Comment by dataflow

1 year ago

Does anyone have any reason to believe that Telegram's E2EE doesn't have a backdoor? Because if not, then I fail to see why it matters whether the E2EE even exists in the first place.

Telegram clients are open source. Anyone can verify that the client does the end-to-end encryption correctly.

Telegram has had its own history of really weird issues with its encryption protocol, like the IGE, 2^64 complexity pre-computation attacks, IND-CCA vulnerability and whatever the hell this was https://words.filippo.io/dispatches/telegram-ecdh/

But these are not the big issues here. The issues Green's blog post highlighted were

* Telegram doesn't default to end-to-end encryption.

* It makes enabling end-to-end encryption unnecessarily hard

* It has no end-to-end encryption for groups

Those matter gazillion times more than e.g. a slightly older primitive would.

End-to-end encryption matters because Telegram is not just a social media or Twitter wall. It's used for purposes that deserve privacy, and Telegram isn't providing.

Pavel did mention that investigation agencies tried to lure Telegram developers to use certain open source libraries.

It's no wonder why WhatsApp and other apps don't face much heat from the government, they're already with the government.