undefined | Better HN

0 pointsfwdpropaganda8y ago0 comments

> I don't particularly like Moxie, personally, but his work stands on its own merits.

I hear you. What I meant is that although I know the guy has an excellent reputation, I know that because I heard other people say. I don't really have the technical knowledge to evaluate it myself, and I suspect 99% of the people in HN are in the same position. Therefore, if I were to say "Signal's security is excellent" I would be falling for the cult of Moxie myself, not an informed opinion.

0 comments

5 comments · 2 top-level

tptacek8y ago· 3 in thread

Wait a second. No. You just said, one message upthread, that a reason to pick Telegram was that WhatsApp had a "severe vulnerability for groups" that Telegram didn't have. Forget about the fact that the vulnerability might not have been "severe". Scott points out that you're offering security advice about what group messenger to use despite the fact that you're unaware --- like many people --- that Telegram doesn't encrypt group messages.

Please acknowledge that this happened before continuing to offer more opinions about this subject.

fwdpropagandaOP8y ago

They do encrypt group messages to their servers, just not E2E.

> you're offering security advice

I'm not offering security advice.

CiPHPerCoder8y ago

> They do encrypt group messages to their servers, just not E2E.

Transport-layer encryption that leaves messages totally readable to the service operator should not be classified as "they do encrypt". It muddies the water and will confuse users.

For the sake of communicating risk effectively, only E2E should count when we talk about encryption. Lack of transport-layer security (TLS, Noise, etc.) simply demonstrates severe negligence and/or incompetence.

> I'm not offering security advice.

Above you said:

> WhatsApp had a severe vulnerability for groups disclosed not so long ago. Telegram has had no such vulnerabilities as far as I'm aware.

A casual observer might read this and think, "Wow, WhatsApp is vulnerable and Telegram isn't. I should use Telegram" despite being even more at risk by choosing Telegram.

Whether it was your intention or not, it will have the same effect on HN readers as formal security advice from any other commenter.

1 more reply

tptacek8y ago

By that definition, AOL Instant Messenger was encrypted too, just not E2E.

It's fine not to keep up with this stuff and not to have solid answers for basic questions about it. I just think you should use a lot more question marks when you write about it.

1 more reply

CiPHPerCoder8y ago

> I don't really have the technical knowledge to evaluate it myself, and I suspect 99% of the people in HN are in the same position. Therefore, if I were to say "Signal's security is excellent" I would be falling for the cult of Moxie myself, not an informed opinion.

Sure, but that's not what's happening when people whose day-to-day involve applied cryptography and/or application security are commenting on MTProto and Telegram.

Here's a good read on why Telegram's "contest", which is a challenge meant to create the illusion of resilience, is totally bogus in the context of real-world cryptography: http://www.cryptofails.com/post/70546720222/telegrams-crypta...

The things that the Signal Protocol does well:

1. It maximizes forward secrecy,

2. while working for mobile devices that may be offline or unreachable,

3. and uses authenticated encryption.

https://tonyarcieri.com/all-the-crypto-code-youve-ever-writt...

https://paragonie.com/blog/2015/05/using-encryption-and-auth...

Disclaimer: The last link (the paragonie.com one) was my writing on the subject.

j / k navigate · click thread line to collapse

0 comments

5 comments · 2 top-level

tptacek8y ago· 3 in thread

Please acknowledge that this happened before continuing to offer more opinions about this subject.

fwdpropagandaOP8y ago

They do encrypt group messages to their servers, just not E2E.

> you're offering security advice

I'm not offering security advice.

CiPHPerCoder8y ago

> They do encrypt group messages to their servers, just not E2E.

Transport-layer encryption that leaves messages totally readable to the service operator should not be classified as "they do encrypt". It muddies the water and will confuse users.

> I'm not offering security advice.

Above you said:

> WhatsApp had a severe vulnerability for groups disclosed not so long ago. Telegram has had no such vulnerabilities as far as I'm aware.

A casual observer might read this and think, "Wow, WhatsApp is vulnerable and Telegram isn't. I should use Telegram" despite being even more at risk by choosing Telegram.

Whether it was your intention or not, it will have the same effect on HN readers as formal security advice from any other commenter.

1 more reply

tptacek8y ago

By that definition, AOL Instant Messenger was encrypted too, just not E2E.

It's fine not to keep up with this stuff and not to have solid answers for basic questions about it. I just think you should use a lot more question marks when you write about it.

1 more reply

CiPHPerCoder8y ago

Sure, but that's not what's happening when people whose day-to-day involve applied cryptography and/or application security are commenting on MTProto and Telegram.

The things that the Signal Protocol does well:

1. It maximizes forward secrecy,

2. while working for mobile devices that may be offline or unreachable,

3. and uses authenticated encryption.

https://tonyarcieri.com/all-the-crypto-code-youve-ever-writt...

https://paragonie.com/blog/2015/05/using-encryption-and-auth...

Disclaimer: The last link (the paragonie.com one) was my writing on the subject.

j / k navigate · click thread line to collapse