More people need to understand this, Telegram was never trustworthy to begin with.
this post was submitted on 26 May 2026
412 points (98.8% liked)
Technology
85043 readers
1781 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 3 years ago
MODERATORS
They spent years lying about their encryption algorithms too acting like they're more secure than Signal when they never were
load more comments
(8 replies)
load more comments
(5 replies)
Fork found in kitchen
Ever since the CEO of Telegram was basically lured to Paris, arrested, then read the riot act for Telegram’s non-cooperation with French authorities, the company has been responding to warrants and downplaying its “E2EE” features. Expect them to have a fully accessible backdoor for LE.
By the way, don’t forget about that Bitlocker backdoor that “mysteriously” doesn’t affect Windows 10.
The EU and US digital surveillance states have been tightening their grip on encryption and online anonymity for years now. “Age verification” is just the latest push.
I can only assume there's a different backdoor for 10 that just hasn't been published. Even if there isn't, Windows defaults to backing the key up to the attached Microsoft account. You think they'd ever tell intelligence agencies to come back with a warrant for that?
Just use Veracrypt folks.
Ever since the CEO of Telegram was basically lured to Paris, arrested, then read the riot act for Telegram’s non-cooperation with French authorities, the company has been responding to warrants and downplaying its “E2EE” features. Expect them to have a fully accessible backdoor for LE.
What does LE stands for?
Also, do you have any sources to your claims?
Just the other day, I wondered myself: what happened after that detention in Paris? I haven't read anything else. Is he in prison or free?? No idea! Is there an ongoing trial? What were the accusations?
Centimeter by centimeter getting people towards signal and matrix chats
load more comments
(3 replies)
I try not to be repetitive with the astronaut meme, but they don't help. Here we go:
As long as the keys are handled via a closed source app and server system, e2ee is potentially broken.
Even if you generated the key, keep the private part locally and submitted only the public part to your communication partner, you can never be sure that the intransparent app does keep your private key private.
With WhatsApp I'm quite sure that they somehow can retrieve the private key. Certain events point to that. But I see no reason to consider signal or telegram any more trustworthy - they are all prone to governmental influence.
And as open source and closed app infrastructure are incompatible, I would not handle anything important on an Android or Apple device.
Why would you not trust Signal?
You don't have to trust their server infrastructure, because the end to end encryption has been verified by countless experts (and all their client side code can be looked at by anyone).
to be fair there is no way to verify the google play distributed app has been built from the published source code. there are also people arguing that the closed source google components built into it could work as a backdoor
You can build the app from source code though. Couldn't you compare that to the Google Build?
Also, you could use a fork like Molly, they removed all proprietary binary blobs and replaced them with FOSS alternatives. And it's still fully compatible with Signal
only if the app is built reproducibly. I suspect the google libraries are likely minified/obfuscated by default though.
Also, you could use a fork like Molly
I do, but that's only so much when the point of the app is communicating with other people
With WhatsApp I’m quite sure that they somehow can retrieve the private key. Certain events point to that.
What events point there?
I've no proof of this, but technically the whatsapp app is closed source so they could push an update that collects the private keys, if they don't do this already
I don't know about WhatsApp, but macOS backups your keys on iCloud by default, so...
load more comments
(5 replies)
Signal (assuming you live in a country that hasn’t blacklisted them for refusing to install backdoors).
Matrix, Session, SimpleX chat, Tox chat, Jami... and so on.
Session EoL this July.
Clash of Clans
Signal still doesn’t support bots and is shit for bigger groups
Good for 1-10 friends and 1on1 chats tho
Are these negatives?
People criticising Telegram have no idea how big some of the channels there are. They’re stupid big. Like full ass Discord server but with one channel big.
That needs automated moderation tools - bots as well as built in tools to manage lager groups.
Signal doesn’t do that at all. It’s a good replacement for group texts, not communities.
And for me personally: missing first party bot support makes it a complete non-starter.
load more comments
(2 replies)
load more comments
(1 replies)
load more comments
(2 replies)
I know but I trust it more than Google.
There is value in spreading out your data to different companies in different countries. All the American big tech services sends a copy of everything to the nsa.
Maybe telegram doesn't. Who knows. Maybe they are being a bit more difficult at least.
I think the point is not so mich whether you can trust Telegram or not (although I am shure you can't).
The issue with Telegram is, that (by default) it stores all your chats unencrypted on their servers. So they can just access every message of yours whenever they want. That is not only dangerous for privacy, but when their database gets hacked, there is a decent chance, that all of your chats are gonna be released. Also, if governments want access to Telegrams data, they are legally obligated to comply.
What you should look out for, when you want more privacy is:
-
Legit End-to-End encryption: That means, that all your messages are stored and transmitted encrypted and only you and the person, you are talking to have access to these keys. So even if the server of the messaging service, you use is malicious or the government forced the organisation, which is responsible for the messenger, it would be mathematically impossible to read any of your messages.
-
Open Source clients, that can be verified by security experts. End to End encryption doesn't mean much, when you can't verify what the service, you are using is doing with your private decryption keys. In other words: It isn't enough, if a company just says, they are doing encryption. The solution is Open Source clients, because that means, that everyone can see exactly what the apps are doing and can inspect the source code for backdoors or vulnerabilities. Usually, if a lot of people have been using them, you can be sure, that some experts have verified, that nothing fishy is going on.
If you want a simple suggestion, that has good encryption and is fully open source, but is still easy to use, I would suggest you go with Signal.
Telegram would be just wonderful were it being marketed as what it is. It's a gorgeous mass groupchat system.
Nothing private at all, but for that you get convenience.
And I would like something also private and still fit for mass groupchats, I don't know, perhaps, instead of encrypting messages for every participant have some kind of rotating symmetric keys for everyone, like with encrypted TV streams, signed by a smaller set of group moderators. That could fulfill the same role and also be peer-to-peer.
But a lot of things exist beyond our imagination, it's just that for something to be persistent someone needs to make money on it.
So it's not selling all my information to the Kremlin?
The Kremlin doesn't buy, it takes.
load more comments
(1 replies)
It was made by m*scovites in m*scovia with fsb money, by the same guys that tried to copy facebook.
Better than WhatsApp at least
As in "with WhatsApp we know, with others we cannot exclude the possibility"?
Tried to sign up once, but it wanted my real phone number and a fake one from a temp SMS site wouldn’t work. Private messaging? Sure, Jan.
I’m not sure they are lying. Yes, they’re not E2E but I don’t think they claim to be by default, do they?
I’ve got a large group of friends there, since high school. We presume everything we write is available to the Russians so we never talk work details or share secrets. It would be insane otherwise.
We’ve tried to organise a move to Signal, but honestly its client is nowhere near as polished or feature rich as Telegram.
I’m not sure they are lying. Yes, they’re not E2E but I don’t think they claim to be by default, do they?
they claim to be "encrypted". if I just make a new chat it will not be encrypted. this is false advertising. furthermore this highly advertised feature has artificial limitations, like that desktop clients can't use it. it also cannot he used with group chats. so much for being "encrypted".
That's just your misunderstanding of the term. The chat is encrypted, no lies about it, it's not end-to-end encrypted. Last time I checked they were quite explicit about that.
So far, Telegram worked exactly as it was advertised, it's just people for some reason have weird ideas about what words mean and how stuff should work, but that's not on them to be honest.
Plenty to criticize Telegram for, but lack of privacy isn't it.
That's just your misunderstanding of the term. The chat is encrypted, no lies about it, it's not end-to-end encrypted.
I was pretty sure someone is going to bring this up! "It uses HTTPS so its Encrypted™, you are just too dumb to comprehend it!"
well, yes, point me to a chat service that is not encrypted on the wire nowadays. I still think it is false advertising, because their clear intention is to make the user think their service is somehow more secure than others, while that is not the case. why would you advertise privacy and encryption, if not for arguing that you the provider cant read messages?
Ironically the owner of telegram is repeatedly posting on his channel about how much more secure telegram is over whatsapp, which is an actual end to end encrypted messaging app (but with other problems, like questionable key handling)
You know, if you end-to-end encrypted, but mishandle keys, it's actually demonstrably worse than if you client-to-server encrypted but there was no confirmed cases of anything leaked.
Nobody is misleading you because you have deeply held ideas on what words should mean.
Nobody is misleading you because you have deeply held ideas on what words should mean.
if your definition of encrypted means telegram is an encrypted messenger, than "encrypted" is literally nothing more than a meaningless buzzword, since all messaging services do some kind of encryption.
My definition of "encrypted" means that something is encrypted. You know, using cryptography.
Your definition of encrypted means that something is end-to-end encrypted, with only two corresponding people having keys. And we actually have a term for that, it's end-to-end encryption.
I understand where you're coming from, but only one of us using this word correctly.
view more: next ›