Telegram is giving away FREE Premium subscriptions! All they need from you is to use your cell phone as a relay to text out their OTP codes! And the recipient of the OTP sees your phone number! What could POSSIBLY go wrong with this deal?
PLEASE don’t use Telegram! I personally recommend Matrix as it’s totally FOSS, you can self host, there are tons of front end clients to choose from. Or even use Signal. I have my own issues with Signal, the fact they don’t allow third party clients, you can’t self-host, they have a proprietary shim in their stack that only they know what it does, they were pushing crypto, etc, but at least Signal is better than this garbage.
I’d be interested to hear people’s thoughts about Signal and DeltaChat for messaging
Signal and DeltaChat, as well as Simplex and some others e2e communication solutions, are adequate from a technical point of view.
The main issue is always adoption. You can have the most convenient way to safely communicate with people, it’ll be useless if nobody you’re talking to wants to use it.
So, since Signal is very easy to set up and use as well as the most adopted, it’s currently the best pick for regular conversations.
Or good old XMPP!
XMPP doesn’t support modern features and the protocol is older than some of the people here
Define “modern features”?
HTTP is old too, what’s your point? It get’s constant updates via XEPS, and currently runs: WhatsApp, Messenger, Zoom, iMessage, and more. It’s perfectly capable. And offers federation out of the box.
The single reason XMPP died off in the tech crowd is that Signal killed it.
I was wondering about that the other day. Why did Jabber/xmpp not evolve further into the mainstream? For a while there were multiple good-enough clients and running ejabberd was not very difficult. I thought it would become ubiquitous (and in a way it has, just not interoperable), and the clients would evolve to become great. Instead it feels like the whole ecosystem kinda just faded away.
I remember why we switched away from Jabber (running ejabberd) in our company: the biggest issue was no server-side history, so using multiple clients on multiple devices was basically impossible, just like MUCs without history to browse and search were useless for our use cases. Has that gotten better over the last 10 years?
We switched to self-hosted Rocketchat, so which sucks in many, many ways but feature-wise it offers everything we were missing from xmpp.
I imagine SMS authorisation texts are Telegrams biggest single expense, they are for Signal https://signal.org/blog/signal-is-expensive/
Telcos know that authentication is about the only remaining use case for SMS and are not going to turn down the revenue stream.
That said this idea from Telegram sounds absurd. Not least I expect most contracts prevent reselling free SMS’s like this. The security implications have got to be significant too.
Telcos know that authentication is about the only remaining use case for SMS and are not going to turn down the revenue stream.
And it can’t die fast enough, as it’s essentially the same as broadcasting your sensitive information over unencrypted radio.
Apart from security, phone number based user identification is such a half-assed approach and I still don’t get why Signal wants to die on that hill. It’s inconvenient, yet trivial, for anyone to register a second, third or tenth phone number. With a bit more knowledge and inconvenience, even anonymously. It adds so little.
