Side Note.
If you don't care about your privacy and want to continue using Windows 11 with Telegram, this isn't for you. If this is correct, please do not respond to the post. If you use Windows 11 and Telegram and are concerned about your privacy, I highly urge that you read this post. Thank you. If there is any incorrect information linked in this post, please let me know so that it can be updated consistently.
What's been going on with Microsoft and Telegram?
Microsoft and Telegram collaborated, and Telegram is now a component of Copilot, which is extremely bad news for privacy. Microsoft is almost becoming another Facebook, given what they are doing with their copilot, which is being included in recent Windows 11 updates. More information about Copilot will be down below this post.
Telegram consistently claims to be "the best and most secure chatting app for privacy" and much more. We all know it's a lie given the number of strange incidents that occur there and the association with Microsoft Copilot. Not only that but they have openly stated multiple times that "They need your data to ensure a secure experience". Which is very suspicious. If you use Telegram on a daily basis, it might be time for you to switch.
What is Microsoft Copilot?
Microsoft Copilot is an artificial intelligence function that, like Alexa, can assist you, but it is built into the Windows 11 operating system. It can communicate with you, hear you, and observe and hear everything you do. It can hear you ask a question, browse the internet, listen to your voice calls unless you turn off your computer, recording and monitoring everything you do. It knows everything. It also sends all of this data to Microsoft and the CIA. Which is extremely bad news for privacy. Microsoft is almost becoming another Facebook, given what they are doing with their copilot, which is being included in recent Windows 11 updates.
What do I need to do to get actual Privacy from now on?
Before you do anything else, I highly recommend that you buy a USB stick and switch to Linux. You have four distribution options to select from.
Linux Mint (2 gigs of ram, NIVIDIA and AMD supported)
Debian (2 gigs of ram, NIVIDIA and AMD supported)
Kubuntu (2-8 gigs of ram, NIVIDIA and AMD supported)
Pop OS (8 gigs of ram, NIVIDA and AMD supported)
Ubuntu (4 gigs of ram, AMD Supported)
- I will say this about Ubuntu: it doesn't work very well if you want to play games on it and you use NIVIDIA drivers. With NIVIDA drivers, it can work well for general use such as watching videos, making documents, and editing photos. However, gaming performance is not very good when using NIVIDA drivers on Ubuntu. My friend tested it out for me. Going all RED (AMD) is definitely the best option if you want to play games on Ubuntu.
These are definitely the best distributions for a beginner, however if you thoroughly understand linux and know how it works once you get used to it, you can finally try something like Arch, Fedora or NixOS.
If you want a alternative to Telegram, you have two options
Signal (Best Option)
Signal is the best alternative to Telegram, it has great end to end to end encryption, it's open source, amazing screen sharing and voice calling, privacy, and it's extremely private compared to telegram.
The only thing that Telegram has that's better than Signal is better built in customization. However, aside from that, it still can't beat Signal. If you have an Android phone, you can install custom clients with it, making it incredibly customizable, or you can even develop your own because the source code is open source; even at that point, Telegram cannot surpass Signal.
Telegram-FOSS (Maybe?) Telegram-FOSS is a Telegram fork that aims to remove Telegram's spyware and data collection while increasing your privacy. However, it is only available on Android through the FDROID App Store, and keep in mind that I am not 100% certain that it will provide you with the finest privacy; use at your own risk.
Matrix (Not Recommended) I suppose Matrix is an additional choice for a Telegram substitute; but, in my opinion, it's more of a messenger alternative. Although it's fantastic for privacy, I don't think it's ready in terms of usability or user friendly. Matrix isn't ideal for communities and isn't very user-friendly. It's more for corporations/software development teams who want a self hosted slack. Yes, Matrix is more private & secure then Telegram, and you don't need to setup your own matrix server to use it. You can register on the public matrix server and message friends etc that way. Matrix just doesn't advertise, it relies on clients & servers to do the advertising. The issue with that is the main client (Element) is only trying to appeal to corporations/non-tech savy people who can't setup their own matrix server so the messaging is based around that. I still think Signal is easily your best alternative
My point is, if you value your privacy, you should quit Windows 11 and Telegram while you still can and try Linux and Signal; it will be well worth it. If there is any wrong information in this post, please notify me so that it can be changed, and if you have any questions, please contact me and I will gladly assist you.
reposting this here https://telegra.ph/why-not-matrix-08-07
I don't agree with all of them, but some are rly bad and seem intractable to me, especially for larger servers.
Briar seems interesting, I wonder if anyone has done a rundown there
Currently seems pretty limited, can only be used on phones. But maybe they'll do some other apps soon
I've been looking for a short version of "Surveillance Valley" to send to people, so thanks for this.
My problem with most Matrix clients, such as Element (the big one), is that they don't handle multiple accounts and the Element devs actively shut down all conversation on that topic. I've never bothered using Matrix for anything real-world because it means presenting the same public identity to everyone I would be in contact with. XMPP is a creaky old hodge-podge where you can never be sure that the other person's client is using all the same XEP extensions, but at least most XMPP clients have no problem handling multiple accounts.
I disagree that Matrix is the best option; it's not very user-friendly compared to Signal. Signal has some little issues, but it's still far superior to Telegram and even Matrix. Matrix is simply not ready yet; if you're set to use it, by all means do so, but I still recommend Signal for being the best alternative to Telegram and Whats app. Matrix isn't really for communities, its more for corporations/software development teams who want a self hosted slack
Whatsapp is a whole different discussion for later
Signal is one of the most user unfriendly apps I have seen. Telegram has issues, but at least it works and can be used by dummies.
Signal is very user friendly, I would even say better than Telegram. What are you on about?
quite the opposite. For example:
- Signal's desktop app is a disaster. With Telegram I can get an experience equivalent to Android. Not even close with Signal.
- I can't use Signal with multiple phones
- I can't install Signal from F-Droid
- Signal's Desktop app works perfectly fine and it works amazingly on IOS and Android
- You aren't supposed to because everything is end-to-end encrypted and with disappearing messages, which is partially the whole point of Signal. That's where you get far more privacy than with Telegram.
- It's very unfortunate that you can't install Signal from F-Droid, however you can install it by using their APK and limiting all of it's permissions.
end2end encryption does not exclude multiple devices. It's just that signal devs don't care.
I use signal with my family. For that, it's quite fine, it doesn't matter if whoever knows I talked to my mum on that day for this long, they already know it's my mum. It gives me some more privacy, they can't tell what I said/wrote, and better group chats.
But I wouldn't use it for revolutionary activity. That is when the metadata privacy matters, who talked to who and when. A quote I heard a lot (by some top US bras, I don't remember) is "we kill based on metadata". For that, Signal is not good enough.
That is what I got out of dessalines essay.
For the record TOR's funding by the US government is problematic. They fund a large number of TOR exit nodes, which though (like Signal) they can't track 100% of what everyone does, they're still able to gather a disgusting amount of information and use it against you.
Love my completely secure, untraceable communications system funded by checks notes Radio Free Asia. /s
(Signal is bad. Do not use signal. Speaking out loud on the phone is way more safe than typing in Signal.)
Speaking out loud on the phone is way more safe than typing in Signal
I have my concerns about signal too but this is just over the top. what could possibly lead you to believe that»
doing my online drug deals via carrier pigeon because tor is funded by the US govt
if a Tor connection needed to be deanonymized then it would be. your drug deals are not that interesting to the govt in the grand scheme of things
This tinfoil hat statement you made is not at all true, Signal provides a stronger E2EE chat service than WhatsApp and Telegram ever will, refusing to add backdoors and only cooperating with law enforcement if it's the only option to keep Signal alive. Regardless of this unfortunate fact (that they do have to cooperate in some, extremely rare cases) they would never send over chat logs or images because they DON'T log your conversations. Messages are stored locally on your device so they have nothing to send. Stop spreading FUD just because Signal is a project you don't like due to political views.
"Signal is a government" says website with multiple trackers from Google, Datadog, and Cloudflare. Get better sources before talking about anything privacy related.
ShowYour point about Signal has no evidence, funded by doesn't mean that it's lead by the CIA, if it was, why would Edward Snowden use it, and why would they constantly share no real information with the authorities? DDG is still much more private than Google, although it can be questioned for it's censorship of "Pro-Russian" search results. Also, you sent yet another link with Google trackers, well done, source dismissed.
Startpage gets it's search results from Google
SearX gets it's search results from any search engine you choose
How is this a valid point?
Signal requires a phone number right. How could that possibly be anonymous
They added usernames. But I think they may still require a phone number to set it up.
Sigh because, as a wise man, kenny, aka Mental Outlaw, once explained, you can use a burner phone if this is an issue. You can optionally provide Signal with a username/nickname of choice but what you do with that is up to you. You can also hide your phone number from everyone and refuse to let people add you via your phone number. Unless you're a dumbass that has everything linked to one phone number or email, I don't see how this would be a problem.
Telegram requires a phone number as well. If that is a problem, use a burner phone. Additionally, Signal introduced the ability to use a username instead of your phone number. Yes, you need to put up a phone number to make a Signal account, but once your account is created. You can actually activate "Hide your phone number" and utilize the username feature
Ubuntu sucks lol remove it from the recommendations and put Fedora in instead.
My first real daily drive distro was Fedora and it was fine for daily use. Although I'd still recommend Mint over Fedora to absolute beginners who are not tech savvy.
After some very cursory research I see that copilot is just a chatbot on telegram. Copilot is not built-into telegram, but you can interface with Microsoft's servers running copilot by "starting a conversation" with it. That does not mean Telegram now ships with Copilot. Believe you me, I have written chatbots for telegram and your installation of it does not ship with my crapware, telegram also doesn't pay for my server costs, lmao.
Telegram is still unsafe but for a lot of other different reasons. Others have already pointed out the problems Signal has. Matrix is simply not there yet, and it might never be. In reality very little of this matters because your friends will just continue using whatever spyware they were before, your chatgroup will not use your bespoke xmpp solution just to chat with you. Idk, send sensitive stuff over e-mail or something.
Matrix is simply not there yet, and it might never be.
Citation Needed
It's pretty damn good and element (the most popular client)is highly polished. At least it doesnt require a phone number or have ties to the NED (however small) like signal
This is a good rundown on some of the issues
https://telegra.ph/why-not-matrix-08-07
I see some things I have thoughts on, but most of this is "not an issue for users/maybe not even an issue for admins"
- untrusted homeservers or clients running modified software might not honor deletions. This is a legitimate issue but its inherent to the federated model, and is just as bad or (actually) worse on Lemmy than it is on matrix, for example. They could do a better job of setting expectations for users regarding deletes, but it's not like centralized, or worse proprietary, messaging systems don't have deletion issues too, if somewhat reduced in scope.
- compatibility issues between different homeserver implementations. This is a fuckup for sure, but it will eventually get worked out, and already is getting better as alternative homeservers get more development and usage
- High profile public rooms subject to novel attacks. This seems bad but it seems like something that is getting better over time.
- unauthenticated media downloads. I would be fine losing unauthenticated HTTP downloads of media, though it can be convenient for users ig (the amount of times I've gotten a discord attachment image link/embed is easily thousands, even when none of the conversations were happening on discord. though personally I always copy images themselves rather than just sharing the link).
- The stuff about media "verification" (scanning) is something that applies to basically any self hosted anything that allows any uploads even incidentally, and is not a standard we hold other software to, except I guess commercial services of a certain size. CSAM scanning isn't something you can really do as an individual selfhosting, and virus scanning is pretty heavy, though I'd ofc appreciate better integration of tooling for instances that need it. And liability for proxied content is a tradeoff, because if you don't proxy content, you reduce privacy for users significantly by allowing any participating server to track them, not just their own homeserver. In practice I'm sure it could be a hazard, but if you aren't actually storing the material just proxying, and respond to takedown requests if they are made, IMO you're doing all that can be expected.
The question is, are these bad enough issues to abandon Matrix, and what alternatives exist that solve these issues and don't have other unacceptable tradeoffs?
Matrix's "everything and the kitchen sink" problem feels like an overreaction to XMPP's problem of optional extensions that not every client implements properly (if at all).
I do run a matrix server. I have some qualms with it for sure, the resource consumption can be pretty crazy, and federation has some issues that other models don't, and I wish the protocol were simpler, but saying it's "simply not there yet/maybe never will be" doesn't really capture any of my concerns. Its usable now, as a viable alternative to discord, telegram, signal, etc. regardless of issues. If there is a better alternative I'm open to that too. I've been meaning to try XMPP again but in the past I haven't been a huge fan
laggy? how would you even know? my most used account is on matrix.org and I've never noticed lag. I guess most of my communication is relatively asynchronous, not lightning speed back and forths with people, so I'd have no way of knowing if there was a second or two of lag. But typing notifications seem to be prompt.
And self-hosting idk, besides not being able to host it on a super resource constrained machine, and the disk usage ballooning if you have users that join a bunch of massive public rooms or whatever, it's been fine for me.
I guess its probably highly dependent on your use case
The biggest challenge personally, is a lot of softwares (CAD, 3D rendering) I need for work and school don’t work on Linux or I need to install a windows virtual machine which the only good one is proprietary, VM ware, I install Linux old devices for my family tho
You can always set up a dual parition of both Linux and Windows.
install a windows virtual machine which the only good one is proprietary, VM ware
You mean the only one you're comfortable with. QEMU/KVM/VFIO + secondary GPU passthrough with clients like looking glass are far superior while also being libre.
Telegram has always been sus from a privacy perspective, because they use an oddball homemade cryptographic system instead of open and proven standards. I treat Telegram like I do Tiktok. A useful source of information that I assume is tracking everything I see and say.
I would love to run my main machine off Linux, but none of the software I need in the day-to-day runs seamlessly on it, unfortunately. That's still a pretty big obstacle for me.
I never liked/used telegram because it needs my phone number so it's not anonymous. Idk why it's used as a discord alternative, it's not really better except for lower moderation.
If signal had group chats it'd be perfect for my purposes.
Idk what I'd use to text/have voice anonymously to other Hexbearians/feds, there's probably some IRC spinoff useful for that idk.
Oh shit when did that happen lol.
Time to try and get my WhatsApp group chats to Signal, even though no one else in them cares about security
Signal does have group chats, and has had them for at least 10 years.
Idk what I'd use to text/have voice anonymously to other Hexbearians/feds, there's probably some IRC spinoff useful for that idk.
it's called matrix. pretty sure hexbear has a server though registration isnt open
Are there are downsides to AlmaLinux? From my research it seems like one of the best all-round options but I never see it recommended in discussions like this, unlike Ubuntu which has actual privacy concerns and is owned by a for-profit.
It's Red Hat Enterprise Linux with the serial numbers filed off. It'll be rock stable, but you may be on your own for cutting edge versions of software packages with new and shiny stuff. Probably not the best choice for gaming video card drivers either.
AlmaLinux is one of the spiritual successors of CentOS, a previously popular distro tailored for servers before Red Hat axed the project. You're better off using Fedora unless you really value stability and don't want to use Debian for some reason.
Telegram requires a phone number to use it and should therefore be considered utterly non-private.
Before you do anything else, I highly recommend that you buy a USB stick and switch to Linux. You have four distribution options to select from.
Linux Mint (2 gigs of ram) Ubuntu (4 gigs of ram) Debian (2 gigs of ram) Pop OS (8 gigs of ram)
Are you saying that if I boot Linux Mint off of a flashdrive, it'll occupy 2gigs of RAM from my computer while in use (even without programs open)?
Considering 8 gigs is the recommended amount of RAM to have when running Pop_OS!, I think it's more like minimums.