I see the author recommended Signal - it's worth noting the German armed forces use a self-hosted Matrix installation! [1]
[2]:
> It is an easy strawman to compare Signal to technology from the 90s and completely ignore IRC and Matrix, especially now that Matrix has started growing: Element recently gained Series B funding of about 30 million, how the French government has completely adopted Matrix in the government and all the German armed forces are connected to Matrix. Even though Matrix is not as well-known as Signal, it is already considered the messaging app of choice for top-secret communications. Matrix offers not only protection for you against a government, their scope is big enough for governments to get protection against other governments.
Matrix had a horrible UX last time i tried it out less than a year ago. I see this comment in ever thread that says use signal.
I host pretty much everything myself but I am not about trying to teach every person i want to talk with to not only download a new app but then walk them through how it works.
Signal is truly some awesome tech and I don’t understand the hate.
The Terrible UX is in part from the protocol, clients can't fix that (just look at the absolute mess that rooms are). And still no support for custom emoji or stickers.
Rooms don't form a cohesive set of channels that one can join, rather the group together a bunch of channels. If I, for example, setup a #rules channel in a community room, then I cannot ensure that users are reading this channel, which contains vital information about the operation of the community. Same for announcement channels for events. Instead of people joining a server community, they join a bunch of bubbles formed by the people using only subsets of the channels, without being able to direct the overall community. This is poor UX for both the user and the community operators.
1. it is not free software
2. you cannot use your own clients/server
3. you are tied to your mobile number
4. it is not able to communicate with other networks
5. people shilling for signal do not understand that it is currently just whatsapp but not owned by facebook/meta. who knows if that could change just like whatsapp changed.
and maybe more but this is the jist of it...
i do understand matrix by default has a learning curve but there are dozens of clients that cater to a variety of users. you can pick and choose whatever you like, all you have to do is some experimenting
free as in "open source" not free as in free software. you cant do squat with the software, you cant submit bug fixes or fork and roll out your own. this is for complying with license requirements.
oh, also the github repo last i heard was very far behind in commits from their internal live branches. they push to github as an afterthought
i am basing these "assumptions" based on what matrix offers. why is matrix the polar opposite of these "issues" then?
what benefit do you get from "centralization" of signal at the hands of moxie that you cant get from a decentralized nature of matrix which is similar to what we call today as "Email"?
sure, that is why i said "complying with open source" but at the same time not being free software. sure its not actively hostile towards users like whatsapp is but it isnt much better anyways. i m not asking for a right to submit bug fixes. the reason i am sticking to that is because they grant me that right and for me, that is a big deal. the whole concept of "free software" is about the community helping each other to build software that can solve problems, not comply with the letter of the license and sticking with that.
>The company owns the code copyright, so they can choose to release any part of the code they wish; they can delay as much as they want.
so tomorrow there is a severe flaw found in the code of the app or the server and the company can decide to wait it out and internally fix the issue after a long time without users knowing about it and then they release the fix as a normal thing, sure they have every "right" to do that but is it really fitting to what we today associate with free software community? imagine that with say the linux kernel. people would sit on zero day bugs with fixes just because they "own" the copyright.
> i am basing these "assumptions" based on what matrix offers. why is matrix the polar opposite of these "issues" then?
Because it has different objectives?
> what benefit do you get from "centralization" of signal at the hands of moxie that you cant get from a decentralized nature of matrix which is similar to what we call today as "Email"?
If this is actually a good faith question (despite the overwhelming amount that's been written by a lot of people explaining exactly this point), I suggest you stop and think about what the answer might be. Then maybe go and read what Moxie (and others) have written setting out their values and why they chose a particular direction. You don't have to agree with it, but consider that others do.
> the whole concept of "free software" is about the community helping each other to build software that can solve problems, not comply with the letter of the license and sticking with that.
No, "Free Software" is about ensuring the end-user's freedoms (see Stallman etc.). The signal client and servers are both open source and free - if you want to take apart, modify and run your own instances of them, you're free to do so. The restrictions that Signal likes to impose is about connecting to their instance of a service. This has nothing to do with Free Software.
> so tomorrow there is a severe flaw found in the code of the app or the server and the company can decide to wait it out and internally fix the issue after a long time without users knowing about it and then they release the fix as a normal thing, sure they have every "right" to do that but is it really fitting to what we today associate with free software community? imagine that with say the linux kernel. people would sit on zero day bugs with fixes just because they "own" the copyright.
This is literally how modern software development works for most large projects. Open source doesn't grant you the right to view every single commit that eventually makes it into the tree at the point that it is created.
> but I am not about trying to teach every person i want to talk with to not only download a new app but then walk them through how it works.
As soon as they find out that a feature is lacking in Signal, they will just revert to the previous messenger that they were using.
> Signal is truly some awesome tech and I don’t understand the hate.
At least Element/Matrix is decentralized and is not just deployed on Google's Cloud as a centralized server and also doesn't have a untraceable ponzi cryptocurrency called MobileCoin as a feature that allows dark-net criminals, terrorists and extremists to fund their activities on a private blockchain.
Now I can see why Signal is so attractive to dark-net criminals and extremists, but it doesn't matter since the only way to stop them making those private transactions so easily on Signal is for Google to take down Signal's GCP instance.
> Signal is truly some awesome tech and I don’t understand the hate.
Signal has a frustratingly terrible client that I curse every day.
But, I can sort of live with that.
The big problem with Signal is that it has a proprietary client with no supported alternatives. The other fundamental problem with Signal is that it requires a phone number registration. I did it because I only use Signal to chat with some friends, but if I had to use something for truly private communication there is no way I would ever tie identity to a phone number.
> if I had to use something for truly private communication there is no way I would ever tie identity to a phone number.
This is a confusion of terms. Privacy doesn't entail anonymity. Having a private conversation means exactly what Signal is offering: peer to peer encrypted communication. What you are referring to is a secret conversation.
Signal is awesome as a replacement for SMS and any messenger using telephone number as ID.
It's a bit odd that it's a deal breaker for you to keep your phone number private with signal, as that would be your only option to communicate (via phone) if no messengers existed.
Before messengers, people used "phones" to communicate. The _only_ way to use these phone things were by exchanging that very same phone number that you want to keep private.
Before the Internet (at least, Internet available to people outside a few institutions), caller-id was either not available at all or an extra-cost service you had to pay for.
So the normal case for a ringing phone was that you had no idea who was calling or any way to get the number. Those capabilities came later.
You'd look up someones phone number in the white pages and anonymously called them. Which of course was a source of much entertainment for us kids of the 70s and 80s.
Now, of course, the phone company knew both numbers, so there wasn't any privacy in that sense.
Signal (the company) doesn't tolerate any clients other than their proprietary one so that's not a reliable & open solution.
I also use signal-cli, so I know some of these work, but it's not something I'd rely on for anything important since it can be squashed at any point on a whim.
OP: I’ve heard the term “the Ukraine” is offensive since it implies it’s an area, not a country. Consider editing out the “the”.
I’m also a huge fan of Signal and exclusively use it, but Telegram’s wide adoption is evidence that Signal’s feature set is lacking. Only very recently could you restrict group messages to admin-only. Group permissions aren’t granular. It still requires your phone number. You can’t transfer backups across platforms. New devices don’t get old message history.
These things really need to be addressed before it goes anywhere, it’s very hard to get users to make the trade off for a feature they can’t actually see.
Of course Signal's feature set is lacking. It's lacking by design. Signal makes different tradeoffs than Telegram; that is the entire premise of Signal: if there is a reasonable choice to be made in favor of security at the expense of UX, Signal will choose security, and Telegram will choose UX. It's literally part of the identities of the two different services.
This really twists people up in knots, but it's not hard to understand, even if it frustrates you that you get a poorer user experience in the messenger that has the cryptography you want (or poor-to-nonexistent cryptography in the messenger with the user experience you want).
Matrix/Element sure manages to do a lot of features that Signal doesn't. I'll admit the UX is not perfect, but it's not really that bad either; it even has a couple of UX advantages over Telegram, especially if you want to use the E2EE private chats in Telegram.
Signal could undoubtedly offer more features. Lacking granular permissions in group chats, for example, is not something I read as being "by-design". The phone number one is by-design, but I do not really agree it is a good security choice.
Regarding “the Ukraine” I obsessed over this a few years ago and asked every Ukrainian I knew (about 20 people). They had no idea what I was talking about and regarded as purely a quirk if the English language that has nothing to do with anything.
We also refer the Netherlands, the Philippines, the Bahamas, and occasionally even the Sudan.
The Ukranian language, like many Slavic languages, does not have definite/indefinite articles at all. In other words, the word "the" does not exist in Ukranian.
I had it explained to me The Ukraine comes from "The Ukrainian Soviet Socialist Republic" So its offensive as it doesn't acknowledge their new country.
That's actually a security feature.
If this is possible on Telegram, than Telegram is not secure because 1st they store your message history and 2nd if some third party could register a new device for your account they not only get your new messages but also your message history.
Not necessarily - Matrix E2EE supports this by allowing your new device to get all the encrypted message history, and allowing you to send the decryption keys to the new device from a backup or old device directly.
this is how e2ee is wrongly purported to be only OTR communication that is one time only. there is no reason if you have the keys why you cant restore them somewhere else also. you are responsible for maintaining the keys, not the software.
John Q. Budweiser doesn't recognize (or intend) it as offensive; it's just an "oh, that's how I heard it once; they must know." Romance languages always seem to use the article; I think it's German that really highlights the distinction of use of the article corresponding to an area or confederation (die Türkei, die Schweiz).
"Ukraine" means outskirts, so one way to read it is that "Outskirts" is clearly the proper noun of a country, where-as "The outskirts" is a territory.
"The US", however, means "The United States", which makes it really clear that you're talking about the States as a nation (or at least as organized states) and gives it a lot of resistance to this nuance. The cleanest equivalent would "America" vs "the Americas", but because that's clearly too broad. Where a single article is all it takes to change the implication in the case of Ukraine, here we'd need more explicitly refer to the land, like "the continental US territory".
It's also worth noting that no one would be scrutinizing statements about the US in the same way because it doesn't have a context that puts it in dispute. At least in casual contexts, inaccuracies are often overlooked when what you meant to say is clear and uncontroversial.
When it has a capital letter at the beginning, it’s perfectly clear that we’re referring to a country, rather than “the outskirts”. When our text is in English, it’s clear that “Ukraine” refers to a country, not “outskirts”. This is downright ridiculous and it’s annoying that some people are so deficient in application of contextual understanding that they criticize others in this way. Be nice to people and stop playing word police. This isn’t Reddit.
Ukraine means «fortified area»: укріплення (fortifications) + край (area) = україна (ookruhїnuh, Ukraine). It's a number of fortification lines built to protect Europe from eastern nomads. Russian are replacing Oo by Oh at the beginning to make «Outskirt» (of Moscow) in Russian language. Don't spread falsified version, please.
One of the French engineers, who built fortification lines, Guillaume de Beauplan[0], created the first map (1639) and wrote a book about Ukraine.
It was correct to refer to these fortifications as «The Ukraine» before Ukraine received independence from the Russian Empire, but no longer.
“The US” or “the Netherlands” are not offensive to either.
Ukraine specifically asked/ stated through official channels that it considered using “the” was inappropriate around the time of its independence and it should be fair enough to respect that. It seems to come from the transition to independence and trying to assert its brand of being more than just a region as “the Ukraine” was a sort of informal way to refer to the soviet republic, an image they are and have been obviously motivated to distance themselves from.
Other places don’t have this historical reason to dislike “the” or equivalents in other languages.
The US constitution even begins “We the People of the United States”, so we’re probably fine with it :)
We’re not discussing the local language, we’re discussing the English language.
If you add the type of government, then you use the. Mexico alone doesn’t use it, much like Ukraine doesn’t specify the type of government so it’s omitted.
I'm not sure plurality is the distinguishing feature, since you have The United Kingdom, The Czech Republic, and The Gambia. But none of that really matters; if the country says it doesn't use the definite article, it seems pretty straightforward to not do so.
Those are modified by kingdom and republic. There are many kingdoms and republics, which is why you identify it with “the”. That’s not what’s happening with Ukraine.
The Gambia is an edge case, as it’s requested by its government. From Wikipedia:
“The Gambia is one of a very small number of countries for which the definite article is commonly used in its English-language name, other than cases in which the name is plural (the Netherlands, the Philippines) or includes the form of government (the United Kingdom, the Czech Republic).“
Interestingly, in many languages you often would, but it depends on the specific country. Both French and Portuguese use the definite article for most countries but not all.
If I were speaking French or Portuguese, I would definitely say "the Mexico" (le Mexique, o México), "the Brazil" (le Brésil, o Brasil), and "the France" (la France, a França).
English has some traditions of using definite articles for singular proper geographic names. People have found some patterns in this, but my impression is that it's something that can be quite irregular in individual languages, and not consistent between languages, either.
The use "the Ukraine" sounds natural to me as a middle-aged native English speaker; my impression is that "Ukraine" has replaced "the Ukraine" in most references only because of the request of the Ukrainian government, and not because of any grammatical concern with proper names using definite articles.
But it's definitely possible that there is a pattern in which geographic features other than countries more likely to bear the definite article in English, while countries are less likely to bear it, and if there were such a pattern, we might be unconsciously aware of it and not be able to articulate it easily, much like many other patterns in language.
So I would encourage people not to say that it's illogical to use definite articles with proper names, including geographic names -- it can be traditional and even obligatory in English and many other languages! -- but also not to say that it's obvious that there are never any possible connotations to be drawn from such use in English (that governments might want to avoid, as some people are saying has happened here).
Brits calling the US "the colonies" would be a better comparison.
"The Ukraine" is how the Soviet Union referred to the country when they ruled it. Modern, independent Ukraine does not want this association anymore (and rightfully so).
I think the most relevant history is the autocrat leading an invasion saying their nation is not sovereign. Agreeing with that statement would be rightfully upsetting.
No, the US is not particularly offensive. 'The Ukraine' specifically is offensive, because it is how Russia calls Ukraine, (kinda like implying it's The Ukraine of Russia)
But the russian language doesn't have definite articles, right?
So is that how Russia calls Ukraine in international announcements and such? Do they even translate their messages to English themselves? I thought it was all in Russian and we translated
If it's not that, what would be the equivalent of the definite article in russian? Maybe it's some other grammatical element that implies the same thing or something similar?
This is actually kind of interesting from a linguistic perspective. I never knew definite article could such meanings in english
> I’ve heard the term “the Ukraine” is offensive since it implies it’s an area, not a country.
I've heard it's offensive because that is how the Russians
said it in soviet times before Ukrainian independence which made it simply "Ukraine" in its constitution.
Slight nit - they used to say "on Ukraine" (на Украине) as in /on Ukrainian land/. In contrast to the term "in" - "in Ukraine" - which is something you would use to reference an entity, for ex. a country.
It's accurate it's an old Soviet mind game to put Ukrainians in their place. It's the same for Kyiv, in Russian it's Kiev. It's not the same as "The X country" there's a deeper history to it. In Ukraine their language doesn't even have the equivalent of "the".
Russian doesn’t have the definite article either, right? So it can’t be a Soviet mind game. In fact “the Ukraine” was common throughout the 19th century (check ngrams.google.com).
I intend to continue saying “Kiev”. I also pronounce the S in Paris. I don’t like the trend that a country’s rulers are allowed to tell us all how to pronounce/spell its name.
Deeper history aside, obviously no one has any negative intention in saying it in their comments. Everyone knows what they mean. It’s flatly unhelpful to go around constantly correcting people.
Nobody said there was a negative intention. Instead, somebody asked somebody else to edit a post. "Hey, I didn't know that bothered people. I'll change it." That's an easy response that makes the world a better place in a small way.
"The Ukraine" is an area. It's the land between Russia and the rest of Europe (it literally translates to "borderland.") The country of Ukraine was named after it. Furthermore: The Article is added when territories become disputed, which is the case here (although it's odd that the groups pushing for its use most often are the ones insisting that Russia is in the wrong by creating the situation.)
As to the IM apps: they're all crap. Everything on smartphones is there either to tie you to a corporation, sell you something, or sell you to something. XMPP has E2EE (the same way signal does), push, carbons ("message backups") etc but no one uses it because it lacks the PR that these larger apps with companies behind them have.
Can you tell us from which language you translate, please?
If you translate from Russian language, then note that Russian language was not existent when the term «Ukraine» was coined (1639). In Ukrainian and Polish languages, Ukraine means «fortified area» or «fortified country». Even Russian language has words like «укрепления» (fortifications), «укрытие» (cover) and «край» (land, area), thus meaning of word «украина» should be obvious even for Russians. However, they exchange Ukrainian word for Russian word «окраина» («outskirts», «околиця» in Ukrainian), to dismiss Ukraine as independent country.
> You need to work on your facts. The term was coined several hundred years before 1639.
Of course, the term «ukraine» was used for centuries before founding of Moscow, but in 17th century the set of ukraines was built on territory of former Russia (now Ukraine), so the whole territory of former Russia got name «Ukraine». From usage of the word it's easy to guess it's meaning: a land with fortification, which protects it.
> I would guess the /u/ - /o/ change happened for the same reason that the Russian word for "Russia", named after the Rus, is "Rossiya".
Rossiya is the late transcription of the word Russia to Cyrillic.
Originally, Russia meant the town of Russia (now: Old Russa, Старая Русса) or «red». In times of Justinianic plague (541–549 AD), original Russians abandoned their town and spread around large territory, between Azov sea and Spain, trying to avoid plague.
About century before that, Volyn kingdom, last kingdom of all Slavs, was broken into pieces when king Muzhyk (Brave) was captured by Greeks when he helped his brother to raid Byzantine. Russians (now Ukrainians) captured the city of Kyїv and start to rule 9 Slavic tribes in the freshly formed country. In Ukrainian, suffix -sia (-ся) means here/there/self, so it was dropped, thus the name of Russia shortened to just Rus, while keeping it original spelling at West.
When Moscow tsar Petro I captured Russia(now Ukraine), he appended «tsar of all Russia» to his title. Moscow tsar Caterina II, born in Prussia, renamed Moscow kingdom to Russian Empire and directed to return all correspondence sent to old name, so most Western countries started to call Moscow kingdom as Russia (except very few, which still know Ukraine as Russia, which is used by Russians to confuse people).
However, two Russia's created confusion in Moscow kingdom, so they refer to old one as Rus, while refer to modern one as Rossia. It has nothinh to do with «ou» to «o» (oh) and «u» (oo) transition.
It's similar to how RF captured their seat in UN: they never formally accepted into UN, so they just switched the country name on the table.
> Rossiya is the late transcription of the word Russia to Cyrillic.
This could be true.
> Originally, Russia meant the town of Russia (now: Old Russa, Старая Русса) or «red».
This is an ideologically-motivated delusion, more or less on the level of the Indians who are willing to claim that the Aryans were indigenous to the subcontinent while ignoring the linguistic and genetic evidence. Russia refers to the Rus in the same way that France refers to the Franks and Serbia refers to the Serbs.
It's written history. If you know Russian, just read chronicles.
> This is an ideologically-motivated delusion, more or less on the level of the Indians who are willing to claim that the Aryans were indigenous to the subcontinent while ignoring the linguistic and genetic evidence. Russia refers to the Rus in the same way that France refers to the Franks and Serbia refers to the Serbs.
Ideologically motivated delusion for Russian Empire was to be descendants of Rome Empire via Byzantine and Russia (Ukraine). No Emperor of the time wanted to draw their line from a bunch of bastards of unknown origin, which did raids on neighborhoods. The town of Russia moved up of the Russia (now Porussia) river, but it is still present on the map.
Russia is not a Slavic word, so you cannot draw such parallels. When Russians captured Kyїv (Oleg of Novgorod killed Ascold and Dir, Slavic rulers of Kyїv, in 882), Russians declared Kyїv as mother for Russian cities, but Russian were assimilated by Slavs, so they forgot their native language and started to use Slavic language, so, with time, name of their country was changed according to rules of Slavic language.
I was expecting more than "Telegram bad, use Signal".
In times of war, internet service is likely to be unreliable. Are there any messengers that support a mesh-based store-and-forward model, that do not require an internet connection?
I think it's also worth thinking outside of the digital box. Radio - CB/ham/amateur radio in particular - requires no infrastructure and is far more expensive to block than the internet.
Note that Briar's darknet nature makes it not have a shared/social store-and-forward system.
However, it does exchange messages with contacts whenever possible, recently added a file-based message transfer method (think dead-drop USB/microSD), and gossips message DAGs in forums and group chats (forums lack a leader; groups chat leaders can kick a member out but have to personally invite every member).
> Radio - CB/ham/amateur radio in particular - requires no infrastructure and is far more expensive to block than the internet.
Very true in peace time, but it's in clear and easily traceable which makes it dangerous in war time; also there's little development in encryption over HAM/CB since it's illegal pretty much everywhere; encryption devices can be added externally, although for the above reason they're not immediately available at the next radio shop.
Moreover, nowadays military forces can pinpoint immediately the source of a rogue transmission by measuring the phase delay of a signal on multiple fixed antennas, that is, they don't have to waste time while pointing directional antennas around to find the direction; therefore you push the PTT and after a fraction of second they have your location on the map. Now I'm not sure the Russians have this infrastructure in place in Ukraine, but they could if they wanted.
- Governments, because it doesn't block easily what they want (happens in most western countries, including my own)
- TV/Media as they don't know/care about facts and just bash whomever is talking bad about them or local gov (as my local media does)
Meanwhile most news and videos I see in media, twitter accounts that media quote, are actually on Telegram groups first. There is plenty of them, one that I watch is close to 1 million people and this platform handles such groups (and larger) perfectly. It has native clients for many platforms that beat anything else in performance and memory consumption by a factor of 10. It introduced direct translations in the app, so anyone who doesn't speak Ukrainian and Russian can actually follow up on their own. It allowed distribution and updates of their app outside of google play store and that version has no restrictions enforced by governments.
I see so much "Durov is a Russian agent" stuff online, but still somehow Telegram is on of the main sources of information for average people - if they know it or not.
That's such a bad take it's not even funny.
An asset like Telegram works best if it pretends to be neutral and only leaks information to one side of the conflict.
But does it leak? Is it any different than any other social network? It's well known that big networks simply sell your data if you pay handsomely. Facebook does that on a large scale, even including partial messages content. Heck, it was recently confirmed that Messenger was used to coordinate Chechen's attack recently. Does it make FB compromised by Russia? How one even compare these networks?
Why don't you call Messenger an asset? Or google maps after recent revelations (that may as well be bullshit) that it was used to coordinate bombings?
Everything centralized is a potential intelligence asset it's for you to decide whom you are willing to potentially give your data to. For the leaking part with not encrypting all private messages and no encryption support for group messages everything screams for a oops didn't meant to scenario. Software problems or hacking it will read: "We couldn't have done anything, sorry. Next time just enable encryption mhmkay?"
And what's great is that when you add someone as a contact, you become a potential mule for transferring encrypting messages they're sending to others contacts you've also added as a contact that are not in range.
This could be extremely valuable when the Internet access is cut off.
It's working rather for small groups that actually have mutual interest, not random people from the internet. It has forums, blogs etc., I used similar project in a group of friends I know in person just to talk and share files directly and I was surprised how well received it was.
Friends of a friend did the following as Syrian refugees:
Create multiple Facebook accounts with fake names. Rotate through them, since people will be captured + tortured, which means the accounts will be repeatedly compromised. Trade Facebook account names in person when possible.
Establish code words / messages to establish safety of accounts over time and geographic distance.
Don't put anything secret or personally identifiable in the account, and maintain plausible deniability ("these are Facebook friends. I don't know them in person").
That way, when you or your acquaintance gives up the password, the torturers don't get much actionable information.
The torturers have two goals: obtain actionable intelligence (you don't have any to give), and find more sympathetic people to round up (you have a list of internet handles of random internet people).
Note: This works great if your threat model assumes the operator of the server is not colluding with the authorities, and that https is working.
That's a good assumption for Facebook in Syria, and in present-day Ukraine/Russia.
It’s more complicated in a time of war and security in the presence of a state actor becomes much harder. Many messengers (e.g. WhatsApp) support e2e encryption. However, just having e2e encryption is not enough and there other things to be taken into consideration (ordered from more to less concerning from my pov):
1) The device will have unencrypted messages and keys. If device gets into wrong hands (e.g. owner gets killed or captured) then those can be read by an attacker. Even using disappearing messages might not help since OS can cache things or take screenshots saved somewhere (like iOS does).
2) Any group chat communications are increasingly less secure than 1-1 chats. There might be spies in the group or legitimate participants might get killed (see above). There is a trade off between efficiency and security.
3) The state actors might have ways to compromise devices through malware and get access to decrypted messages on the device through screen capture or directly in storage.
4) There might be unknown zero-day vulnerabilities exploited by state actors that are not known to developers of e2e encryption.
The bottom line is that e2e encryption is better than nothing but it does not offer 100% protection. As any other communication methods, there are inherent risks associated with distributing information to more people and these risks need to be taken into account.
Meh, smart phones like web browsers are inherently insecure. I did some work towards a secure communications gadget for use with an Android phone, but gave up when I realized that there was no way to stop malware from activating the phone mic and listening in on you anyway. Also, these apps don't do much helpful to conceal metadata, which is more important than content in a lot of ways. Depending on what you are trying to defend against, you may have to go full Spy vs Spy, e.g. with spread spectrum radio or optical comms below the noise floor.
My favorite saying about security is by the cryptographer Silvio Micali, who said "a good disguise does not reveal the person's height". Be careful out there.
I was working with some of my friens on educating fellow Ukrainians of dangers of Telegram. Here is a short writeup in Ukrainian summarizing the risks. It also recommends Signal as an alternative. Please share this with your ukrainian contacts who are using Telegam: https://docs.google.com/document/d/1l1UD87X2mvOw0_PLuedsSKve...
This is the opposite of secure communication but in case the internet is switched of, cellular networks taken down and communication centralized, it will be a very reliable source of information from outside.
While the security of centralized messaging is potentially an issue, one thing I don't think we've got a global consensus on tech-wise is point-to-point systems that will work with smartphones and no internet.
I know there's a number of approaches out there, but I haven't seen anyone solving the problem of doing offline-relay from device to device with the goal of getting the message out to a wider aggregator without internet access.
What about GNU Jami?
It's completely decentralized and can be activated without a phone number.
It's a bit immature, but it works for the standard use cases.
In case Internet connectivity went down, you can can easily create a cheap message gateway with an Esp32 and Lora gateway. Another option is using of CB, but it's not encrypted.
This might seem like an old school idea, but may work if all forms of "modern" communication are out of reach. As in you have no access to cellular at all.
Trusted ham radio operators with one time code books, but with some kind of "protocol" upgrade to somehow establish trust. Just thinking off of the top of my head here.
Russians do not give a fuck. Their military is out there communicating all their messages by radio on open channels. The Ukrainians are listening and that’s why they’re doing well on the defensive. All the NSA geeks with their cryptography breaking quantum computers have nothing to contribute.
Quantum computing has very little to contribute in the context of strong symmetric ciphers whose keys are shared through a secure channel (in-person, or via One Time Pads, etc), if they were to choose to do so.
[2]:
> It is an easy strawman to compare Signal to technology from the 90s and completely ignore IRC and Matrix, especially now that Matrix has started growing: Element recently gained Series B funding of about 30 million, how the French government has completely adopted Matrix in the government and all the German armed forces are connected to Matrix. Even though Matrix is not as well-known as Signal, it is already considered the messaging app of choice for top-secret communications. Matrix offers not only protection for you against a government, their scope is big enough for governments to get protection against other governments.
[1]: https://www.heise.de/newsticker/meldung/Bundeswehr-setzt-kue...
[2]: https://digital-justice.com/articles/skip-signal.html