I don’t want to see PGP rejection based on usability. So, to level the field at user level we take Delta Chat, which uses PGP. If I understand that correctly.

I have no knowledge of telegram security at all.

  • BearOfaTime
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    3 months ago

    Agreed.

    No audit…then we don’t know.

    Have you seen an audit for SwissCows’ Teleguard?

    I’ve been testing it for a few days now, after a comment about it here.

    They claim to not store your chats, they’re deleted after delivery. To sync a new device requires an encrypted backup from an existing device.

    I’ve tested this by restoring a backup from yesterday to sync a new device, and it only has data from yesterday.

    That said, I really don’t know how trustworthy they are.

    • Snot Flickerman@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      5
      ·
      3 months ago

      Nice, I hadn’t heard of them until now, either.

      I’m just excited that end-to-end-encrypted services have become in such high demand that we’re seeing lots of different implementations.

      It took a while, but it looks like Veilid finally has a basic chat built in their protocol as well. It says it’s secure, but I can’t find any info on its particulars.

      https://gitlab.com/veilid/veilidchat

      • BearOfaTime
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        edit-2
        3 months ago

        Meh. I only read a translated version, so it’s hard to tell nuance.

        But nothing in there is inaccurate. Maybe overstated.

        Personally Signal seems trustworthy, but… I have some ambivalence, given their bullshit reasons for dropping SMS support. They claimed it cost them engineering, which is at best wrong, at worst a flat out lie. Signal has nothing to do with how SMS is managed - it merely hands the message to Android’s SMS system. It’s trivial. So why would they drop support and use that lie?

        When I’m being misled, I start to look at everything else as having a bit more validity.

        Plus UI/UX on signal sucks. It’s no better than the lamest SMS app. Hell, old SMS apps are better. And no multi-device sync. They claim it can’t be done and maintain encryption. Right. Clients just need to use the same encryption key…like Telegram does, and now Teleguard - and they’re claiming full e2e at all times.