And every time someone makes this comment. MTProto 2 uses standard crypto primitives. Besides this, do you know who else rolled their own crypto? Moxie. You don't get to roll your own crypto first and then weaponize this against your opponents but that's exactly what he did along with abusing words like "plaintext" to describe any encryption not E2EE.
The difference is Moxie isn't an amateur when it comes to cryptographic design. Wikipedia actually lists him as a cryptographer. The company has also employed an actual mathematician/cryptographer, Trevor Perrin.
Meanwhile, Telegram employed the CEO's brother who's a geometrician, which is not the same. You wouldn't hire a dentist to perform brain surgery even though both studied medicine.
Signal protocol's double ratchet is considered best practice by pretty much every competent cryptographer.
MTProto's main issues are not the teething issues of the yester-years. It's the fact every chat is sent to the server that can then read the messages. Telegram only has E2EE in internet debates about it's non-existent E2EE in practice.
Are you aware the article you link to technically critiques MTProto 1, including links to web archives of the MTProto 1 docs?
> MTProto's main issues are not the teething issues of the yester-years. It's the fact every chat is sent to the server that can then read the messages. Telegram only has E2EE in internet debates about it's non-existent E2EE in practice.
Telegram does in fact have E2EE available in the form of Secret Chats, so that's just an incorrect statement from you.
Regardless, that wasn't what I was rebutting. If anyone is going to have a reasonable debate about Telegram's problems, at least do so reasonably, without resorting to well-worn and facile language invented by the person who has the most to gain from its use. Moxie is not at all innocent in any of this and I'm glad he's no longer involved with Signal, which I use every day.
Exactly. I have friends that outright refuse to use secret chats because stickers are so important to them. They literally have said to my face "stickers > human right to privacy".
>Are you aware the article you link to technically critiques MTProto 1, including links to web archives of the MTProto 1 docs?
Yes, but surely you realize a competent cryptographer wouldn't have implemented a backdoor looking design in the first place?
>Telegram does in fact have E2EE available in the form of Secret Chats, so that's just an incorrect statement from you.
No it's 100% correct and you just made my point for me.
1. Secret chats are not used by default, meaning most of users don't even know about it.
2. Secret chats are not available for group chats, not even small ones that have reasonable expectation for privacy.
3. Secret chats are not available for desktop chats, so you can not really use them seamlessly. I've spent six hours in front of my computer today. My phone is 30cm from my left hand. And I absolutely can't be arsed to pick it up every time my friend would send me a secret chat. Telegram's backdoor works exactly this way. They know I'm lazy. They make it my fault. Whereas with Signal, I can just alt-tab into the chats and reply there.
When I said Telegram only has E2EE in internet debates, that means people like you who love to point out it's technically there, but who also fail to understand what it takes for such feature to be even used on a daily basis.
>facile language invented by the person who has the most to gain from its use.
I've been criticizing Telegram for over a decade now. You trying to make it sound like it's Moxie who's the devil pulling all the strings and making my arguments for me, makes you look like an astroturfer employed by Telegram: https://tsf.telegram.org/
> When I said Telegram only has E2EE in internet debates, that means people like you who love to point out it's technically there, but who also fail to understand what it takes for such feature to be even used on a daily basis.
But you are being dishonest when you make an incorrect statement like this. Don't do that.
I just read the linked page through: this is a request for volunteers to answer support questions for Telegram. How did you make the mental leap from a request for support volunteers to recruitment ad for astroturfers?
You've gone way off base here and have made a colorful array of unfounded accusations, including strongly hinting I must be part of an astroturfing brigade, that Secret Chats only available on mobile devices constitutes an intentional "backdoor", that I am a "useful idiot", that for the purposes of internet argumentation E2EE chats don't actually exist, etc.
What I asked you to do was to stop misrepresenting your own bizarre theories as fact and stop linking microblog posts and blog posts describing vulnerabilities of a completely rewritten protocol that have nothing to do with its current. That is dishonest and not a reasonable basis for any argument.
There are many ways of honestly portraying the problems of Telegram without resorting to false inventions, such as its immense problem of spam and ads and the fact that E2EE is not available across all devices and for group chats.
Yeah ok I reviewed some of your post history and figured this isn't the first time you're being called out for your opinions. You've been downvoted about this topic for the past several years. It's not even the first time we two are having this discussion. You obviously aren't someone who changes their mind when presented with arguments so it makes zero sense to continue. Take care my weird Russian oligarch defending Dane.
"Some of my" post history? Do you realize how many comments I've made here? How far back did you have to go? Did you also get to the part where I have repeatedly stood up for Ukraine's sovereignty and presented arguments against anyone defending Russia's invasion of Ukraine? How for one second do you think the way you've conducted yourself with me is acceptable?
Linking to vulnerabilities in a protocol that hasn't been used for 8 years and misrepresenting that fact by omission is simply unethical.
Attack my arguments with reasonable, evidence-based arguments. Do not make personal attacks. That is in the HN rules.
You've presented falsehoods and unfounded conspiracy theories. I've called you out on them. I expect better from any human being on Hacker News and I will continue to, whatever the topic.
It's nice to see their reasoning, but the issue remains: Telegram can read most direct messages (because almost no one uses private chats) and everything sent in groups.
It's a good service and in some cases it can compete with Matrix, Signal, etc, but most direct chats and all groups have no privacy from Telegram (and anyone with access to their servers).
What a bizarre explanation. Element does E2EE just fine, with the caveat that you have to record your own encryption keys. But if you want E2EE and backups, what would you expect?
Good service btw, but not the best from a privacy point of view.