Comment by NayamAmarshe
3 years ago
> It's insecure by default
Any proof? If you're calling MTProto 2.0 'insecure' then you should know it's already been audited multiple times in the last 2 years. If insecure means not using E2EE, then I guess the whole infrastructure of the internet is insecure.
> It's not even anonymous
It's more anonymous than Signal is. It requires phone number to register but you don't need to share a phone number or any personal detail to communicate with people.
> > It's insecure by default
> If you're calling MTProto 2.0 'insecure' then you should know [...]
If you're calling "secret chats" the default, then you should ask around or try to use telegram on desktop or just open telegram and see how much stuff is actually encrypted.
Secret chats are not the default. So Telegram can simply read them.
In whatsapp, messages have always been on-device / in-memory, where they belong, doing a p2p sync/transfer
> 1. Is There a Secret Chat On Telegram Desktop?
> No. Due to Telegram secret chat's end-to-end encryption and the requirement for permanent storage on the device (and not using the Cloud to store data), Telegram does not have the secret chat feature on Desktop or Web Telegram. They may add this feature on their desktop version in the future, but for now, it is not safe enough to have it.
> If you're calling "secret chats" the default
MTProto is the name of the:
1. Cloud Encryption
2. E2E encryption
algorithm at Telegram. MTProto 2.0 is not just secret chats, a different implementation is used for cloud: https://core.telegram.org/mtproto/AJiEAwIYFoAsBGJBjZwYoQIwFM...
Both cloud and e2ee consist of what's called the MTProto 2.0 algorithm.
Yeah that cloud encryption is bullshit. If you're not transferring keys in a way that only your devices can access the data, then they can also read the data. It's indeed not broken if it didn't perform this function in the first place
2 replies →