this post was submitted on 20 Dec 2023
267 points (95.9% liked)

Memes

45753 readers
2183 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 7 points 11 months ago (2 children)

Remember, it's a cloud messenger, not a secure messenger. It's cool to have all chats on every device, but by default, they are unencrypted. I message there, too, but only nonsense.

[–] [email protected] 17 points 11 months ago

I'm not saying Telegram is perfect by a long shot, and they've made some questionable decisions around crypto and paid-for services, but it grinds my gears when people suggest that it's "unencrypted".

E2E encryption means that yours and the other person's device are the only ones that have the keys for decryption and are typically the only places where chats are stored.* The conversation is secured end-to-end.

Telegram has the master copies of your chats on their servers to enable certain extra functionality that you can't get with E2E messengers, but it does not mean that the data is stored or transmitted unencrypted. The data at rest is encrypted and it's encrypted when it travels to and from your device.

Sure, there's the argument that governments could compel Telegram to hand over the keys to your chats, but considering that the platform is outright banned in more than one country with questionable regimes, it's reasonable to conclude that they don't give in to such demands. Honestly, if your government wanted copies of your chats so badly it'd be far easier for them to go through you and your device directly, and then no amount of E2E encryption is going to help you.

All that said, Telegram does actually have E2E encryption in the form of Secret Chats which, while having no method of backup, allows you to have two very different conversations with the same person and provides a level of plausible deniability that E2E only platforms cannot.

*Until you or the other party chooses to export a plain-text backup and store it on Google Drive where it's far easier for governments to subpoena. I'm looking at you, WhatsApp.

[–] [email protected] 10 points 11 months ago

It's fast, supports sending large uncompressed files, has fun stickers and great UI

It's a great messenger really, just not E2E encrypted. I'd happily use Signal too but most people don't care about the E2E encryption advantage and prefer Tele