Telegram sticker collection and programmability seem cool but I've managed to stay away from it until now, mostly because they don't have end to end encryption on by default and don't use a peer researched protocol ;)
I hope they will never default to end-to-end encryption if it means I can't seamlessly switch from mobile to desktop and vice versa for continuing my conversations anymore. Secret Chats are a good feature as any but you must drag the cloud syncing off from my dead cold hands.
It's the single most enjoyable feature of Telegram and makes competitors like WhatsApp so irritating to use.
Thing is, you actually can do that even with e2e encryption. Wire does it, Keybase does it. Signal and Whatsapp still go the odd you-need-a-phone-route, but Wire and Keybase don't. So there's actually no excuse for Telegram's self-rolled encryption, especially without e2e encryption on by default.
Heck, you can even do it with XMPP/Jabber and Omemo.
And Wire even offers the full set of video and voice calls. e2e encrypted, too.
From a security focused point of view, Telegram just doesn't cut it. The only thing I see where Telegram is still ahead is with regards to bot support. While many alternatives have some variation of it, it's most mature with Telegram. But for everything else, it's a nope from me.
/edit
Something else about the validity of the criticism with regards to the encryption of Telegram: It's less about "do they use the same algo/libs as Signal" and more about "do they use algos/libs with a proven track record and review". With cryptography/cryptanalysis it's traditionally seen with scepticism when someone "rolls their own algo", as the algorithms as well as the implementation might subtly make it insecure, and with proven and well-reviewed algorithms there's just a lot more of "yep, it's probably fine". Telegram went and wrote it's own, coming from a non-crypto-background. It might be the best algorithms there is, but when it comes to cryptography that's not enough, unless you have good reasons to write something new and until it is reviewed by people with expertise in the field. Signal's protocol (axolotl/double ratchet) pretty much heavily improved upon existing tech with focus on mobile messaging, dropping/changing connections and multiple devices/clients, which is why it's become the "de-facto standard" when it comes to "proper" encryption for messengers nowadays.
/edit
Ah, another edit, because why not. Just two more things: I get that people like Telegram a lot, mostly because it "just works". My focus is, obviously, a bit more on the security of the messengers, so I'm certainly biased. Still, Signal (on the phone) is nowadays pretty much a "drop in replacement" for SMS/Whatsapp/etc., usability-wise, as those things that made secure messaging user-unfriendly before (getting keys, checking fingerprints etc.) is either gone or optional (you can just use it, discover contacts TOFU-style and never care about what's going on, or you can go and actually verify fingerprints through a secure channel). Wire is a tiny bit more complicated, or rather: nudges you a bit more toward verifying/checking keys/devices, but not very much. Plus, you don't need a phone number for it, which is a plus for quite many people, compared to, say, Signal and Whatsapp.
So I'd probably not go out and say "don't use Telegram", but I'd be happy if Telegram wouldn't be marketed as a "secure" messenger. And if you use it, you should keep in mind that your communication might be somewhat secure (from you to the Telegram servers), but only in a limited fashion.
I'm not sure I understand what you mean here. I use WhatsApp's desktop client and the phone every day with e2e encryption enabled. Same with Signal. You mean the fact that the encryption goes through the phone so the phone has to be online?
Yes, and being an active user of Slack and other popular messaging applications makes the odd always-on approach of WhatsApp and Signal feel tedious and outdated.
I wouldn't also promote WhatsApp to be more secure than Telegram due to their tight coupling with Facebook but that's a whole another discussion.
Yes, and being an active user of Slack and other popular messaging applications makes the odd always-on approach of WhatsApp and Signal feel tedious and outdated.
I'd trade that with privacy anytime, my phone is always on anyway :) But it's okay to have different opinions.
I wouldn't also promote WhatsApp to be more secure than Telegram due to their tight coupling with Facebook but that's a whole another discussion.
Telegram promised since at least March 2014 that "all code will be released eventually", including all the various client applications (Android, iOS, desktop, etc.) and the server-side code.[134] As of March 2019, Telegram still hasn't published their server-side source code.[135][136] Publishing the server-side code would allow anyone to audit the server's code and verify that it works correctly and handles user data securely, instead of relying on Telegram's claims that it's indeed secure.
So no, I don't trust Telegram :)
WhatsApp isn't perfect (Facebook mines metadata, which says a lot even without having access to the content) but the security protocol is solid. If they decide to weaken it to mine text messages I'll consider moving on to something else :)
iMessage is another service with e2e by default and always on, unfortunately Apple has no interest in creating clients for other platforms.
They have open-sourced their client library, though, along with their official clients so I would count that as positive. I agree that details regarding server implementation should be released as well but neither have any of the major competitors done so (correct me if I'm wrong).
Cross-platform library for building Telegram clients
TDLib
TDLib (Telegram Database library) is a cross-platform library for building Telegram clients. It can be easily used from almost any programming language.
Cross-platform: TDLib can be used on Android, iOS, Windows, macOS, Linux, FreeBSD, Windows Phone, WebAssembly, watchOS, tvOS, Tizen, Cygwin. It should also work on other *nix systems with or without minimal effort.
Multilanguage: TDLib can be easily used with any programming language that is able to execute C functions. Additionally it already has native Java (using JNI) bindings and .NET (using C++/CLI and C++/CX) bindings.
Easy to use: TDLib takes care of all network implementation details, encryption and local data storage.
As for the peer-review, this is another odd argument which the majority of journalists tend to buy without any criticism at all. Anyone can take a look at this page and conduct their own review, and I believe most have. Yet many so-called "security experts" are rejecting this algorithm due to the fact that it's not the same that Signal uses which is... I don't even know what to say.
I admit to be a little defensive here but having followed discussion around Telegram for years where almost everytime people cite Edward Snowden's words about "use nothing else than Signal" makes me quite sceptic against the entire field of security. The root problem is, of course, today anyone can have a hot take on application security without comprehensive arguments and media will signal boost it without giving it even half a thought.
Feel free to continue as you were. I guess WhatsApp has stickers too? 🤞
It's 2019 but the rise of Slack, Discord, and other group chat apps shows that seamless usability is often more desired attribute than security for the masses. I can't fight them so I have joined them.
Telegram sticker collection and programmability seem cool but I've managed to stay away from it until now, mostly because they don't have end to end encryption on by default and don't use a peer researched protocol ;)
Has the situation changed :D ?
I hope they will never default to end-to-end encryption if it means I can't seamlessly switch from mobile to desktop and vice versa for continuing my conversations anymore. Secret Chats are a good feature as any but you must drag the cloud syncing off from my dead cold hands.
It's the single most enjoyable feature of Telegram and makes competitors like WhatsApp so irritating to use.
Thing is, you actually can do that even with e2e encryption. Wire does it, Keybase does it. Signal and Whatsapp still go the odd you-need-a-phone-route, but Wire and Keybase don't. So there's actually no excuse for Telegram's self-rolled encryption, especially without e2e encryption on by default.
Heck, you can even do it with XMPP/Jabber and Omemo.
And Wire even offers the full set of video and voice calls. e2e encrypted, too.
From a security focused point of view, Telegram just doesn't cut it. The only thing I see where Telegram is still ahead is with regards to bot support. While many alternatives have some variation of it, it's most mature with Telegram. But for everything else, it's a nope from me.
/edit
Something else about the validity of the criticism with regards to the encryption of Telegram: It's less about "do they use the same algo/libs as Signal" and more about "do they use algos/libs with a proven track record and review". With cryptography/cryptanalysis it's traditionally seen with scepticism when someone "rolls their own algo", as the algorithms as well as the implementation might subtly make it insecure, and with proven and well-reviewed algorithms there's just a lot more of "yep, it's probably fine". Telegram went and wrote it's own, coming from a non-crypto-background. It might be the best algorithms there is, but when it comes to cryptography that's not enough, unless you have good reasons to write something new and until it is reviewed by people with expertise in the field. Signal's protocol (axolotl/double ratchet) pretty much heavily improved upon existing tech with focus on mobile messaging, dropping/changing connections and multiple devices/clients, which is why it's become the "de-facto standard" when it comes to "proper" encryption for messengers nowadays.
/edit
Ah, another edit, because why not. Just two more things: I get that people like Telegram a lot, mostly because it "just works". My focus is, obviously, a bit more on the security of the messengers, so I'm certainly biased. Still, Signal (on the phone) is nowadays pretty much a "drop in replacement" for SMS/Whatsapp/etc., usability-wise, as those things that made secure messaging user-unfriendly before (getting keys, checking fingerprints etc.) is either gone or optional (you can just use it, discover contacts TOFU-style and never care about what's going on, or you can go and actually verify fingerprints through a secure channel). Wire is a tiny bit more complicated, or rather: nudges you a bit more toward verifying/checking keys/devices, but not very much. Plus, you don't need a phone number for it, which is a plus for quite many people, compared to, say, Signal and Whatsapp.
So I'd probably not go out and say "don't use Telegram", but I'd be happy if Telegram wouldn't be marketed as a "secure" messenger. And if you use it, you should keep in mind that your communication might be somewhat secure (from you to the Telegram servers), but only in a limited fashion.
And lastly, for the interested: OTRv4 is actually being worked on, with (not only) the intention on improving on OTRv3 and the axolotl/double ratchet algo: github.com/otrv4/otrv4/blob/master...
A bit more about it github.com/coyim/coyim/issues/233, and a somewhat in-depth look at developments and background in that area (olm [matrix), signal, otr, omemo): blog.jabberhead.tk/author/vanitasv...
Came for copper, found gold. Thanks for this wonderful explanation.
I'm not sure I understand what you mean here. I use WhatsApp's desktop client and the phone every day with e2e encryption enabled. Same with Signal. You mean the fact that the encryption goes through the phone so the phone has to be online?
Yes, and being an active user of Slack and other popular messaging applications makes the odd always-on approach of WhatsApp and Signal feel tedious and outdated.
I wouldn't also promote WhatsApp to be more secure than Telegram due to their tight coupling with Facebook but that's a whole another discussion.
I'd trade that with privacy anytime, my phone is always on anyway :) But it's okay to have different opinions.
I'm the last person to trust Facebook, but I trust peer reviewed encryption protocols. Telegram uses none by default as you said, and this is the current situation regarding security:
So no, I don't trust Telegram :)
WhatsApp isn't perfect (Facebook mines metadata, which says a lot even without having access to the content) but the security protocol is solid. If they decide to weaken it to mine text messages I'll consider moving on to something else :)
iMessage is another service with e2e by default and always on, unfortunately Apple has no interest in creating clients for other platforms.
They have open-sourced their client library, though, along with their official clients so I would count that as positive. I agree that details regarding server implementation should be released as well but neither have any of the major competitors done so (correct me if I'm wrong).
Cross-platform library for building Telegram clients
TDLib
TDLib (Telegram Database library) is a cross-platform library for building Telegram clients. It can be easily used from almost any programming language.
Table of Contents
Features
TDLibhas many advantages. NotablyTDLibis:TDLibcan be used on Android, iOS, Windows, macOS, Linux, FreeBSD, Windows Phone, WebAssembly, watchOS, tvOS, Tizen, Cygwin. It should also work on other *nix systems with or without minimal effort.TDLibcan be easily used with any programming language that is able to execute C functions. Additionally it already has native Java (usingJNI) bindings and .NET (usingC++/CLIandC++/CX) bindings.TDLibtakes care of all network implementation details, encryption and local data storage.As for the peer-review, this is another odd argument which the majority of journalists tend to buy without any criticism at all. Anyone can take a look at this page and conduct their own review, and I believe most have. Yet many so-called "security experts" are rejecting this algorithm due to the fact that it's not the same that Signal uses which is... I don't even know what to say.
I admit to be a little defensive here but having followed discussion around Telegram for years where almost everytime people cite Edward Snowden's words about "use nothing else than Signal" makes me quite sceptic against the entire field of security. The root problem is, of course, today anyone can have a hot take on application security without comprehensive arguments and media will signal boost it without giving it even half a thought.
Ok, let's say Telegram e2e encryption is solid, the fact that it's not enabled by default it's still a no for me. It's 2019, come on.
Google tried to release a new messaging system without encryption and was blasted on day one.
The fact that we allow personal communication to go god knows where in clear just because they have better stickers is a no for me if I can avoid it.
I don't like that Slack is not encrypted or that email is not either. At least let me use one form of communication that is :-)
Feel free to continue as you were. I guess WhatsApp has stickers too? 🤞
It's 2019 but the rise of Slack, Discord, and other group chat apps shows that seamless usability is often more desired attribute than security for the masses. I can't fight them so I have joined them.
Not yet...