> Advanced users, which need end-to-end encryption and are willing to trade a bit of usability for improved security guarantees, are able to do so by using secret chats<p>Except when they want to chat with more than one person at once. Telegram does not have any support for encrypted group conversations.<p>Otherwise a good read. Telegram is not a bad app, but it does not suit my threat model. I'm willing to forgo cloud backups and some usability to have default encryption for all my conversations, which I think is something Signal provides. None of these apps are perfect, it comes down to what combination of trade-offs works best for you.
I’m sure that it’s just a matter of time before someone somewhere is going to target the author of this post with snide remarks on their qualifications/ignorance and hinting at them being a Telegram shill (I’m not one of those).<p>That said, I liked this article a lot since it puts things in a manner that focuses on how to approach these comparisons and backs them up with relevant information. Elsewhere, there’s too much of appeal to authority that ignore other points (mainly nuances that are important).<p>I completely agree with this part:<p><i>> A big chunk of the criticism of Telegram amounts to defamation, lies and arguments from authority. Unfortunately this is not an opinion, but a verifiable fact. Even more unfortunate is the fact that many of these come from respected figures of the computer security community.</i><p>A few corrections and additions are required in the article:<p>* The part about Signal not having a standalone desktop client is not true. This was already pointed out in another comment here. Signal has had this for a few years now.<p>* “This is more subjective than an exact since.” — there’s a typo here for “science”.<p>* I didn’t see mention of metadata collection by WhatsApp. That’s as important as the content of messages.
Refreshing take. An actual analysis with threat modeling calling out all the fallacies of people that argue Whatsapp is better just because it uses E2EE by default.
Hard to take this seriously, citing Durovs nonsense about best practices and backdoors and completely ignoring the fact that Telegram almost certainly shipped a backdoor! <a href="https://buttondown.email/cryptography-dispatches/archive/cryptography-dispatches-the-most-backdoor-looking/" rel="nofollow">https://buttondown.email/cryptography-dispatches/archive/cry...</a><p>You even discuss this issue in the "History of Telegram vulnerabilities", but don't bother to mention the fact that this was almost certainly a deliberate backdoor.<p>You also seem to suggest that DUAL_EC_DRBG was promoted as a best practice by the crypto-community, what an utterly bizarre claim.<p>Of course, the mental gymnastics in the "Defamation" section make it clear that this was never intended to be a honest analysis.
This simply ignores the primary threat model.<p>Can govt or a company mass harvest chats to classify users into buckets? and use this data to manipulate people. We have seen this happen with Cambridge Analytica. Think of military having a list of all pro-democracy people before staging the coup.
Telegram should have a setting to choose the default (secret vs regular chat) and ask the user on installation. I understand about the backups part but a lot of users may don't care about backups. This will remove a lot of bad mouth on them and also save server resources as they don't have to save secret chats forever. I really like telegram for their cool bot-api, instant-view and channels.
Was security implementation ever proven itself for Telegram? I remember reading a lot of threads on HN a few years back about how it wasn’t considered secure/kosher. I moved on and haven’t really followed the cryptography space.