It actually seems more like a windows 10 compatibility dilemma for developers. You can support older systems but it would require some effort. The problem is not the absence of some specific certificates, but the absence of newer ciphers altogether.

This does give security but also removes backwards compatibility with some clients that might be important for some websites.

Hard disagree on denuvo. If it’s no problem for you then you must have tons of experience in re. Which puts you into some 1%-ish group. Depends on the type of mods you do of course.

You can. Google steamless.

Steam DRM is nothing like stuff people should be aware of. Ask any modder for confirmation.

Well did it help Epic when they added achievements? Guess not much. Either they never marketed this feature enough or most spending users never cared about achievements on Epic.

If you mean just the percentage of users I might agree. But those people don’t really correlate with the users who provide most of the profit of the platform.

My profile is also not public but it’s visible to friends. Also I can make it public when I want.

There are also achievement statistics.

I see. Still, I can see that for many people achievements with no value are no better than their absence. Platform provides value, and for now only steam provides a lot of it with almost each purchase.

Are you serious? Obviously people don’t care about achievements on a platform that has almost no community-related functionality.

There is still plenty of fish for advertisers, sadly.

It’s barely anonymous, and poorly encrypted. The latter is the reason Durov is in custody

There is no logic here. If it was poor it would be very easy to track anyone including criminals. You can check the news to find the reasons.

There have absolutely been cases where a backdoor/weakness/lack of encryption used to catch criminals before

I meant telegram related cases.

Some are staying safe, others are being caught precisely because of this.

I didn’t see any proofs of that.

Using better encryption schemes is definitely part of that.

Part of what? I don’t get the point here.

is not any different from just having TLS for transport

Yes, in simple terms, all encrypted transfer protocols are similarly protected from mitm attacks.

That just means that they store both your data in some encrypted way and the key. They can still read it trivially.

They can and they said the decryption keys are always kept separately (there are probably more layers than I can describe) from the data to make sure the servers are not used to decrypt the data locally. They can be lying for all I care. The bigger problem is that people somehow assume this a huge threat, while all previous cases didn’t involve anything like that. People are getting into trouble for their public content - protected by some encryption but visible to anyone interested (who then report it to oppressive authorities).

While some go extra mile to explain to you how you should use e2e for your family group chats, real criminals do their stuff everywhere (especially on telegram) for years, staying safe. Problem is not how weak or strong the encryption is, but that once you are under oppression and do opposition activities, you’re going to learn by yourself how to deal with it. Signal will not save you from people in your group chats if they are there to report on you.

That’s not correct. Toy may call it TLS but it’s a custom protocol. Data is not kept unencrypted on their servers, according to their docs.

the messages are decrypted on the server

What you said means they can be decrypted on the server. But there is no proof of that happening in the past. People got into problems not because someone uncovered their content in telegram, but because that content was effectively public from the beginning.

You switched the topic of the discussion. My original comment stands, as it corrects some part of your first comment.

I didn’t suggest anyone to use telegram.

They have repeatedly worked with governments and worked against the interests of their users.

Even though those allegations are arguable, I know what you mean. And those cases don’t involve compromising the actual encryption from what I understand.

Ah yes, definitely go with a messenger that has known vulnerabilities in its crappy encryption protocol, instead of one with an actual secure E2EE implementation.

Feel free to go any way you want. I’m not asking you to use telegram.

You can still make encrypted backups

Spend time for that, and keep them where? Maybe also need a feature to sync them between mobile and desktop?

Only Telegram is too incompetent to do that.

Not an implementation issue but a trust issue.

Just stop lying. Telegram Secret Chats have been introduced in 2017

https://telegram.org/evolution see October 2013.

both Signal and WhatsApp have had E2EE (including for group chats!) for much longer.

Whatsapp had them inctorudec in 2016.

Are you mad that Signal is focusing on privacy and security by improving their encryption protocol, instead of wasting time on some UI garbage?

I’m perfectly fine with that. More apps using electron means less chance for my pc to run garbage applications on a regular basis.

keep in mind that Telegram can read all of your messages, as well as hand them over to governments.

Keep in mind that any person in your secret chats can read your message, copy or screenshot it and hand it to anyone else. Those people know much better if you’re doing anything sketchy (or something actually good but against their beliefs), than an app developer.

I think you are falling for the “genius inventor” fallacy clueless normies love a lot.

People advertising signal everywhere look like those kind of normies to me too. Doesn’t mean much.

The reason it’s not known to be broken is that it’s not a high value target - most people don’t use “secret chats” in TG.

Fair assumption. But it means you accept most people are stupid enough to not want such a feature or smart enough to not need it. Telegram user base is reported to be 900 million though.

Something not being standardized doesn’t mean it’s bogus.

Cool. So that gives people authority to say “if it’s used by signal and is standardized then it should be used by everyone”?

It doesn’t look like any of those are used by “major” messengers. Especially signal. This means “major” players prefer their own implementations, which removes the meaning from calling unused stuff a “standard”.