server is now officially closed source, making it de facto a worse-looking telegram.

@danielinux @mmu_man That’s just not how it works.

While I agree that this is sad, something is not closed source just because the code is not public.

@danielinux @mmu_man To be more clear : there’s nothing in the (A)GPL (or any other common FLOSS licence) that requires the code to be public.

The only thing is that the code must be shared with users that ask for it.

@Arcaik @mmu_man

The problem is not just an AGPL violation here, even though the license explicitly requires to show the code if you are providing a service on top of it. According to AGPL-3, if you are using the service you are the user. Good luck anyway submitting such a request to them at this point.

The actual problem is that is no longer willing to publicly share the sources of their server platform, which is what users criticized the most about others in the past, in particular.

@danielinux @Arcaik @mmu_man also, telegram had at least plausible explanation ("we were going to make server-side source code open from the start, but then we were tipped that a certain government is going to use them to set up their own surveilled messenger and block Telegram on its territory, so that people would not complain too loud because there is a government-managed alternative which is just as great but surveilled; and we had to scrap our plans").

I don't think there is any explanation from Signal?

@IngaLovinde @danielinux @mmu_man > I don't think there is any explanation from Signal?

AFAIK, they develop new features internally (in this case username support) and release when it’s done.

@IngaLovinde @danielinux @mmu_man Also what you say about Telegram wouldn’t apply to Signal. Signal’s server is mainly a way to put people together, but it doesn’t really stores users data or metadata. Even if you hijacked signal’s infrastructure, you wouldn’t be able to access too much PII.

Telegram otoh is a shitty messenger with no end to end encryption by default, an unknown, in-house protocol, plain text backup, etc.

@Arcaik @IngaLovinde @mmu_man

What you are saying about signal server is true as long as you trust that they are doing things the way they tell you. (E.g. run a server that is similar to the sources they publish).

N.B.: I am not defending Telegram here, only saying that signal has become redundant now that they cannot claim server transparency anymore. On top of that, there is the unbearable attitude of its developers, who fight against decentralization (as a general concept), possibly on behalf of someone else leveraging on their charisma on a certain community, and strongly opposing to alternatives to G push notifications and playstore distribution. Even the telegram-gpl client is better than that.

@danielinux @IngaLovinde @mmu_man All of Signal’s encryption is happening on the endpoints, what do you think they could do on the server side that would undermine your security or privacy?

@danielinux @IngaLovinde @mmu_man I’m not defending Signal on this specific topic (not sharing the code is a super shitty attitude), but what bugs me so much is that you jump to wrong conclusions when there are litterally dozens of topics in various forums and people that actually try to clear the situation.


@Arcaik @IngaLovinde @mmu_man

Not jumping anywhere here.

Never been a signal user, neither will I ever install it, because I've never trusted the people behind it and their silly arguments. And for a number of other reasons that are not new.

Check this old toot, for example:

Or read more about the way they interacted with , or to multiple requests to publish on -droid, or to add a different notification strategy, like a websocket interface.

I don't trust Telegram 100% but it's "good enough" for my everyday use, easier to install on a de-googled phone, and made by people that know how to interact with other people.

· · Web · 0 · 0 · 0
Sign in to participate in the conversation

Un'istanza mastodon antifascista prevalentemente italofona con base a Bologna - Manifesto - Cosa non si può fare qui

An antifa mostly-italian speaking mastodon istance based in Bologna - About us - What you can't do here

Tech stuff provided by Collettivo Bida