To me Telegram feels like the red corner district of a city. I simply don't feel like I can trust it, there's something very shady about it. I wouldn't be surprised if Telegram reads those exclusive Bitcoin whale groups and uses that insider info. Group chats are not end to end encrypted.
That being said, WhatsApp is like the authorized garage where you know that you'll get the service which is officially recognized (by the government) and will keep your car's value "at its best", but which screws you over in so many ways.
Everything else is somewhere in between these two platforms.
Care to qualify that speculation with some evidence?
It seems like whenever telegram is brought up here, there's a lot of speculation about it not being trustworthy but no concrete evidence.
The client is open source. While not end to end encrypted by default, it shares that property with most messengers. E2E limits search-ability and other features so it's a tradeoff.
I have to wonder if part of why this is mostly brought up is due to the origin of the app being a group with a Russian nationality. That's pretty sad.
The app is damn good. The best messenger app I've used - much better than signal. I'm so disappointed by this attitude.
When it first started getting popular I was curious about whether they were trustworthy, so I chatted with the devs and they said it was 100% open source. I looked through the source and found a pre-compiled binary blob buried deep in the folder structure, and they came up with some strange excuse that I can't recall and then it disappeared after a while.
Also, the evidence that it's not end to end encrypted by default for many operations is out in the open.
> I have to wonder if part of why this is mostly brought up is due to the origin of the app being a group with a Russian nationality.
I think it has more to do with the fact that there is no known reason for the organisation behind Telegram to provide it. It doesn’t make money from users, it has large operating and development costs, it keeps access to a lot of personal data without regulation, it is not a non-profit funded by donations and being open about their operation…
So most realistic hypotheses about that organization is that it’s shady. There are very few other possible explanations.
Telegram is about as private as facebook messenger or discord is the basic assertion. FB messenger is a much nicer client than the more private chat messengers, but telegram is essentially a client you can't assume is private, much like FB messenger itself, even if it has an E2EE chat mode that nobody uses.
But people are deluded that it's as private as Signal or Matrix, which is laughable.
This is one of the API entry points with which the apps communicate: http://149.154.167.51/
Nginx is currently at 1.21.0
Why wouldn't you care about your load balancer being so outdated? That's over 15 years.
There could be an explanation for this, but I'd have to put some unnecessary trust into it before I get the valid explanation. It is http and no https is offered on that server, which probably indicates that there's no need for TLS, that the communication is secure enough for it not to rely on TLS. But anyway...
Telegram works better as a chat app for my use case which is why I prefer it.
I use an iPhone for iOS development and as a backup phone, I use Android as a daily driver - WhatsApp couldn't sync history when I broke my phone twice in a year and had to switch to iPhone. And I prefer using a desktop app over mobile one, if my phone dies I can still use telegram desktop (this was useful a few times I left my phone in the car and wife drove off with it, I could keep using telegram to message her, my only other option would be messenger at that point).
I don't mind privacy implications of my random chats being read by telegram.
I’m not sure I’d want group chats with thousands of members to be end-to-end encrypted. It doesn’t even seem that clear what the actual utility of it would be.
I agree, but where are you getting that number from? They said "group chats", not "massive group chats". I would certainly want group chats with less than 20 people to be end-to-end encrypted, if it were possible.
I think a decent compromise would be just enabling it by default for private group chats, since it'd be costly and pretty pointless for public ones.
From a defensive perspective, I agree, but from an offensive perspective it's way easier to, say, download the contents of the 500 largest channels in the country than having to join those channels yourself.
Telegram is recognized by i.e. Singapore government. They have multiple official channels in Telegram, including ministry of manpower, public housing authority and ministry of foreign affairs. The official government site has their Telegram group as well.
None of the messengers except Signal give any confidence in being really private.
And when comparing Telegram and Whatsapp shady-wise, only one of them has obvious many reasons to track you as much as technically and legally possible.
And when it comes to app performance, UX and ease of use - Telegram beats all others with a huge margin.
Telegram accomodates over 200,000 users. I have my own community around Telegram; it has nothing to do with Crypto. Bots manage the rush; block words filter out conversations; spammers are blocked in their track, auto-delete or auto-removal of messages (if and when required).
Privacy controls on voice/video calling, restrictions on who can add me to groups and so on. Intelligent cache without looming storage limits on my device. Efficient application that doesn't drain battery. Cross platform client that even works in modern browser and remains in perfect sync.
I wonder why you are forgetting the virtues and only focused on the "shady aspects".
if i put down a years income for a new car, the 'authorized garage' has it's perks because the value of holesome repairs is probably greater than the cost.
if on the other hand one has a ten year old, used car, which main purpose is a means of transport, that greasy, dusty garage, were the mechanic will let you know that there was only one screw missing and charges you a few bucks is golden.
Facebook doesn't really get a strong advantage in keeping keys to read your messages on its own servers. Intelligence services would benefit from this, so would fraudulent or corrupted employees. For Facebook, storing keys to your message is more a burden, if anything.
Facebook derives valuable data about you through WhatsApp in three channels:
- analyzing the content of your discussions before they get encrypted and sent,
- the app acts like a Trojan horse into you smartphone. It collects data such as your device model, geolocation, contacts, text messages with all activation/verification texts from third parties, the list of apps you installed, when you wake up or go to bed, when you sleep or do other things in bed (thank you gyroscopic sensors), etc.
- Through the correlation of real-time data collected from other smartphones, Facebook also acquires who you met, spend time with, where and when.
As you can see, you don't get end to end encryption for philanthropic reasons but because that's simply not where the money is and that's what gullible customers ask for.
end to end encryption is like when you get offered tap water at the restaurant: for many customers, it provides then with a feeling of self satisfaction.
But it doesn't improve the quality of the food at all...
Facebook works directly with oppressive central governments to implement censorship against their citizens.[1] Some might consider that getting screwed over.
I don’t know if it’s the Russian style or the slightly nsfw emoji it packs by default but the program feels sus. Plus, I feel like it’s only hot news recently because of the Trump-follower-exodus. Plus all the gushing in this thread seems a bit over the top. What’s special about it over WhatsApp or heck even WeChat?
It Just Works(TM). Easy onboarding, doesn’t complain if you don’t let it vacuum up your entire address book, simple and usable interface, syncing is flawless, native desktop client, first party library for integrations and support of third party clients.
If you’re not willing to sacrifice too much UX for privacy, it kicks the pants off of a lot alternatives while still, ostensibly, not being the worst offender privacy-wise.
While the development teams at Telegram should be applauded I can't stress enough that it helps that they don't have E2EE and centralized most of the complexity to their server.
Related regarding feature deployment: I got some negative feedback for dumping on Matrix for announcing Spaces without iOS client support. They should have waited until Element had all their major platforms covered before announcing it. It's maybe an unpopular take but when around 40% of my homeserver's users can't use a major feature, that's a shitty rollout.
Telegram does have E2EE in secret chats. WhatsApp does NOT have E2EE because it backs up your private keys to cloud storage by default. Even if you don't, your contacts might. Therefore WhatsApp is less secure.
They have the most productive and high quality engineers in the game. And I say this as someone that whinces at telegram for not having e2e encryption by default.
The Telegram Apps are all great and have so many awesome features that are crucially also extremely well implemented. Everything seems so well thought through!
It's just incredibly scary not to know anything about who these developers are, where they are located and most importantly how this is all financed!
I understand Pavel Durov is a very wealthy man, but developing and hosting a popular global messenger service can't be cheap.
Same. This has been my frustration with Signal lately. They've had a large growth in a userbase but feels like they aren't growing their team fast enough to become real contenders with Telegram and WA. You don't have to move fast and break things, but you do have to move.
This is one of the best feature sets, and I waited for over two years; ever since WhatsApp had got it. I find that stance of the community strange here - no "e2ee". Privacy is important, but your chat history hardly reflects that. There are other ways to get your history or track your digital trails.
200,000 users for group chat. Unlimited users for voice chat (like clubhouse).
30 users for group video calling. That limit will be increased later.
Flawless sync across platforms.
Secret chats - the e2ee chats self-destruct between users and stay on the device where it has been initiated.
Robust third party clients-that add more functionality to the official app. (I use Utyagram; Plus is another popular mod, but is closed source).
Unlimited users for channels - that work as broadcast lists.
The lists goes on and on.
> Secret chats - the e2ee chats self-destruct between users and stay on the device where it has been initiated.
Is this supposed to be a feature? Telegram themselves claim that this inability to backup chats is at least part of why they don't enable E2EE before mentioning that it allows users choice over data storage, which seems silly in the face of apps that allow for encrypted backups of E2EE messages. [1]
Signal backups are obviously E2EE and can be moved between devices by copying an encrypted blob or directly transferring over Wi-Fi, depending on your platform.
Meanwhile, on Telegram if I reinstall the app all of these chats are gone. If I change phones and posess both devices concurrently, there's still no official way to move chat histories. E2EE feels like a crippled afterthought on Telegram considering so many of the interesting Telegram chat features (or just backups/transfers) don't seem to work with it.
I use Telegram as a daily driver and I don't find any reason to be constrained about whatever you mention. I use Telegram on iPad, Windows, Android and they sync perfectly- that's why it's cloud messenger. Data migration isn't an issue at all.
No one's asking you to use a non-e2ee client. But find reason and merit in those who do- try it for the convenience and then uninstall it if it doesn't serve your purpose.
Telegram has absolutely amazing UX on all platforms I've used it on, I hope they can roll out encryption for group chats soon and show somehow that we can trust that encryption.
Really? Every Telegram group I tried to chat started spamming me with notifications every few seconds and I uninstalled the damn thing.
The UI also looks like it was made by a intern who just learned how to use Android Studio, not like something new and cool. The actual text "Telegram" and a magnifying glass button instead of a search bar, hamburger menu instead of your own profile pic, no big fat QR scan icon, ...
1) it's incredibly trivial and intuitive to mute a channel. i see no issue with receiving notifications by default to a channel you just subscribed to
2) hamburger menu is right here. the avatar-as-menu implies account details. the menu presented instead makes sense and has the stuff you'd expect.
3) magnifying bar makes sense since the real estate saved is used for useful information
4) there is a big fat qr scan icon. it's just not "first page material", which is the correct decision here. if abd when you need it, telegram tells you where to find it.
In any case, you are entitled to your assessment. I just completely disagree with it.
It has already been announced that they will add ads to Telegram but only to public groups/channels over a certain amount of users. Everything else will stay ad free. See: https://t.me/durov/142
I feel like Clubhouse looks a lot more polished as an app though. Telegram feels like a CS 101 "hello world" messenger app demo. Yeah I know it has more features than that, but it looks like it has no features.
When you go into Clubhouse you know you're in Clubhouse. They don't need to write "Clubhouse" at the top of the app. There are no generic buttons such as hamburger buttons. It's obvious which account you're logged into just by looking at the icon at the top right. Almost every use has a profile pic. There is attention to negative space and typography.
I’m back to WhatsApp after many months of full time Signal usage. People started leaving Signal one by one. Some of them really tried. Not many had joined anyway. For most remaining contacts Signal was and for more it remained installed just for me.
A medical emergency in the family and I was back on WhatsApp in a second.
Signal kept crashing, remained full of UI bugs (the kind I just couldn’t believe is there has been there for months and years; yeah the simple and silly ones), functionality bugs, slightly better than barely useable calling, delayed messages, broken notifications, extremely frustrating and broken encryption key update even when there was no such actual update — while the foundation kept giving us new emojis/stickers and worked on crypto. Nice gesture I reckon. And yeah, still a closed garden.
No opinion really. It’s just how it is. I use Apple’s phone and computer which is proprietary and closed garden by design, effort, and lobbying. Who am I kidding.
So no, I’m not going to say Telegram is shady. Maybe it is but so are others. Maybe not Signal (or is it?). It’s just that Telegram is far from being the personal messaging/communication app, at least around me. It’s an extension of other online communities like subreddits. Discord is eating into that share anyway. It’s used for apartment groups. COVID update channels (especially in India where very high up offices still have public Gmail IDs) and all that. Oh, they do have literally the best mobile and desktop apps among its peers. By many miles.
Telegram does not have group voice nor video calls. It has voice (and now video) chats.
// Unless I am not aware of any recent change, I tested this last month and don't see any related update ever since.
Which is not the same, and actually, for me is not useful at all. The main difference is that a "chat" does not ring the other participants' phones, which is a must for me to "call" my family either voice or video. You must first tell them through chat that you will create a voice or video room/chat. For 1-on-1 it does have calls, as it rings. For groups, it does not.
I did not tested group (video or audio) calls, but 1 on 1 it works exactly as you (and me) expect. You could just call someone and it will ring on other side.
This is kind of loaded. I do think Telegram does an excellent job at ephemerality from a practical standpoint. Without being able to audit their server though, we have no clue if 'disappeared' chats and messages are actually scrubbed from their server.
I was once banned from the service for playing around with very old clients and had a back and forth with them over email for a week or so (it was re-enabled and they apologized for the inconvenience). They are prickly and refuse to give any details over how data is managed.
Readit News
That being said, WhatsApp is like the authorized garage where you know that you'll get the service which is officially recognized (by the government) and will keep your car's value "at its best", but which screws you over in so many ways.
Everything else is somewhere in between these two platforms.
It seems like whenever telegram is brought up here, there's a lot of speculation about it not being trustworthy but no concrete evidence.
The client is open source. While not end to end encrypted by default, it shares that property with most messengers. E2E limits search-ability and other features so it's a tradeoff.
I have to wonder if part of why this is mostly brought up is due to the origin of the app being a group with a Russian nationality. That's pretty sad.
The app is damn good. The best messenger app I've used - much better than signal. I'm so disappointed by this attitude.
How does everything which has its origins in US is touched up with fairy duust while anything that may have a remote link with Russia is garbage?
Signal is garbage. They are riding on the coattails of marketing (and that's what investment money does)
Also, the evidence that it's not end to end encrypted by default for many operations is out in the open.
I think it has more to do with the fact that there is no known reason for the organisation behind Telegram to provide it. It doesn’t make money from users, it has large operating and development costs, it keeps access to a lot of personal data without regulation, it is not a non-profit funded by donations and being open about their operation…
So most realistic hypotheses about that organization is that it’s shady. There are very few other possible explanations.
But people are deluded that it's as private as Signal or Matrix, which is laughable.
Nginx is currently at 1.21.0
Why wouldn't you care about your load balancer being so outdated? That's over 15 years.
There could be an explanation for this, but I'd have to put some unnecessary trust into it before I get the valid explanation. It is http and no https is offered on that server, which probably indicates that there's no need for TLS, that the communication is secure enough for it not to rely on TLS. But anyway...
This is a weird way to respond to someone using a metaphor to describe how an app makes them feel.
I use an iPhone for iOS development and as a backup phone, I use Android as a daily driver - WhatsApp couldn't sync history when I broke my phone twice in a year and had to switch to iPhone. And I prefer using a desktop app over mobile one, if my phone dies I can still use telegram desktop (this was useful a few times I left my phone in the car and wife drove off with it, I could keep using telegram to message her, my only other option would be messenger at that point).
I don't mind privacy implications of my random chats being read by telegram.
I think a decent compromise would be just enabling it by default for private group chats, since it'd be costly and pretty pointless for public ones.
End-to-end encrypted group chats are currently in the works.
Source - https://t.me/durovschat/518625
We used to have them in Hungary. I miss them. "Szaki"
Deleted Comment
And when comparing Telegram and Whatsapp shady-wise, only one of them has obvious many reasons to track you as much as technically and legally possible.
And when it comes to app performance, UX and ease of use - Telegram beats all others with a huge margin.
Privacy controls on voice/video calling, restrictions on who can add me to groups and so on. Intelligent cache without looming storage limits on my device. Efficient application that doesn't drain battery. Cross platform client that even works in modern browser and remains in perfect sync.
I wonder why you are forgetting the virtues and only focused on the "shady aspects".
the missing piece seems to be the type of car.
if i put down a years income for a new car, the 'authorized garage' has it's perks because the value of holesome repairs is probably greater than the cost.
if on the other hand one has a ten year old, used car, which main purpose is a means of transport, that greasy, dusty garage, were the mechanic will let you know that there was only one screw missing and charges you a few bucks is golden.
Facebook derives valuable data about you through WhatsApp in three channels:
- analyzing the content of your discussions before they get encrypted and sent,
- the app acts like a Trojan horse into you smartphone. It collects data such as your device model, geolocation, contacts, text messages with all activation/verification texts from third parties, the list of apps you installed, when you wake up or go to bed, when you sleep or do other things in bed (thank you gyroscopic sensors), etc.
- Through the correlation of real-time data collected from other smartphones, Facebook also acquires who you met, spend time with, where and when.
As you can see, you don't get end to end encryption for philanthropic reasons but because that's simply not where the money is and that's what gullible customers ask for.
end to end encryption is like when you get offered tap water at the restaurant: for many customers, it provides then with a feeling of self satisfaction.
But it doesn't improve the quality of the food at all...
Hope I brought some light in the topic :)
[1] https://wikipedia.org/wiki/May_2019_Jakarta_protests_and_rio...
Dead Comment
If you’re not willing to sacrifice too much UX for privacy, it kicks the pants off of a lot alternatives while still, ostensibly, not being the worst offender privacy-wise.
Related regarding feature deployment: I got some negative feedback for dumping on Matrix for announcing Spaces without iOS client support. They should have waited until Element had all their major platforms covered before announcing it. It's maybe an unpopular take but when around 40% of my homeserver's users can't use a major feature, that's a shitty rollout.
It's just incredibly scary not to know anything about who these developers are, where they are located and most importantly how this is all financed!
I understand Pavel Durov is a very wealthy man, but developing and hosting a popular global messenger service can't be cheap.
On desktop* there is no e2ee even among the options.
* where "desktop" includes GNU/Linux phones.
200,000 users for group chat. Unlimited users for voice chat (like clubhouse). 30 users for group video calling. That limit will be increased later. Flawless sync across platforms. Secret chats - the e2ee chats self-destruct between users and stay on the device where it has been initiated. Robust third party clients-that add more functionality to the official app. (I use Utyagram; Plus is another popular mod, but is closed source). Unlimited users for channels - that work as broadcast lists. The lists goes on and on.
Is this supposed to be a feature? Telegram themselves claim that this inability to backup chats is at least part of why they don't enable E2EE before mentioning that it allows users choice over data storage, which seems silly in the face of apps that allow for encrypted backups of E2EE messages. [1]
Signal backups are obviously E2EE and can be moved between devices by copying an encrypted blob or directly transferring over Wi-Fi, depending on your platform.
Meanwhile, on Telegram if I reinstall the app all of these chats are gone. If I change phones and posess both devices concurrently, there's still no official way to move chat histories. E2EE feels like a crippled afterthought on Telegram considering so many of the interesting Telegram chat features (or just backups/transfers) don't seem to work with it.
[1] https://telegram.org/faq#q-why-not-just-make-all-chats-39sec...
The UI also looks like it was made by a intern who just learned how to use Android Studio, not like something new and cool. The actual text "Telegram" and a magnifying glass button instead of a search bar, hamburger menu instead of your own profile pic, no big fat QR scan icon, ...
2) hamburger menu is right here. the avatar-as-menu implies account details. the menu presented instead makes sense and has the stuff you'd expect.
3) magnifying bar makes sense since the real estate saved is used for useful information
4) there is a big fat qr scan icon. it's just not "first page material", which is the correct decision here. if abd when you need it, telegram tells you where to find it.
In any case, you are entitled to your assessment. I just completely disagree with it.
Why do you need your profile instead of a menu? Why a QR icon? Why a search bar?
Those are very minor things on an app that functions extremely well.
[1] https://mobile.reuters.com/article/amp/idUSKBN2BF0UP
[2] https://t.me/durov/142
At this point Telegram is unrivalled and already has almost everything that WhatApp has, except for E2EE turned on by default.
When you go into Clubhouse you know you're in Clubhouse. They don't need to write "Clubhouse" at the top of the app. There are no generic buttons such as hamburger buttons. It's obvious which account you're logged into just by looking at the icon at the top right. Almost every use has a profile pic. There is attention to negative space and typography.
Or are you deliberately spreading unsubstantiated claims?
A medical emergency in the family and I was back on WhatsApp in a second.
Signal kept crashing, remained full of UI bugs (the kind I just couldn’t believe is there has been there for months and years; yeah the simple and silly ones), functionality bugs, slightly better than barely useable calling, delayed messages, broken notifications, extremely frustrating and broken encryption key update even when there was no such actual update — while the foundation kept giving us new emojis/stickers and worked on crypto. Nice gesture I reckon. And yeah, still a closed garden.
No opinion really. It’s just how it is. I use Apple’s phone and computer which is proprietary and closed garden by design, effort, and lobbying. Who am I kidding.
So no, I’m not going to say Telegram is shady. Maybe it is but so are others. Maybe not Signal (or is it?). It’s just that Telegram is far from being the personal messaging/communication app, at least around me. It’s an extension of other online communities like subreddits. Discord is eating into that share anyway. It’s used for apartment groups. COVID update channels (especially in India where very high up offices still have public Gmail IDs) and all that. Oh, they do have literally the best mobile and desktop apps among its peers. By many miles.
// Unless I am not aware of any recent change, I tested this last month and don't see any related update ever since.
Which is not the same, and actually, for me is not useful at all. The main difference is that a "chat" does not ring the other participants' phones, which is a must for me to "call" my family either voice or video. You must first tell them through chat that you will create a voice or video room/chat. For 1-on-1 it does have calls, as it rings. For groups, it does not.
Documentation I mentioned: https://core.telegram.org/api/end-to-end/video-calls
I was once banned from the service for playing around with very old clients and had a back and forth with them over email for a week or so (it was re-enabled and they apologized for the inconvenience). They are prickly and refuse to give any details over how data is managed.
"Secret" groups are in the works, I believe