This is an article written by telegram’s founder and CEO Pavel Durov in 2019 on “Why whatsapp will never be secure”. Your thoughts?

  • Clot@lemm.eeOP
    link
    fedilink
    arrow-up
    7
    arrow-down
    19
    ·
    10 months ago

    No. Whatsapp’s metadata is not encrypted and can be used by its parent company, also backups are not secure. While telegram’s is opt in (yeah that sucks and here’s there excuse for that https://tsf.telegram.org/manuals/e2ee-simple), they are as secure as signal’s (if not more).

      • nutomic@lemmy.ml
        link
        fedilink
        arrow-up
        9
        arrow-down
        3
        ·
        10 months ago

        That paper is eight years old and yet there has been no major hack of the Telegram protocol.

        • Dehydrated@lemmy.world
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          10 months ago

          That may be true, but it proves that MTProto isn’t “as secure as signal’s (if not more)” as OP said

      • Clot@lemm.eeOP
        link
        fedilink
        arrow-up
        5
        arrow-down
        9
        ·
        edit-2
        10 months ago

        I am not talking about mtproto lmao. I was talking about their opt-in e2ee feature. Edit: Also the research you shared is based on mtproto 1.0 which telegram abandoned almost a decade ago and there have been No such defects found in mtproto 2 yet.

        • Dehydrated@lemmy.world
          link
          fedilink
          arrow-up
          11
          arrow-down
          2
          ·
          10 months ago

          MTProto is what Telegram uses for “Secret Chats”, their opt-in end-to-end encryption. Normal messages aren’t encrypted at all. They’re stored in plain text on Telegram servers. The fact that E2EE is opt-in already makes this app ridiculous. On top of that, it isn’t even secure or private lol

          • Clot@lemm.eeOP
            link
            fedilink
            arrow-up
            7
            arrow-down
            4
            ·
            edit-2
            10 months ago

            the fact that E2EE is opt-in already makes this app ridiculous

            in matter of privacy, yes. But it have cool features so.

            They’re stored in plain text on Telegram servers

            No, non secret chats use mptroto but with different schema, thats not plain servers. And no data breach have been reported in telegram yet if it was “that” easy to breach them. From my last comment: “Also the research you shared is based on mtproto 1.0 which telegram abandoned almost a decade ago and there have been No such defects found in mtproto 2 yet.”

            • Undertaker@feddit.de
              link
              fedilink
              arrow-up
              2
              arrow-down
              3
              ·
              10 months ago

              But it have [sic!] cool features so.

              So what? If minimum requirements are not given, it can be as cool as possible. Only not so smart people think that’s a good deal.

              • Clot@lemm.eeOP
                link
                fedilink
                arrow-up
                1
                arrow-down
                1
                ·
                10 months ago

                I would prefer telegram because its just not from Meta. There is bounty on breaking telegram’s protocol too.

                Telegram sells ads on public channels with consent of owners and the ads are based on the channel data and not users data. They are back up with their crypto schemes, infact idk whats wrong with crypto, they are better for privacy than normal bank transactions. Anyone cant pay from their pocket for lifetime, it was coming since longway because telegram have no parent company to fund it neither its founder are that rich to spend billions of dollars on it every year. Those “nitro” features didnt take anything away from free users tho, also if they are trying to cover up their cost from the userbase that just proves they have no dubious financing from backdoors.

                I dont know how rape laws are connected with a messenger being based there. US have its social problems too or wherever signal is located, every country have social issues.

                Yeah facebook is big enough reason to not use facebook. On top of that there have been no data breaches, almost no big outages in telegram till date. They offer a lot of features, from bots to channels, to large public communities and much more.

                Telegram just claims its private enough and they never said they are e2ee by default, I dont see the misinformation here, yeah they exaggerate it sometimes but the fact that there have been no data breaches in a decade with almost 800 million monthly active users is quite a bit of achievement. They invested on developing their own encryption protocol, it maybe less private but they made it to remove complexities which signal have. There’s no point on having some 100% secure stuff when no one gonna use it due to complexities, telegram have fueled pro democratic protests worldwide and I thank them for that atleast (even they got banned in many countries for doing so).

    • beta_tester@lemmy.ml
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      10 months ago

      Multi-device End-to-end encrypted chats are a mess

      I’m not going to read it all but matrix managed to deliver on fully encrypted messages that you can have on multiple devices.

    • crispy_kilt@feddit.de
      link
      fedilink
      arrow-up
      6
      arrow-down
      4
      ·
      10 months ago

      they are as secure as signal’s (if not more

      Incorrect. They are trivially breakable as it is unauthenticated DH which is as good as no encryption at all.

      • Clot@lemm.eeOP
        link
        fedilink
        arrow-up
        3
        arrow-down
        8
        ·
        10 months ago

        good as no encryption at all.

        0 data breaches till date.

    • mustbe3to20signs@feddit.de
      link
      fedilink
      arrow-up
      3
      arrow-down
      5
      ·
      edit-2
      10 months ago

      I’m not saying that WhatsApp is the good guy here, Meta sucks but compared to Telegram I rather trust them if I have to.
      And the unencrypted backups are only problematic when you use the automatic Google Drive upload.

        • mustbe3to20signs@feddit.de
          link
          fedilink
          arrow-up
          4
          arrow-down
          2
          ·
          edit-2
          10 months ago

          Telegram is a shell company and only offers mediocre, opt-in encryption. The thing I like most about them is their support for 3rd party clients.
          I have to use their service for some contacts same as with WhatsApp but I would prefer more secure and privacy friendly alternatives.