Telegram is giving away FREE Premium subscriptions! All they need from you is to use your cell phone as a relay to text out their OTP codes! And the recipient of the OTP sees your phone number! What could POSSIBLY go wrong with this deal?

PLEASE don’t use Telegram! I personally recommend Matrix as it’s totally FOSS, you can self host, there are tons of front end clients to choose from. Or even use Signal. I have my own issues with Signal, the fact they don’t allow third party clients, you can’t self-host, they have a proprietary shim in their stack that only they know what it does, they were pushing crypto, etc, but at least Signal is better than this garbage.

  • SteveCC@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    8 months ago

    I’d be interested to hear people’s thoughts about Signal and DeltaChat for messaging

    • communism@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      8 months ago

      Signal is fine for a drop-in WhatsApp replacement. I use it for chatting to my friends casually. For something you need more security for you could do encrypted emails as that doesn’t require exchanging phone numbers, or ideally just arrange to meet up in-person and discuss things so you don’t leave any kind of digital or paper trail.

        • communism@lemmy.ml
          link
          fedilink
          arrow-up
          0
          ·
          8 months ago

          Obviously you don’t have your phones on you. Otherwise what’s the point of meeting up in person.

            • communism@lemmy.ml
              link
              fedilink
              arrow-up
              0
              ·
              8 months ago

              Not if I don’t need to, like if I need to have a conversation with someone that doesn’t need to be overheard. In any case turning your phone off and putting it in a faraday bag then putting it somewhere relatively noiseproof should be more than enough if you need to bring your phone with you.

              • onlinepersona@programming.dev
                link
                fedilink
                English
                arrow-up
                0
                arrow-down
                1
                ·
                8 months ago

                Sounds like something everyone does for sure. When I sit in public transport or go out to eat, nobody has their phone one them, and if they ever do, it’s safely tucked away in a faraday cage 👍

                CC BY-NC-SA 4.0

  • rdri@lemmy.world
    link
    fedilink
    arrow-up
    0
    arrow-down
    1
    ·
    8 months ago

    What could POSSIBLY go wrong with this deal?

    No jokes, I’d like to know. How is it different from sending sms to random numbers?

    • Mubelotix@jlai.lu
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      8 months ago

      The issue here is that you could potentially read the content of a 2FA sms that wasn’t intended for you. It makes it easy too break 2FA if you have many devices

      • rdri@lemmy.world
        link
        fedilink
        arrow-up
        0
        arrow-down
        1
        ·
        8 months ago

        Logic suggests OTPs are locked to login sessions of corresponding users and also expire. Besides telegram would be able to tell if OTPs meant to be sent through you tend to not reach the recipients.

        • Mubelotix@jlai.lu
          link
          fedilink
          arrow-up
          0
          ·
          8 months ago

          Yes but you can login on an account and hope you will be the one selected to send the code

          • rdri@lemmy.world
            link
            fedilink
            arrow-up
            0
            arrow-down
            1
            ·
            edit-2
            8 months ago

            You mean you can try to guess someone’s number before they get an OTP through you in order to be the first to log into their account?

            Well then you’ll also going to need their cloud password in order to find anything worth of your effort.

            But anyway this is an improbable scenario, considering how vast the user base is, and if we assume telegram implemented some precautions.

            Malicious service providers and cloned sim cards pose a much more serious risk if you ask me.

      • rdri@lemmy.world
        link
        fedilink
        arrow-up
        0
        arrow-down
        1
        ·
        8 months ago

        No but what exactly stops anyone from doing that? A privacy consideration? I’d think it’s just a waste of time at best.