← Back to context

Comment by tptacek

1 day ago

The security model of Telegram is essentially that of Slack, plus a seldom-used direct E2EE messenger. You literally can't trust Slack or Telegram. You can opt not to trust Signal; I don't care. But it's at least an option.

3 comments

tptacek

Reply
dijit  1 day ago

Nice try sneaking Slack into a 1:1 secure messaging debate… That’s like comparing a corporate chatroom (with admin access) to a personal diary.

Telegram’s client-server default, with optional E2EE, is closer to pre-Microsoft Skype: tight client/network control, 1:1 focus, no major leaks despite a major spotlight on it for a decade+

You dodged Skype because it’s not the piñata Slack is. Weak move.

  • tptacek  1 day ago

    That's exactly the security model of Telegram. If you want to say "Skype", fine, Skype is also not a trustable secure messenger. I think we've reached an agreement.

    Honestly pretty satisfying, I've never managed to drive an argument about Telegram being OK all the way to "Telegram is just as good as Skype".

    • dijit  1 day ago

      You’re always so quick to call Signal the gold standard, but in reality, it’s not the untouchable system you claim.

      I’d trust pre-Microsoft Skype, Telegram, and Signal about the same; none are bulletproof when the provider controls both client and server.

      That’s the real crux, and you’re glossing over it. Skype pre-2011 ran TLS and encrypted storage, held up under global scrutiny with no major leaks, and matched Telegram’s client-server model with optional E2EE.

      Post-Microsoft? it got gutted: NSA’s PRISM, Chinese eavesdropping, Mac OS X backdoors, the works.

      This proves my point: when client and server are under one roof, a compromise, hack or coercion becomes possible.

      Signal’s Double Ratchet E2EE, that locks down past and future messages against server breaches and its open-source code plus reproducible builds invite scrutiny that makes backdoors harder to hide, but here’s the truth: Signal’s client and server are still one entity and they have hid updates from users before. A malicious update, pushed via TOLA or CLOUD Act pressure, can snag plaintext before encryption, E2EE be damned.

      Most users don’t verify builds. Transparency’s nice, but it’s not a forcefield. Telegram’s optional E2EE and Skype’s old-school TLS setup aren’t inherently worse for low-threat users who just need protection from external hacks, not state-level malice.

      You’re waving Signal’s flag like it’s untouchable, but in practice, the provider’s grip on the client levels the playing field. That’s why I stick to OMEMO or OTR over XMPP or IRC: decentralised, battle-tested protocols that don’t chain me to one entity’s whims. I run them myself, no middleman, no trust roulette. Your “agreement” smells like a victory lap, but you’re dodging the real issue: single-entity control is the Achilles’ heel, not the protocol’s name.