I'll tell you what's right about Telegram: I don't know how they're the only independent app that seems to be able to produce such a well built UI/UX for a chat application in 2025.
I maintain that someone should fork their codebase and bolt on a different backend (Signal, Matrix, whatever). It's right there and it's very, very good.
(Yes, I know it's not as simple as "bolt on a different backend". You know what I mean.)
> I don't know how they're the only independent app that seems to be able to produce such a well built UI/UX for a chat application in 2025.
Precisely because they don't spend so much effort for privacy. If your server can read all your messages, it's suddenly easier to provide great features. For instance, GMail can add your next hotel stay to your calendar automatically because it has access to your emails. That's great UX, but poor privacy.
This is not entirely true. For example, Calendar.app does the same by locally extracting the .ics out of Mail.app without ever sending anything to Apple.
I don't think Telegram's UX is tied to their permissive privacy, but they do seem to start with UX then do what's needed to support it. That does give them an edge.
(Instagram has terrible privacy and actively mines information from chat and their UX is only passably good.)
What on earth makes you think that the same engineers responsible for fluid and smooth UI/UX are the ones who’d ever influence the cryptography/privacy/security? Whether or not the chats are encrypted has zero to do with this.
Telegram has almost universally smooth scrolling, things work well across platforms, it’s native pretty much everywhere with low memory usage and mostly platform specific behaviors. Signal half asses this, and Element is… shoddy, at best, in comparison.
Telegram certainly has an excellent UI/UX. On the Element side, its quality bar has very much been the target for Element X - and (in my biased opinion) we are getting very close, if not exceeding it in some places. For instance, we just landed The Event Cache in Element X and matrix-rust-sdk (https://github.com/matrix-org/matrix-rust-sdk/issues/3280 - closed 2 days ago after a year of solid work), which provides seamless offline support and local encrypted-at-rest caching of the messages it's seen, which in turn then makes the native SwiftUI and jetpack-compose UIs go brrrrrr.
> its quality bar has very much been the target for Element X
I sincerely hope you get there, but it's really hard to believe it at the moment. You're not even at feature parity with the app (Element vs Element X) you're replacing, and it's been out for a bit now.
i.e, you have significant user experience related features that keep people using Element (open graph previews, just to name one).
And every time someone makes this comment. MTProto 2 uses standard crypto primitives. Besides this, do you know who else rolled their own crypto? Moxie. You don't get to roll your own crypto first and then weaponize this against your opponents but that's exactly what he did along with abusing words like "plaintext" to describe any encryption not E2EE.
It's nice to see their reasoning, but the issue remains: Telegram can read most direct messages (because almost no one uses private chats) and everything sent in groups.
It's a good service and in some cases it can compete with Matrix, Signal, etc, but most direct chats and all groups have no privacy from Telegram (and anyone with access to their servers).
What a bizarre explanation. Element does E2EE just fine, with the caveat that you have to record your own encryption keys. But if you want E2EE and backups, what would you expect?
To me it's just not an encrypted messaging app. I don't even get all the discussions about it...
It's a bit like if we analysed the E2EE guarantees of email over and over again. Every year, multitudes of people would publish a post explaining how email is "badly encrypted". Well, email is not E2EE, period. If you want E2EE, use a system that has E2EE.
2. No group chat, even a small one between close friends is end-to-end encrypted.
3. Almost all desktop clients support no end-to-end encryption for 1:1 chats, meaning if you use the desktop client as part of your workflow, you're forced to drop using the end-to-end encrypted secret chats.
4. No cryptographers have ever worked in the company.
5. Horrible teething issues for the protocol:
Telegram hosted a cracking contest back in 2013. Everyone in the industry know they are bullshit, and this was discussed back in 2013 The Fallacy of Cracking Contests (1998) | Hacker News The tldr is, Moxie issued a counter challenge to Telegram where he presented the same goals with already broken primitives like MD5, to break the encryption. Telegram never proved the challenge could be won even under those conditions. (Also again, given that Telegram’s built in backdoor of “people are lazy” exists, the cracking contest was pointless. It doesn’t matter how good the encryption is if the adversary wears you down to hand over the keys).
I'll tell you what's right about Telegram: I don't know how they're the only independent app that seems to be able to produce such a well built UI/UX for a chat application in 2025.
I maintain that someone should fork their codebase and bolt on a different backend (Signal, Matrix, whatever). It's right there and it's very, very good.
(Yes, I know it's not as simple as "bolt on a different backend". You know what I mean.)
> I don't know how they're the only independent app that seems to be able to produce such a well built UI/UX for a chat application in 2025.
Precisely because they don't spend so much effort for privacy. If your server can read all your messages, it's suddenly easier to provide great features. For instance, GMail can add your next hotel stay to your calendar automatically because it has access to your emails. That's great UX, but poor privacy.
This is not entirely true. For example, Calendar.app does the same by locally extracting the .ics out of Mail.app without ever sending anything to Apple.
I don't think Telegram's UX is tied to their permissive privacy, but they do seem to start with UX then do what's needed to support it. That does give them an edge. (Instagram has terrible privacy and actively mines information from chat and their UX is only passably good.)
1 reply →
This is such an odd comment.
What on earth makes you think that the same engineers responsible for fluid and smooth UI/UX are the ones who’d ever influence the cryptography/privacy/security? Whether or not the chats are encrypted has zero to do with this.
Telegram has almost universally smooth scrolling, things work well across platforms, it’s native pretty much everywhere with low memory usage and mostly platform specific behaviors. Signal half asses this, and Element is… shoddy, at best, in comparison.
15 replies →
Telegram certainly has an excellent UI/UX. On the Element side, its quality bar has very much been the target for Element X - and (in my biased opinion) we are getting very close, if not exceeding it in some places. For instance, we just landed The Event Cache in Element X and matrix-rust-sdk (https://github.com/matrix-org/matrix-rust-sdk/issues/3280 - closed 2 days ago after a year of solid work), which provides seamless offline support and local encrypted-at-rest caching of the messages it's seen, which in turn then makes the native SwiftUI and jetpack-compose UIs go brrrrrr.
> its quality bar has very much been the target for Element X
I sincerely hope you get there, but it's really hard to believe it at the moment. You're not even at feature parity with the app (Element vs Element X) you're replacing, and it's been out for a bit now.
i.e, you have significant user experience related features that keep people using Element (open graph previews, just to name one).
Arathorn I'm a bit confused that Element pushes Element X so much already when your own Element One service doesn't support it yet?
1 reply →
I assume it's the lack of end-to-end encryption by default on basic features.
Good service btw, but not the best from a privacy point of view.
Besides that there it's also them choosing to roll their own crypto instead of using established cyphers and protocols.
And every time someone makes this comment. MTProto 2 uses standard crypto primitives. Besides this, do you know who else rolled their own crypto? Moxie. You don't get to roll your own crypto first and then weaponize this against your opponents but that's exactly what he did along with abusing words like "plaintext" to describe any encryption not E2EE.
10 replies →
https://telegra.ph/Why-Isnt-Telegram-End-to-End-Encrypted-by...
It's nice to see their reasoning, but the issue remains: Telegram can read most direct messages (because almost no one uses private chats) and everything sent in groups.
It's a good service and in some cases it can compete with Matrix, Signal, etc, but most direct chats and all groups have no privacy from Telegram (and anyone with access to their servers).
https://telegra.ph/Why-you-should-stop-reading-Durovs-blog-p...
What a bizarre explanation. Element does E2EE just fine, with the caveat that you have to record your own encryption keys. But if you want E2EE and backups, what would you expect?
This is exactly it.
I don't understand why you're downvoted for this question.
What's wrong with Telegram is the privacy story. It's not end-to-end encrypted, meaning that the server can read the content of your messages.
I hear that Telegram has a great UX, which makes it popular. But in terms of security... it's wanting.
Telegram is a joke in professional cryptography circles https://x.com/matthew_d_green/status/726428912968982529
To me it's just not an encrypted messaging app. I don't even get all the discussions about it...
It's a bit like if we analysed the E2EE guarantees of email over and over again. Every year, multitudes of people would publish a post explaining how email is "badly encrypted". Well, email is not E2EE, period. If you want E2EE, use a system that has E2EE.
1 reply →
You're again linking to old critiques of an old protocol no longer in use. Can you stop doing that, please?
4 replies →
1. It's not end-to-end encrypted by default.
2. No group chat, even a small one between close friends is end-to-end encrypted.
3. Almost all desktop clients support no end-to-end encryption for 1:1 chats, meaning if you use the desktop client as part of your workflow, you're forced to drop using the end-to-end encrypted secret chats.
4. No cryptographers have ever worked in the company.
5. Horrible teething issues for the protocol:
Telegram hosted a cracking contest back in 2013. Everyone in the industry know they are bullshit, and this was discussed back in 2013 The Fallacy of Cracking Contests (1998) | Hacker News The tldr is, Moxie issued a counter challenge to Telegram where he presented the same goals with already broken primitives like MD5, to break the encryption. Telegram never proved the challenge could be won even under those conditions. (Also again, given that Telegram’s built in backdoor of “people are lazy” exists, the cracking contest was pointless. It doesn’t matter how good the encryption is if the adversary wears you down to hand over the keys).
http://unhandledexpression.com:8081/crypto/general/security/...
https://eprint.iacr.org/2015/1177.pdf
https://web.archive.org/web/20160425091011/http://www.alexra...
https://words.filippo.io/dispatches/telegram-ecdh/
https://mtpsym.github.io/
Also this:
https://blog.cryptographyengineering.com/2024/08/25/telegram...