Some people say it’s really privacy-giving and that you should use it as a privacy alternative. Others say it’s alao on the big tech side. What’s going on with telegram, really?
Some people say it’s really privacy-giving and that you should use it as a privacy alternative. Others say it’s alao on the big tech side. What’s going on with telegram, really?
False. If you want to tell how things works, get your facts right!
All data sent to Telegram’s servers will be encrypted once they reach the servers. With other words, the messages and media and other files, will be sent in “plain text” over HTTPS only when using Cloud Chat. In Secret Chat, MTProto is (based on how E2EE works) as safe as what Signal Protocol is.
But nothing will be stored in plain text, no matter what you use (Cloud Chat or Secret Chat).
But(!) since the source code for MTProto is closed, we don’t know how it really works, and if we can trust their FAQ or not.
I trusted Telegram at first, but I don’t trust it 100% anymore (still better than SMS). Am using my own Snikket server these days. Much safer with a lot of 😌😊😍😃 moments, even today, maybe a year later. Especially with OMEMO (Signal Protocol).
and who generated the key?
After doing a quick scan of their FAQ, there’s nothing about who generated the key. So my wild guess is the client. I bet their source code can answer that question, but I have no clue.
Except for “secret chat” (which are only 1-on-1 chats, have flaky client support, and require both participants to be online at the same time to initiate; in other words, they are near useless) - this is just simple at-rest storage encryption. They possess the keys to decrypt your messages (again, except for secret chats), because that is necessarily what happens when they serve those messages to recepients.
I am not defending Telegram in any way by saying this, but how can you be so certain that content supposely encrypted with MTProto when using Cloud Chat is only stored in plaintext on encrypted disks? Where is the proof of this?
No one can’t prove that Telegram use MTProto to encrypt content sent using Cloud Chat, stores them encrypted, and them decrypt them upon opening because the source code for MTProto is closed. So how can you prove that what you’re saying is the way they use?
Don’t get me wrong in any of this discussion. I don’t trust Telegram anymore. I don’t trust any closed sourced softwares anymore! But one can’t say “it is like this, not like that” without any proof.