search

Speek-App / Speek

Privacy focused messenger that doesn't trust anyone with your identity, your contact list, or your communications
https://speek.network
739 stars 68 forks source link

speek.network claims Telegram is not open source #14

Closed NayamAmarshe closed 2 years ago

NayamAmarshe commented 2 years ago

Pretty cool website but I just have a small nitpick. Telegram's apps are all open source. Currently, the website makes it look as if Speek is claiming telegram is fully closed source like WhatsApp. Would be better to at least add an asterisk and just write that Telegram server is not open source but the apps are.

ddcovery commented 2 years ago

Telegram offers an open API to connect your own client APP, but the server part of the API is private. It is a cloud centralized service that treats all your conversations in an obscure way (you know nothing about server components, architecture or repositories)...

Contrary to what Signal does: https://github.com/signalapp/Signal-Server

NayamAmarshe commented 2 years ago

Telegram offers an open API to connect your own client APP, but the server part of the API is private. It is a cloud centralized service that treats all your conversations in an obscure way (you know nothing about server components, architecture or repositories)...

Contrary to what Signal does: https://github.com/signalapp/Signal-Server

Yes, I agree but the client is fully open source, even though the server isn't and even if it were we couldn't have verifiable server builds just like Signal.

So I think instead of showing Telegram as closed source, there could be a yellow '-' sign and a text saying that the server code is not open source.

x3rAx commented 2 years ago

I agree with @NayamAmarshe. This also bugged me when I read through your website.

I'm in no way affiliated to Telegram, I'm just a regular Telegram user.

Don't get me wrong, I think the concept behind Speek is far superior over Telegram or Signal (at least regarding privacy). But I find it a bit unfair to just label Telegram as "not open source".

I think, especially regarding things like chat control the open source client of Telegram is more important than the server side and is still better than e.g. WhatsApp. The client is the part that holds the really sensitive data. I know that metadata can be heavily abused, but it's still something else than being able to read the actual messages.

And here we come to another concern I have:

Telegram is not end-to-end encrypted*

*The regular "Cloud Chats" (private and group chats) are only client-to-server encrypted, only the "Secret Chats" are end-to-end encrypted.^1

So I too think you should add a yellow minus sign (or similar) and an asterisk to give a short explanation why these two points (E2E encryption and open source) are only partly met for Telegram.

BTW: Thanks for Speek, I find it's a great idea to use hidden services on the "client" side to achieve decentralization :heart:

Speek-App commented 2 years ago

Thanks a lot for all your thoughts. We followed the recommendation of x3rAx and added a yellow minus sign and a short explanation to the site.