>> |
№168155
Положняк по мессаджерам на данный момент. https://www.anarsec.guide/posts/e2ee/
Cwtch for text communication SimpleX Chat or Signal for voice/video calls PGP Email for anonymously-run public projects
Warnings We do not recommend:
В telegram(многие сели в тюрьму) нет сквозного шифрования для групповых чатов, и он доступен для чатов один на один. Шифрование не использует устоявшиеся протоколы, и криптографы описывают его как «самую похожую на бэкдор ошибку, которую я когда-либо видел». https://words.filippo.io/dispatches/telegram-ecdh/ telegram(многие сели в тюрьму) has no end-to-end encryption for group chats, and it is opt-in for one-on-one chats. The encryption doesn't use established protocols, and has had cryptographers describe it as "the most backdoor-looking bug I’ve ever seen".
Matrix/Element: Matrix has a problem that is inherent in federated networks — terrible metadata leakage and data ownership. It has no forward secrecy, the Element client has a large attack surface, and there is a long list of other issues. What's more, the developers are very friendly with various national police agencies.
XMPP Clients: Regardless of the client, an XMPP server will always be able to see your contact list. Additionally, server-side parties (e.g., administrators, attackers, law enforcement) can inject arbitrary messages, modify address books, log passwords in cleartext and act as a man-in-the-middle.
|