#Telegram and #Durov are once again in the media, so I translated my May piece about the service to English:
Telegram is neither "secure" nor "encrypted"
https://rys.io/en/171.html
Calling Telegram "secure" or "encrypted" is misleading, and is journalistic malpractice.
Telegram itself seems to mislead about it on purpose.
Telegram's encryption protocol is suspicious and transmits cleartext device identifiers with every message.
They have been called out for it many times, and refuse to change.
Despite the claims that #Telegram never shares any data or metadata, there are relatively clear cases of them having shared metadata with an Indian court and German law enforcement.
There are strong indications, as reported by Wired, they might have shared message contents with the Russian government, targeting activists in Russia.
By default, Telegram chats do not use end-to-end encrypted mode aka "Secret Chats". End-to-end encryption is also completely unavailable for groups and channels.
🔗🔝
Possibly quite telling that the Russian government condemned the arrest so strongly. 🤔
@rysiek @richlv On Sky News UK today:
“Vladmir Putin took steps to shut down Telegram when it first appeared in Russia...”
“But in 2018 the Kremlin suddenly ended its pursuit of Telegram, where it is now one of Russia's most popular social media apps - even with the Russian military. A leading Russian pro-war blogger joked after Durov's arrest: "De-facto they detained the head of communications for the Russian Army".”
“A rival encrypted messaging app Signal, whose servers, unlike many of Telegram's are not hosted in Russia, was recently banned there.”
🤔
@stamberry the whole point of this piece is that:
1. Telegram bills itself as "encrypted IM" (which it is not)
2. Telegram constantly compares itself to Signal on security and privacy, claiming Signal is less secure and private (which is also false).
I do believe it's fair game to take Telegram to task on this.
If Telegram wants to not be compared unfavourably to Signal on secure IM features, it is welcome to stop comparing itself to Signal on secure IM features. 🤷♀️
@stamberry I am sure you asked very similar questions of Telegram's and Durov's social network accounts when they were misrepresenting Signal.
After all, I am merely *representing* Telegram, while Telegram was outright *misrepresenting* Signal.
I would not dare to imagine you not having enough integrity to do so. So I am eager to hear what they had to say to your valid points. Care to link to the thread?
@rysiek also #Telegram - like @signalapp - demand and collect #PII like #PhoneNumbers which ain't possible to acquire anonymoisly in more and more juristictions.
Using #XMPP+#OMEMO by contrast is secure and adding @torproject / #Tor to tunnel it makes it even more anonymous.
Cnsider every #Messenger that doesn't #decentralize and support #Tor oit of tue box to be insecure!
@kkarhan I consider a service that actively, relentlessly misrepresents its security and encryption stance way worse and more harmful than a service that does not.
@rysiek Agreed.
Tho I'd say that @signalapp is just marginally less shit in execution AFAICT, not in concept tho...
@kkarhan I have criticized @signalapp publicly for a bunch of things.
But saying that Signal is "marginally" better than Telegram is simply wrong. Signal is leaps and bounds better than Telegram, in execution and in concept.
Telegram's concept is "let's implement just enough e2ee to be able to lie our way into pretending we're an e2ee IM, while being nothing of the sort."
They do this *on purpose*, knowing this puts people in harm's way.
Making any sort of equivalence here is not justified.
Thanks for this writeup. I have had many people tell me I should use Telegram because it's "safe and secure" and I no longer try to argue, I just laugh.
Michał "rysiek" Woźniak · 🇺🇦
FediThing 
Rihards Olups
Regs Grundies
Orca 🌻 | 🎀 | 🪁 | 🏴🏳️⚧️
blausand 🐟
Nsukami _ | 巣神
Andrzej Stamburski
Krzysztof Sakrejda
Noxy 🐾🏳️🌈
Kevin Karhan 
Ehay2k
Guelfo Alexander Ghibellini
alastair87 (old account)
deallocated
sss
Random Geek in limbo