• Samsy@lemmy.mlOP
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Remember, it’s a cloud messenger, not a secure messenger. It’s cool to have all chats on every device, but by default, they are unencrypted. I message there, too, but only nonsense.

    • N-E-N@lemmy.ca
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      It’s fast, supports sending large uncompressed files, has fun stickers and great UI

      It’s a great messenger really, just not E2E encrypted. I’d happily use Signal too but most people don’t care about the E2E encryption advantage and prefer Tele

    • TedZanzibar@feddit.uk
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I’m not saying Telegram is perfect by a long shot, and they’ve made some questionable decisions around crypto and paid-for services, but it grinds my gears when people suggest that it’s “unencrypted”.

      E2E encryption means that yours and the other person’s device are the only ones that have the keys for decryption and are typically the only places where chats are stored.* The conversation is secured end-to-end.

      Telegram has the master copies of your chats on their servers to enable certain extra functionality that you can’t get with E2E messengers, but it does not mean that the data is stored or transmitted unencrypted. The data at rest is encrypted and it’s encrypted when it travels to and from your device.

      Sure, there’s the argument that governments could compel Telegram to hand over the keys to your chats, but considering that the platform is outright banned in more than one country with questionable regimes, it’s reasonable to conclude that they don’t give in to such demands. Honestly, if your government wanted copies of your chats so badly it’d be far easier for them to go through you and your device directly, and then no amount of E2E encryption is going to help you.

      All that said, Telegram does actually have E2E encryption in the form of Secret Chats which, while having no method of backup, allows you to have two very different conversations with the same person and provides a level of plausible deniability that E2E only platforms cannot.

      *Until you or the other party chooses to export a plain-text backup and store it on Google Drive where it’s far easier for governments to subpoena. I’m looking at you, WhatsApp.