this post was submitted on 26 May 2026
370 points (98.9% liked)

Technology

84949 readers
4426 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 3 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
370
Telegram is lying to you about privacy (donald.cat)
submitted 1 day ago by columbus@lemmy.world to c/technology@lemmy.world
62 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] Treczoks@lemmy.world 24 points 1 day ago (2 children)

As long as the keys are handled via a closed source app and server system, e2ee is potentially broken.

Even if you generated the key, keep the private part locally and submitted only the public part to your communication partner, you can never be sure that the intransparent app does keep your private key private.

With WhatsApp I'm quite sure that they somehow can retrieve the private key. Certain events point to that. But I see no reason to consider signal or telegram any more trustworthy - they are all prone to governmental influence.

And as open source and closed app infrastructure are incompatible, I would not handle anything important on an Android or Apple device.

[–] BennyTheExplorer@lemmy.world 3 points 5 hours ago

Why would you not trust Signal?

You don't have to trust their server infrastructure, because the end to end encryption has been verified by countless experts (and all their client side code can be looked at by anyone).

[–] punkisundead@slrpnk.net 5 points 23 hours ago (4 children)

With WhatsApp I’m quite sure that they somehow can retrieve the private key. Certain events point to that.

What events point there?

[–] Ibuthyr@lemmy.wtf 1 points 1 hour ago

There were several (ex) Meta employees stating they could read any message if they wanted to.

[–] Treczoks@lemmy.world 3 points 11 hours ago

A number of WhatsApp conversations unexpectedly appearing in courts.

[–] adhdsergio@lemmy.world 5 points 18 hours ago (1 children)

I've no proof of this, but technically the whatsapp app is closed source so they could push an update that collects the private keys, if they don't do this already

[–] Amir@lemmy.ml 1 points 7 hours ago

One way to prevent this is would be to re-sign the app with your own signing key and delete that key before court, I guess. But those people whose conversations appeared probably just had Google Drive plaintext backups enabled.

[–] Scrollone@feddit.it 7 points 23 hours ago

I don't know about WhatsApp, but macOS backups your keys on iCloud by default, so...