← Back to context

Comment by celsoazevedo

2 days ago

I assume it's the lack of end-to-end encryption by default on basic features.

Good service btw, but not the best from a privacy point of view.

17 comments

celsoazevedo

Reply
SahAssar  2 days ago

Besides that there it's also them choosing to roll their own crypto instead of using established cyphers and protocols.

  • emptysongglass  2 days ago

    And every time someone makes this comment. MTProto 2 uses standard crypto primitives. Besides this, do you know who else rolled their own crypto? Moxie. You don't get to roll your own crypto first and then weaponize this against your opponents but that's exactly what he did along with abusing words like "plaintext" to describe any encryption not E2EE.

    • maqp  2 days ago

      AES-IGE is not best practice. Neither is this https://words.filippo.io/dispatches/telegram-ecdh/

      The difference is Moxie isn't an amateur when it comes to cryptographic design. Wikipedia actually lists him as a cryptographer. The company has also employed an actual mathematician/cryptographer, Trevor Perrin.

      Meanwhile, Telegram employed the CEO's brother who's a geometrician, which is not the same. You wouldn't hire a dentist to perform brain surgery even though both studied medicine.

      Signal protocol's double ratchet is considered best practice by pretty much every competent cryptographer.

      MTProto's main issues are not the teething issues of the yester-years. It's the fact every chat is sent to the server that can then read the messages. Telegram only has E2EE in internet debates about it's non-existent E2EE in practice.

      8 replies →

4cstar  2 days ago

https://telegra.ph/Why-Isnt-Telegram-End-to-End-Encrypted-by...

  • celsoazevedo  2 days ago

    It's nice to see their reasoning, but the issue remains: Telegram can read most direct messages (because almost no one uses private chats) and everything sent in groups.

    It's a good service and in some cases it can compete with Matrix, Signal, etc, but most direct chats and all groups have no privacy from Telegram (and anyone with access to their servers).

  • 9991  2 days ago

    What a bizarre explanation. Element does E2EE just fine, with the caveat that you have to record your own encryption keys. But if you want E2EE and backups, what would you expect?