Skip to main content

GPG encrypted backups on telegram

Project description

PGPgram

Python 3.x Support License: AGPL v3+

PGPgram example usage

PGPgram is a GPG encrypted backup/restore tool written in python using TDLib. It locally encrypts your files with GnuPG, before they get sent to telegram cloud.

Since version 0.2 it also backups youtube videos, playlist and whole channels.

Version 0.4 packages a pre-built windows binary.

Motivation

I've come to hate telegram. At the beginning, they were like "we're gonna open source everything after some time, we care about privacy", then

  • they've never released the source of the server (over 5 years have passed),

  • they didn't improve secret chats algorithm so that it could be the default way of sending messages without lacking features (going instead with a curious, to say the least) apology of unecrypted remote storage, despite aknowledging the existence of credential recovery schemes secure at least as their authentication;

  • they didn't ported secret chats to desktop;

  • they competed unfairly in respect to other opensource IM projects, locking in users with over the top short to last features made possible by their huge dollar backing (Durov), like not specified storage quota size (heck, what do you think you are, Gmail in 2004?).

  • their positions is not so much clear; regarding copyright infringements they put theirselves in a gray area; having strong opinions on the matter I am concerned that there exist loopholes in their statements.

So now telegram boasts itself as a privacy champion in the instant messaging space, although previous points tell us quite the opposite. Also, their press material is always very careful with words, so that their statements can easily lead uninformed users to think that their service is secure: they don't mention that's as true as when you say that Skype is secure, not as when you say that GNUpg is secure and you should know why.

So why did I write PGPgram?

I wrote it as proof-of-concept to show that it could be easy to have (whatever) encryption implemented by default on telegram. Not that counts anyway, because telegram API terms of services indirectly prohibit use of encryption over its servers:

it is forbidden to force users of other telegram clients to download your app to view CERTAIN messages and content sent using your app,

which is indeed what an encrypted by default version of telegram would do, even by keeping retrocompatibility.

It should be noted notice that PGPgram does not violate that rule, since the contents it produce are not meant to be shared with other telegram users.

At the time of writing it would be just a matter of time to convert PGPgram to a full fledged telegram client, using other encryption schemes that preserve message sharing among devices, forward secrecy or secret group chats and bots.

Installation

PGPgram is available through the Python Package Index (PyPI). Pip is pre-installed if python >= 3.4 has been downloaded from python.org; if you're using a GNU/Linux distribution, you can find how to install it on this page.

After setting up pip, you can install PGPgram by simply typing in your terminal

# pip3 install pgpgram

Archlinux

The packages pgpgram and pgpgram-git have been published on AUR.

MinGW (Windows)

The package pgpgram has been published on MinGW AUR.

Usage

PGPgram install a command line utility with the same name, pgpgram, that can be used to backup, restore, and list files. You can invoke command line help with pgpgram --help and get command options with

pgpgram <command> --help

PGPgram search

The application requires split, cat, dd, sha256sum and gpg to be present on your system, so maybe macOS users will need to make some aliases. At the moment file deletion is not handled because I reached time limit for unpaid development.

Backing up the backup

To backup your encrypted file list just put a copy of files.db (located in ~/.config/pgpgram) somewhere safe. If you need to import files from an existing PGPgram installation to another, you can use the import command over files.db.

About

This program is licensed under GNU Affero General Public License v3 or later by Pellegrino Prevete.
TDLib is licensed under the terms of the Boost Software License.
If you find this program useful, consider offering me a beer, a new computer or a part time remote job to help me pay the bills.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

PGPgram-0.4.tar.gz (7.2 MB view details)

Uploaded Source

Built Distribution

PGPgram-0.4-py3-none-any.whl (7.2 MB view details)

Uploaded Python 3

File details

Details for the file PGPgram-0.4.tar.gz.

File metadata

  • Download URL: PGPgram-0.4.tar.gz
  • Upload date:
  • Size: 7.2 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.1 importlib_metadata/3.7.2 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.59.0 CPython/3.9.2

File hashes

Hashes for PGPgram-0.4.tar.gz
Algorithm Hash digest
SHA256 d7115c38ab1f582906cef1bf41407dce474f59fab1e7b9f92ea66967e6100232
MD5 bb5afcf6d1478dd8a16e5251206eab06
BLAKE2b-256 c9e654f011eb68e42e262c621b56b913c7ca4feb47eb7cfba883ddd6af2bdbca

See more details on using hashes here.

File details

Details for the file PGPgram-0.4-py3-none-any.whl.

File metadata

  • Download URL: PGPgram-0.4-py3-none-any.whl
  • Upload date:
  • Size: 7.2 MB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.1 importlib_metadata/3.7.2 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.59.0 CPython/3.9.2

File hashes

Hashes for PGPgram-0.4-py3-none-any.whl
Algorithm Hash digest
SHA256 1667b793209674d2c54287e7338f04f5092cbc76ccf40252164d171e271cf449
MD5 9bd001bdbcb9e957836064d11a7e7937
BLAKE2b-256 119a825eb03b0e498a99fac73172e6ba4f12f1925e8981717d49c55b87af50cd

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page