Comment by codedokode
3 years ago
Did audit help Let's Encrypt to prevent issuing fake certificates? Such audit is useless. SSL infrastructure security is in a much worse state than Telegram's yet nobody seems to notice it. If any large ISP can issue fake certificates by doing MitM then this system is compromised completely. What's the point of having SSL if basically anyone can MitM it?
To be honest, Telegram using homemade crypto instead of relying on standard approaches like CA certs turned out to be good solution in the end. Apps should stop trusting CA and should hardcode public certificates instead.
Apples and oranges? Let's Encrypt is a bandaid for a (possibly inevitable) architectural weakness, one serving browsers which must communicate with a world of unfamiliar servers. Telegram is a messaging app primarily meant for communicating among people and groups one already knows.
Regardless, using open and verified cryptographic primitives is a best practice for a reason. As are audits. The likelihood any company can start from scratch and produce a flawless solution is a number approaching zero.
I'd feel much more comfortable with something using Signal protocol. Ideally built from independently audited source.