>I know the default assumption with Telegram is that they can read all your messages
The client is open source. It's trivial to verify this is 100% factually happening. They have access to every group message. Every desktop message. Every message by default. If you enable secret chats for 1:1 mobile chats, you are now disclosing to Telegram you're actively trying to hide something from them, and if there ever was metadata worth it for Keith Alexander to kill someone over, it's that.
>they seem less cooperative and I never got the notion that they ever read private messages until the Macron incident
Thus, I wouldn't be as much concerned about what they're handing EUROPOL, but what they're handing FSB/SVR.
Even if Telegram never co-operated with Russian intelligence, who here thinks Telegram team, that can't pull off the basic thing of "make everything E2EE" that ~all of its competition has successfully done, can harden their servers against Russian state sponsored hackers like Fancy Bear, who obviously would never make noise about successful breach and data exfiltration.
>How come they are able to be this exception despite not having end to end encryption by default?
They've pushed out lie about storing cloud chats across different servers in different jurisdictions. Maybe that scared some prosecutors off. Or maybe FVEY is inside TG's servers too, and they don't like the idea of going after users as that would incentivize deployment of usable E2EE.
Currently, the Russian government is trying to squeeze people out of Telegram and move them over to MAX: https://caspianpost.com/regions/russia-tightens-telegram-res...
WhatsApp also operates in Russia, despite Instagram and Facebook being banned. So I wouldn't count on its E2EE either.
Signal still requires a phone number and proprietary Google blobs on mobile. Many third-party Telegram clients exist - Signal allows none.
The real story is, MAX is there to scare people into Telegram. Durov isn't your friend, neither is Putin who doesn't bother blocking connections to the server.
>So I wouldn't count on its E2EE either.
This is the worst way to assses E2EE deployment. 5D-chess.
>Signal still requires a phone number and proprietary Google blobs on mobile.
Telegram also requires a phone number. If you didn't have double standards, I bet you'd have no standards.
>Many third-party Telegram clients exist
The official implementation and default encryption matters. 99.99% just assume Telegram is secure because Putin supposedly tries to block it. They don't know it's not E2EE. And no third party TG desktop client offers cross-platform E2EE or E2EE groups. IIRC there's exactly one desktop client that tries to offer E2EE 1:1 chats but that's not seamless. TG has no idea how to make seamless E2EE like Signal.
You ignoring that Signal is both open source and always E2EE and complaining about it's "proprieatry blobs" yet looking past TG's atrocious E2EE speaks volumes.
>This is the worst way to assses E2EE deployment. 5D-chess.
How would you explain the fact that WhatsApp remains unblocked in Russia, when all other major messengers except Telegram and Meta's own products all got banned there?
>Telegram also requires a phone number. If you didn't have double standards, I bet you'd have no standards.
Not my point. I'm pointing out a flaw that both messengers share.
>TG has no idea how to make seamless E2EE like Signal.
Because it's never seamless. Loading your messages on Signal can take quite a while. Also if you receive a message over 2 weeks ago without checking your phone in the meantime, you may as well have never received it.
>You ignoring that Signal is both open source and always E2EE and complaining about it's "proprieatry blobs" yet looking past TG's atrocious E2EE speaks volumes.
Why are you ignoring the fact Signal actively prohibits third-party clients? Why the air quotes on proprieatry blobs? Yes, Telegram is far from perfect, and inferior to Signal when it comes to E2EE. But what makes you reject the proprieatry blob claim when it's true? Because your favorite messenger is being attacked?
>Loading your messages on Signal can take quite a while.
Yeah if you have to go through hundreds of ratchet steps, yeah it will take time. That's expected. The only way to make it faster than that is to deploy it without privacy. That's cheating.
>Why are you ignoring the fact Signal actively prohibits third-party clients?
Because it's not a problem for security.
>Yes, Telegram is far from perfect, and inferior to Signal when it comes to E2EE.
Telegram's lack of ubiquitous E2EE is a blocking issue. Signal's wait times is a problem that goes away with 5G, 6G etc., and with them nanometers going down.
>But what makes you reject the proprieatry blob claim when it's true?
The client is open source. It's trivial to verify this is 100% factually happening. They have access to every group message. Every desktop message. Every message by default. If you enable secret chats for 1:1 mobile chats, you are now disclosing to Telegram you're actively trying to hide something from them, and if there ever was metadata worth it for Keith Alexander to kill someone over, it's that.
>they seem less cooperative and I never got the notion that they ever read private messages until the Macron incident
We have no way to verify Telegram isn't a Russian OP. I'd love to say Pavel Durov fled for his life into exile https://www.nytimes.com/2014/12/03/technology/once-celebrate...
But the "fugitive" has since visited Russia over SIXTY times https://kyivindependent.com/kremlingram-investigation-durov/
Thus, I wouldn't be as much concerned about what they're handing EUROPOL, but what they're handing FSB/SVR.
Even if Telegram never co-operated with Russian intelligence, who here thinks Telegram team, that can't pull off the basic thing of "make everything E2EE" that ~all of its competition has successfully done, can harden their servers against Russian state sponsored hackers like Fancy Bear, who obviously would never make noise about successful breach and data exfiltration.
>How come they are able to be this exception despite not having end to end encryption by default?
They've pushed out lie about storing cloud chats across different servers in different jurisdictions. Maybe that scared some prosecutors off. Or maybe FVEY is inside TG's servers too, and they don't like the idea of going after users as that would incentivize deployment of usable E2EE.
Who knows. Just use Signal.