Telegram Isn't As Private As You Think
We need to stop calling Telegram a private messaging app.
So a strange thing happened this week. Around the internet’s global town square I started to see all kinds of messages making vague accusations against the private messaging app, Signal, and encouraging people to switch to Telegram.
I’m not talking about the question as to whether or not Katherine Maher is an appropriate choice for the Signal Foundation board (I don’t think she is) — I’m talking about unsubstantiated anecdotes of vague Signal insecurities no one is able to find.
All this chatter would have seemed to a normal X (/Twitter) user like some "organic" movement. Let’s presume the people involved really don't want to use Signal for some reason, and maintain that their prime motivator is that they value privacy so much.
So why on EARTH would they recommend an app without any private groups chats? Where private DMs aren't even available on desktop? Where privacy relies on trusting a person, instead of trusting encryption??
My spidey-senses went off big time.
As cryptography professor at Johns Hopkins University, Matthew Green, said:
“Seems like we’re getting a major push for activists to switch from Signal to Telegram, which has no encryption by default and a pretty shady history of refusing to add it. Seems like a great idea, hope folks jump all over that.”
(/s for last sentence, obvz.)
Renowned security expert and software engineer, Alec Muffett, added:
“Gosh, who would profit from getting activist communities to move from secure signal to insecure telegram?”
Good question, Alec :)
Here’s the thing, I’ve done a lot of digging in to Telegram in the past, and we even did a video about some of the red flags in Telegram:
In recent weeks I’ve read a lot of posts from Telegram CEO Pavel Durov, and also watched his recent interview with Tucker. He’s very charismatic, and talks endlessly about how much he cares about privacy. But consider revealed preference: Pavel would rather keep a database filled with a record of everyone’s messages, vulnerable to any government or hacker getting access, instead of taking all this data out of his own reach.
I have come to the conclusion that Pavel is a master deflector when it comes to questions about Telegram's privacy. Telegram’s own website is incredibly dishonest when they talk about the privacy guarantees users actually get. They conflate E2EE with encryption in transit constantly, in what can only be viewed IMO as a deliberate attempt to mislead people.
TLDR: Red Flags abound! Stay vigilant, Privacy-goers!
Below I have reposted one of the pro-Telegram anti-Signal screenshots that’s been doing the rounds on social media, and a fantastic rebuttal that a friend of mine wrote.
Yours in privacy,
Naomi
This is textbook FUD and maliciously crafted. No one should feel one iota of safety using Telegram over Signal.
- Board members: The political opinions of Signal's leadership doesn't tell us anything about the security of Signal or of Telegram. If any such opinions matter, see their consistent statements, advocacy, and dialogue with U.K. and European politicians to defend encryption against backdoors for CSAM-scanning.
- US Government Funding: The U.S. also funded Tor. The U.S. government might like doing dodgy shit with data but also have the need for private communications. Wasn't Signal funding advantageous around the time of the Arab Spring to help dissidents operate?
- Ubiquity: If something is good and tested there is no problem with wider adoption. You are free to roll your own crypto but it's a huge risk when known-good solutions exist. What is the advantage of a new system unless you can prove advantages? Other services choose the Signal Protocol because it's the hardened gold-standard after 10 years of real-world testing, and because they know that rolling their own is difficult, fraught, and requires extensive auditing. While the client-side license of Telegram's MTProto protocol is open-source, its server-side license is proprietary and its code is unpublished.
- Signal messages used in court: Please cite any court case in which Signal messages were intercepted in transit and decrypted. All such instances have been because authorities have had direct device access, in which they could just as easily open the Telegram app and read such messages. Wow, big surprise – the people you send messages to can read them.
- Reproducible builds: You can build from source for Android. See also the independent Molly client. The point of reproducible builds is that you can verify that the code on GitHub is what they submitted to Apple. Researchers can, as the only way to do so is through jailbroken iPhones. The average person cannot. Reproducible builds on iOS void the security premise of the device, making it useless for when you actually need it. Also, iOS phones are only popular in the US, everywhere else Android is vastly more used. So as a spy method outside the U.S., choosing not to implement reproducible builds only on iOS seems odd. Apple is outside of the threat model for iPhone users anyways. They can and will ship you anything.
- 'Verifiably private': Telegram's default cloud chats offer zero security assurances and their 'secret chats' use their own encryption which has been found to have glaring bugs (https://words.filippo.io/dispatches/telegram-ecdh/…) bad enough that you could viably bruteforce it if you executed a few attacks on it. Chats aren't 'secret' by default and there's no such thing as secret groups. Secret chats cannot be synced between devices and are wholly unavailable on their desktop client. Telegram has had many years to prioritise default E2EE and has refused to do so. Why? Telegram has open-source clients sure, but the proprietary server handles all cloud messages, which means they could be easily be read and there's no guarantees there.
Security is far from Telegram's core focus or their feature set. Even if they had implemented the Signal Protocol for their secret chats, it doesn't matter: they're not a security-focused company and not doing secure design. Why is Signal slow to roll out features? Because every such feature is painstakingly designed to not compromise the privacy and security inherent in Signal's guarantee.
This coordinated push for Telegram at the expense of Signal is incredibly sketchy.
Thanks for sharing. I’ve always known that While Telegram may tout privacy features, it falls short in comparison to Signal due to its lack of end-to-end encryption by default and the absence of private group chats. This discrepancy raises concerns about the actual level of privacy and security Telegram provides, especially considering the reliance on trust rather than robust encryption methods.
Therefore, recommending Telegram over Signal for privacy reasons seems contradictory and raises suspicion about the motives behind such endorsements.
Got off telescam months ago. thx for the article :-)