You can download Telegram and many forked clients from F-Droid. All the builds are from source code, so you know the source code is up-to-date.
Any distro can have Telegram clients, both official and third-party, in their repository.
Compared to this
1. You cannot download Signal from F-Droid. You need to download it from the Google Play Store. The released source code has lagged behind the version on the Google Play store by long periods of time many times. One example was when they implemented cryptocurrency payments, pushed the update to everyone but no one could inspect the source code.
2. Signal has sent legal threats to repositories that package Signal. The repos either need to confuse users by offering the client under other package names or remove it.
3. They also send baseless threats to forks that use their server. Combined with their lack of federation, this results in people having to use multiple apps from different sources with a much larger attack surface.
4. They beg for donations in the app even though they made an app with payments and cryptocurrency integration with an obscure coin (which they were involved with and had ample opportunity to hoard before ever announcing it as a feature in Signal).
5. They claim to have privacy features that other messengers lack, but these features are based on known-to-be-broken technologies like Intel SGX.
> pushed the update to everyone but no one could inspect the source code.
That was for the server code, which you shouldn't care about from a security standpoint for an E2EE messenger such as Signal. AFAIK that was not the case for the clients.
Regarding your other points, they have reasons that have been discussed elsewhere[0] to avoid federation, notably a lot of the progress on the Signal protocol would be way harder in a federated setting. There's no other messenger that has the same usability ("my grandfather can use it and won't have problems using it afterwards") while being at this level security-wise.
> Factually incorrect, just go to https://signal.org/android/apk/ (and the apk will then update itself) or build it yourself.
That page tells me that the safest way is to have a Google account, with Google Play Services installed on my phone, and to download it from the Google Play Store.
It then gives me an APK link after saying "Danger zone" and "most users should not do this".
If the app developer tells me it's dangerous and I shouldn't do it, can you even expect users to do this?
I don't know how to verify the SHA fingerprint without Googling (I know how it works, just don't do it often to know the exact openssl or equivalent command).
If I'm downloading the APK directly on the phone, there's a lot that's not under Signal's control that could happen.
What if I'm directly under attack, and I'm trying to move to Signal? The attacker could MITM the connection and intercept the download.
I think that's a fair warning to show a user, because indeed most users will likely want to install apps through Play Store, that'll reduce/remove supply chain risks. Users who know enough about APKs would be able to verify the hash, or build it themselves.
Even if I download the APK, I still have to accept a similar warning when installing it on my phone.
> If the app developer tells me it's dangerous and I shouldn't do it, can you even expect users to do this?
If you care about reproducible builds and avoiding trusting Google, you're already in the class of not-most-users.
Signal seems to have usually taken a pragmatic stance of defaults mattering.
Afaicr, that was the argument for linking to phone numbers (it allowed for more lazy users to use it) and encryption by default (few turn on opt-in-encryption).
And it seems accurate to say 'for most users, who don't know what they're doing and don't want to play personal-IT-department, using the Google Play store is more safe and secure.'
Google Play, for all its failings, IS the safest way to get an APK right now.
F-Droid for as much as I love the open platform, does not provide any security guarantees about what you're downloading. It is a volunteer run project and does not have the extensive security policies and practices that Google has. From https://f-droid.org/en/about/
> Although every effort is made to ensure that everything in the repository is safe to install, you use it AT YOUR OWN RISK.
Likewise downloading and side-loading it from their website, requires you to disable some security guarantees by doing things like enabling developer mode.
You know what you're doing, so you can ignore those errors. Seems like a much better alternative to endorsement of apk downloads directly from websites for non tech-literate users.
Do you disagree? The main issue I see with sideloads is that you don’t get automatic updates. I’d do that for an app I built myself, but not if the app is in the Play Store.
With Signal you actually do. The APK gotten from their website isn't the same from GPlay. It has an auto updater (will prompt you with a notif when a new version comes out, which you can click to install), and doesn't come with a FCM push notification system.
> 2. Signal has sent legal threats to repositories that package Signal. The repos either need to confuse users by offering the client under other package names or remove it.
Not that I really want to defend Signal (XMPP FTW!), but the legal threats were about using the Signal name, not making an unofficial client per se. I know a bit about it because I develop an alternative signal client (a signal-XMPP gateway to be more accurate). That said, they don't help 3rd party client devs at all.
I can understand that if they didn't compile it themselves they don't want 3rd parties using the 'Signal' name.
The name is what their reputation is staked on, and if a third party compiled it they have no idea if malware is secretly packaged in there too.
Having said that, the smart move is to dedicate a few engineer hours to packaging it for every linux distribution and every app store, even the smallish ones, to prevent others trying to 'be helpful' and requiring you to send a takedown.
> the legal threats were about using the Signal name
that's just misleading misdirection.
Firefox have issues with the legal name, that's why the source is called by other names and the branding is added later on.
signal ties the branding with the code, so it is impossible to build from the canonical source without triggering the branding issue.
So, in practice, it is a convoluted way to annoy anyone releasing from source. And as we know, actually using open source software without a "distro" is insanity. You cannot trust 1000s devs. you trust the distro, the distro trust 10s of package maintainers, the package maintainers trust 10s of devs. and everyone is happy. I trust f-droid just fine. But i don't trust the person who is publishing every apk on random sites like signal.
Telegram Foss clients exist only because of unpaid volunteers that take Telegrams messy mix of open and closed parts and rip closed parts out and replace them.
The Telegram organisation is notoriously late to release the source code to their current release. If they do, its a giant squashed commit without proper changelog.
These releases must then be first wrangled by volunteers to be well buildable.
The Telegram Org itself gives no support to volunteers at all.
You can't register with Foss builds. Only official binaries.
Nowadays a lot of features are premium only. You can only get premium with official binaries. That part is closed.
Telegram has fully reproducible builds and is not that complicated to build, no issues there. They even have a guide on how to build & verify. [0] No need to wrangle or modify, generally builds as is (at least from my experience).
Granted yes, the version commits are squashed like you said. [1] However I haven't seen source release to lag behind store releases, any sources on that?
A couple months ago I actually verified a build of Telegram on my friend's phone as he thought something might be off and didn't have any issues there (the build matched).
This doesn't affect the user that downloads these from distro repos or F-Droid because every single update they get comes from the source code. There is never a lag even for 1 second because without the source code there are no builds.
Pretty much all the packages on Linux repos come from package maintainers taking upstream source code, removing parts they don't like and then building that. This is a normal part of packaging and building open-source apps.
Yes and thats why users spend sometimes months on old builds.
Also which distro packages Telegram?
Fedora doesn't.
Debian does but at times it was so old the client crashed from receiving server comms because it wasn't fully compatible. It actually crashed as in segfault.
All true. But where are the sources of Telegram server? They are not open source, simply! What are they actually doing with our messages? Only they know. And they can read them because by default there's no E2E encryption.
would it matter if the server was open source? You'd know have no proof what is what they run on the actual server anyway, nor can you use a custom server.
It can matter if you can trust them to do the proper thing, i.e. if you assume they are not a malicious entity. In this case, checking the server source code can give experts insights about possible security risks.
If you assume they are malicious, (a) I wouldn't use their product in the first point, and (b) of course they can do whatever they want independently from the published code.
This comment sounds like astroturfing to me. Telegram doesn't even provide secure chats by default. Everybody I've talked to was unaware that the chat was unencrypted until I pointed it out. That's before considering that 1) I don't consider the company behind Telegram in any way trustworthy, 2) the servers for Telegram are closed source and it's unclear what's running there. Signal's server code is open source and the github is actively updated. We also know who works on Signal, as well as their credentials, and they're reasonably trustworthy compared to alternatives.
> The released source code has lagged behind the version on the Google Play store by long periods of time many times.
Seems like FUD. This took me 30 seconds to check just now:
-Telegram's android source code git hasn't had a tagged release in more than two months and is several versions behind the android app (10.12.0 vs 10.9.1)[1]
-Signal's android source has a tagged release two days ago that is two releases ahead of the stable version on google's app store, and also lists the tagged release for the version that is on the app store.[2]
Telegram rolled their own crypto and is used for a lot of intelligence operations like monitoring dissident groups, promoting propaganda, recruiting agents, etc. That probably explains the push to discredit more private apps like Signal.
Researchers of Telegram's protocol have said in some ways it's weaker than TLS.
“Rolling your own crypto” is discouraged for programmers, not for field experts. It’s not your average joe’s first try at encryption writing a caesar cypher…
It's discouraged for field experts too. In practice, real crypto schemes go through several rounds of analysis by multiple teams of experts, often working against each other. It's unusual these days for a single company to come up with a custom crypto scheme. It was probably more usual toward the beginning of cryptography.
For example of this sort of vetting, take a look at the standardization around AES or the post-quantum schemes.
In crypto you're almost always relying on hardness assumptions that aren't provable yet. So you need to guard against things like accidentally haven chosen the wrong constants that collapse a problem's hardness. Or, more mundanely, making a seemingly reasonable engineering choice that is known to weaken the protocol and which would be caught by a big org with a thorough review, but a startup may not catch.
Can these alternative telegram clients be sure the keys the server sent are from the other client, with no MITM? (Honest question, I don't know the answer.)
Pure smear comment. Signal was and is the choice of personal messaging app for anyone I know who has ever worked in security or intelligence. That should say it all. Aside from apple, who did it because of them, it has set the gold standard for e2e chat. People moan about the phone number and “metadata” when in reality all this can be used for is to say yes x has a signal account and this is when they last used it. That’s it. It’s effectively useless to anyone. People moan about it leveraging the local social graph of the device it’s a necessary convenience for the adoption of any modern chat app. They go into great detail about how it is and isn’t used in a way that it cannot be used/viewed by others.
Frankly I’d bet half the people smearing it have X and Facebook apps installed on there phones and really aren’t serious people.
If I wanted to smear off topic I’d point out that telegram, along with the usual suspects, is a gold mine for intelligence gathering for what I’ve heard.
Any distro can have Telegram clients, both official and third-party, in their repository.
Compared to this
1. You cannot download Signal from F-Droid. You need to download it from the Google Play Store. The released source code has lagged behind the version on the Google Play store by long periods of time many times. One example was when they implemented cryptocurrency payments, pushed the update to everyone but no one could inspect the source code.
2. Signal has sent legal threats to repositories that package Signal. The repos either need to confuse users by offering the client under other package names or remove it.
3. They also send baseless threats to forks that use their server. Combined with their lack of federation, this results in people having to use multiple apps from different sources with a much larger attack surface.
4. They beg for donations in the app even though they made an app with payments and cryptocurrency integration with an obscure coin (which they were involved with and had ample opportunity to hoard before ever announcing it as a feature in Signal).
5. They claim to have privacy features that other messengers lack, but these features are based on known-to-be-broken technologies like Intel SGX.