Mate I love telegram but that's not plain incorrect.
Telegram has transport layer encryption, like literally everything else in 2022. For all intents and purposes telegram can read and access a majority of your conversations on it.
This isn't a super big deal because telegram is aiming to be a social media platform, rather than an encrypted comms platform, and e2ee on groups over a certain size is pretty useless.
I think telegram can still improve by making private messages e2ee by default.
Messages in iCloud, which keeps a user’s entire message history updated and available on all devices, also uses CloudKit end-to-end encryption with a CloudKit service key protected by iCloud Keychain syncing. If the user has enabled iCloud Backup, the CloudKit service key used for the Messages in iCloud container is also backed up to iCloud to allow the user to recover their messages, even if they have lost access to iCloud Keychain and their trusted devices. This iCloud service key is rolled whenever the user turns off iCloud Backup.
If you are in this ecosystem, and feel your potential loss from disclosure is greater than your potential loss by losing/damaging your device, go turn off iCloud Backup — and make sure your keychain is secured to your needs.
Hq location can be quite irrelevant. Legal intercept laws can be quite old-fashioned and might make a case than two German citizens having a conversation while on German soil makes the conversation fall under German jurisdiction. There can be a surprisingly large number of ways the jurisdiction can be determined, for all parties involved and, without analysis of German law, I would not readily make assumptions as to if they have a legal basis to talk to Signal or not. And if they do, I’m sure Signal is a law-abiding company.
That's what the other user said and it is still incorrect. [0] People either don't read the basic FAQ or conflate E2EE to being the only encryption in the world, which is ridiculous.
Encryption in transit is assumed, and rightfully so. That still means that telegram gets full access to the plaintext and as such is able to give that information to anyone, and do with it as they wish.
I suppose there are some people pit there that think "unencrypted" here means everyone can listen in, but certainly not the hackernews crowd.
I read the FAQ and even skimmed the MTProto 2.0 docs but from where I stand this Server-Client encryption sounds like encryption in transit but the server still has the ability to decrypt.
This, from a privacy against law enforcement perspective (which is what the article and comments are about), is more or less the same as no encryption.
Edit: s/transport/transit/, add "perspective" to the last paragraph.
It’s true that Telegram only uses encryption for data in transit for normal person-to-person chats and group chats. Data at rest is stored in a way the server can read. That’s one of the things that makes Telegram search so fast.
The encryption part [1] is covered in the FAQ, along with more details.
Also see the question and answer on “Fo you process data requests?” [2]
Telegram has a feature called secret chats, which are only person-to-person. That uses end-to-end encryption.
I'm aware of Secret Chats, but there's extra friction to enable it and I suspect most Telegram users are not aware of them at all - or are unwilling to use them for almost everything.
Also they should now update that FAQ answer where they say:
> To this day, we have disclosed 0 bytes of user data to third parties, including governments.
In fact, if the OP is indeed true, they should probably update the entire answer since it's misguiding at best, and an outright lie at worst.
You don’t understand what it means.
Server side encryption does not matter from the user perspective. Telegram has all the keys and they can access all the data, so there is no real privacy.
For E2EE, you need to open seperate 1 on 1 chat, which is optional, not default.
And what it comes to group chats or channels, none supports E2EE.
Server-side encryption = encryption. The fact that you don't find it sufficient and other opinions are irrelevant when it comes to people just plain wrongly stating things, such as "unencrypted" for clearly encrypted data.
It's like going outside in the rain, getting wet and saying "Well, it's not actually raining, I didn't get a pint of water in my boots."
> Server-side encryption = encryption. The fact that you don't find it sufficient and other opinions are irrelevant when it comes to people just plain wrongly stating things, such as "unencrypted" for clearly encrypted data.
We have clearly talked about E2EE (end-to-end encryption) and server side encryption is not that. E2EE means that it is encrypted between you and the message target. Server is the middle man, which should not have the access.
Almost everything is already encrypted with TLS on the current world during transmissions and regulations require server side encryption. It is not even our main interest to talk about that anymore, we are past that.
The main issue on the original post is the lack of E2EE.
Look up Grice's Maxims sometime. Conversations have context. The context here is a comment section for an article about a nation state requesting chats from Telegram. The only relevant kind of encryption that would be able to prevent this is end-to-end encryption; in such a context, 'Telegram is unencrypted' is easily and near-universally understood to refer to E2E encryption, even if absent such context the meaning would be less clear.
A better rain analogy would be someone saying 'I'd like to go for a smoke, is it raining', and you reply 'yes' because there is somewhere in the world where it is raining (just not there). You would be technically correct, but in the context of the question, the person was clearly interested in whether it was raining _there_.
But that's not "real" encryption. You're just abusing language — as most are in this thread — to get a result you want.
If you want to discuss E2EE, do so but it does not make it more "real" than other encryption.
Unencrypted is false. Not E2EE is true. Most use the former to wage war against an app they don't like because they prefer an app like Signal that satisfies their desirable qualities. Moxie actually started this trend and it is despicable. I'd say the exact same thing if Durov started referring to E2EE as "pedo-encryption" or anything else that distorts meaning.
Useless encryption is the same as no encryption.
If you put the key next to the lock, it's nit locked.
It's an abuse of language to call that encryption because if you say encryption you imply security.
But this is not secure and if it's not secure encryption is useless because security is the reason for encryption.
Encryption is not used for the sake of encryption but to protect the content of a message from unwanted access.
> Encryption is not used for the sake of encryption but to protect the content of a message from unwanted access.
Yes, that is what Telegram is doing. It may not be protecting the contents from who you want it protected from (everyone but you and the message recipient) but it does protect the contents from other (notice I did not say all) adversaries Telegram and its users don't want accessing.
It is still encrypted so use correct language, please and do not weaponize words to your own designs.
The context doesn't change the definition of encryption.
> It is more likely that you are trying to weaponize the words for your own designs.
Please point to where I have weaponized a word because on its face that accusation doesn't make any sense. I have not decided encryption means unencrypted. I have doggedly insisted words be used appropriately and even went so far as to give an example of mischaracterization of E2EE where I would call someone out.
If we go by definitions, it is not encrypted.
Ideally encryption means the process of encoding when only authorized parties can understand the information.
During the transportation of the information for the target recipient, the data in this case is on plaintext at some point on Telegram's server, and therefore it is not encrypted for the whole duration, going against the idea of transferring or holding information only for authorized parties in ciphertext format.
If we think that Telegram is the targeted party, then it would be encrypted as data is transferred or hold in ciphertext format for the whole process. However the Telegram is no the target, and the encryption is removed in the middle of process.
> Please point to where I have weaponized a word because on its face that accusation doesn't make any sense. I have not decided encryption means unencrypted. I have doggedly insisted words be used appropriately and even went so far as to give an example of mischaracterization of E2EE where I would call someone out.
You brought it up in the first place with a twisted definition.
From Wikipedia which you quoted bits from: "In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decipher a ciphertext back to plaintext and access the original information."
> You brought it up in the first place with a twisted definition.
I did no such thing. You appear to be confusing idealism with the definition of encryption.
In any case we already have words for transport encryption, encryption at rest, and end to end encryption when referring to modes of encrypted data. Those are sufficient to cover the spectrum of encryption which exists. Calling encryption of one mode "unencrypted" which is not your ideal mode of encryption is disingenuous at best.
> conflate E2EE to being the only encryption in the world
It is the only relevant one. Nobody who cares about protected messages would be satisfied with untrustworthy encryption.
Sure, technically even a messenger using Caesar cipher is encrypted, but most people expect more than a ticked checkbox.
No real user cares about what technically still counts as encryption, just like nobody outside of biology cares whether walnuts are actually nuts.
Hop-by-hop encryption is practically useless in a secure messaging setting, and people shouldn't take the "TLS counts as encryption" argument seriously. But it's good Telegram advocates keep making it, because it's an easy way to sum up their security posture.
Not GP. But I think your comment would be more meaningful if you elaborated on “people” (like which people you’re referring to). Telegram markets itself as a secure messenger and its CEO has written many a times about WhatsApp being worse for security and privacy. I don’t think a non-tech person can differentiate well between these.
Telegram is outright lying of course. I can't remember if WhatsApp uses E2E encryption by default still or not. If not they are equivalent, but telegram isn't better in any meaningful way.
Nah, when someone calls it an unencrypted messenger, one can assume they mean it's unencrypted on the server, as in-transit encryption is ubiquitous and thus a meaningless signifier.
Yes it can. If anyone reads "encrypted messenger" they're assuming only they and the intended recipients can decrypt it.
Rather, this is more of a debate of what the layman expects, and frustration with misleading marketing. A great example of this is the whole Zoom debacle; they claimed it was encrypted, people assumed it was E2EE, and got a lot of blowback for that to the point that they ended up implementing E2EE.
Another great example: a few of my friends were using Telegram for a while, and thought it was E2EE until I pointed out that only their "Secret Chat" feature is E2EE.
Even if that were the case, I'd still agree with OP's wording that it's a mostly unencrypted chat. It's encrypted at transit for the milliseconds it takes to reach the server. Once on the server, a third party has access to the plaintext until the end of time. It's a minimally encrypted chat.
And if the wording wasn't precise enough, context still matters more in this case. I'm sure everyone here knew what was meant, despite the familiarity with cryptography. Telegram claims your messages are "heavily encrypted" which is just false, aside from their very limited secret chat feature.
HN prefers substantive discussion, not nitpicking over semantics.
That's just plain incorrect.
> if local law enforcement comes knocking on their door with a warrant
How is German law enforcement relevant to an app HQ'd in Dubai? They've been openly criticised before for not cooperating with law enforcement.