that Telegram is neither secure nor private[1], being centralized with Russia-controlled servers[2], phone number registration, no encryption for personal chats by default in mobile client and no encryption at all in desktop client[3], etc.
So why do they use Telegram instead of actually secure and private alternatives, like Delta Chat, XMPP+OMEMO, etc.?
Telegram is indeed neither private nor secure (that is if you don’t use secret chats), but the stupidity of people believing the narrative of
Russia-controlled servers
will never cease to fascinate me.
You know which group of people know for certain that this is not true?
Russians.
How can they be so sure?
Because of their government’s constant attempts/threats to block it / slow it down. All in an effort to make people move to an actual messaging app controlled by them (MAX messenger).
Yes, absolutely, Russian government is trying to stop people from using an app they control, this totally makes sense.
And if it doesn’t, you can always come up with some totally reasonable and totally not a conspiracy theory of them just pretending to trying to block it so that you think it is secure. And people might even believe it. Except for Russians, for whom Telegram voice calls are broken (blocked) again, and MAX is advertised as an alternative.For fuck’s sake…
Telegram is less policed than the American apps with backdoors. It’s popular with many people making it easy to connect. (It has a lot of good features). The options you listed all have adoptjon challenges for non-technical people.
Over a billion users, and very popular in old eastern bloc countries already.
Yes central control, and controlled by people who don’t have the most robust encryption or opsec (CEO house arrest in France for example)… But over time they have demonstrated they don’t care too much about most low level crimes.
So it’s in the sweet spot of good enough and convenient but not great and not perfect
I often have the same questions about bitcoin
It’s hard to track
Only for an individual without significant resources.
But lots of companies provide Bitcoin tracing as-a-service
Look up Chainalysis, or ScoreChain, or TRM Labs, or Crystal Blockchain, or Merkle Science, or…
If someone uses a private wallet not on a website , it’s very hard to determine who they are and where they are sending or receiving money.
Virtually impossible. And There are things called washing machine services. (Aka tumbler)
Basically you send coins to it. It get mixed with other people’s coins. Then the coins are re distributed to a designated wallet.
These services usually charge a small fee.
This makes the money completely untraceable.
You can use the block chain to follow transactions but you can’t follow it after it’s split up and washed like this.
It’s a social media platform, not a secure messaging platform.
Using a VPN or tor will make it basically impossible for anyone (government, law enforcement) to figure out who is posting. Unless that person uses that same login in an unsecured way. Like a regular browser. Or uses an email that was created or accessed on a regular browser.
You have to give them your phone number to sign up.
That phone number is tied to a real person by government records. Sure if you’re in say Russia it makes it a lot harder for the FBI to identify you because Russian phone companies won’t necessarily respect a US legal request. But if you’re anywhere within the west (US, Canada, EU, Australia, NZ) they can ID you unless you go to the trouble of getting an anonymous phone number that works with the SMS verification services they use and maintaining that number for when they lock your account and demand to verify you again all while accessing it over a VPN. That plus no encryption by default makes it not very secure at all.
But fundamentally you could do the same thing securely with any service, you could do that with Facebook, with Twitter, and the list goes on if you can get good reliable anonymous phone numbers. Telegram isn’t special in that way.
So you can use online phone services. Like there are websites. You pick one of the available numbers. Use it to sign up. The confirmation texts and numbers are displayed on the website. And so you use those to confirm.
These are free to use. Quite a lot of websites for this.
Is that the anonymous method you are talking about.
And sure I guess you could use it for other social media.
I’m sure some do.
But there is more censorship on FB and the like.
it’s user friendly, used by many normies, better than some alternatives (whatsapp, etc), advertised as private, etc. at least until recently they also mostly ignored governments’ request for data, so it kinda was private for criminals as well.
I guess that you only see the tip of the iceberg in these “darknet forums”. They probably favor visibility for the end-user instead of security, due to their target audience. XMPP and GPG is pretty popular on DNMs.
Because it is secure, that is why.
It really, like really really, isn’t.
Encryption not open source or auditable, encryption not enabled by default, entire platform captured by Russian oligarchs years ago. It is as secure as people sending all of their private messages to me to pass along to their contacts, and me saying “trust me bro, I won’t look”.
criminals disagree. If Signal were so secure, they would be using Signal instead.
Maybe you don’t know they use it because it’s secure?
Everyone know criminals use telegram because it isn’t secure.
You can fuck right off back to the FSB with that misinformation.
Is that the same FSB that is trying to ban Telegram right now?
