Sounds like I should stick to Signal that got this right from the get-go.

guappa · 2024-08-26T06:40:23 1724654423

apt install signal

Error: Unable to find the package signal

maqp · 2024-08-26T09:14:16 1724663656

$ sudo apt install telegram

Reading package lists... Done

Building dependency tree... Done

Reading state information... Done

E: Unable to locate package telegram

Also

$ sudo apt install signal-desktop-beta

[sudo] password for :

Reading package lists... Done

Building dependency tree... Done

Reading state information... Done

signal-desktop-beta is already the newest version (7.22.0~beta.1).

0 upgraded, 0 newly installed, 0 to remove and 5 not upgraded.

So, yeah.

guappa · 2024-08-26T12:26:50 1724675210

It's called telegram-desktop -_-'

> apt install signal-desktop-beta

Very nice. Too bad it doesn't exist. Making up package names doesn't magically bring them into existence.

So, yeah.

maqp · 2024-08-27T04:00:39 1724731239

Beta version:

# 1. Install our official public software signing key wget -O- https://updates.signal.org/desktop/apt/keys.asc | gpg --dearmor > signal-desktop-keyring.gpg cat signal-desktop-keyring.gpg | sudo tee -a /usr/share/keyrings/signal-desktop-keyring.gpg > /dev/null

# 2. Add our repository to your list of repositories echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main' |\ sudo tee -a /etc/apt/sources.list.d/signal-xenial.list

# 3. Update your package database and install signal sudo apt update && sudo apt install signal-desktop-beta

https://support.signal.org/hc/en-us/articles/360007318471-Si...

Non-beta version:

# NOTE: These instructions only work for 64-bit Debian-based # Linux distributions such as Ubuntu, Mint etc.

# 1. Install our official public software signing key: wget -O- https://updates.signal.org/desktop/apt/keys.asc | gpg --dearmor > signal-desktop-keyring.gpg cat signal-desktop-keyring.gpg | sudo tee /usr/share/keyrings/signal-desktop-keyring.gpg > /dev/null

# 2. Add our repository to your list of repositories: echo 'deb [arch=amd64 signed-by=/usr/share/keyrings/signal-desktop-keyring.gpg] https://updates.signal.org/desktop/apt xenial main' |\ sudo tee /etc/apt/sources.list.d/signal-xenial.list

# 3. Update your package database and install Signal: sudo apt update && sudo apt install signal-desktop

https://signal.org/download/

guappa · 2024-08-27T05:50:46 1724737846

Do you not see any difference with this and "it's included in the distribution and vetted by a distribution developer"?

maqp · 2024-08-27T06:27:05 1724740025

No. The way I see it, I'm downloading an open-source, *always* end-to-end encrypted desktop-application Signal from official repository, instead of downloading an open-source *never* end-to-end encrypted desktop-application Telegram from official repository. Having to add the ppa is 10 seconds of additional trouble. I'll live. Without end-to-end encryption, a lot of dissidents however, might not.

guappa · 2024-08-27T06:44:02 1724741042

10 seconds of additional trouble, a lifetime of root access to a 3rd party :)

maqp · 2024-08-27T13:34:38 1724765678

What? You have factual evidence Signal's apt repo is installing rootkits to people's computers? Let's see it.

guappa · 2024-09-02T05:39:09 1725255549

I have factual evidence once you add it they have root access.

I can't predict the future.

maqp · 2024-09-07T16:00:13 1725724813

So, you have nothing. Best of luck.