I’d never understood why cloud storage needs the provider to have the keys. Why can’t the data be encrypted on device before being uploaded?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Russia Ends Ineffective Ban on Telegram Encrypted Messaging App
- Thread starter MacRumors
- Start date
- Sort by reaction score
They don't need to, but you lose your messages when you change devices if they don't. It's a tradeoff between privacy and convenience. There's no way to avoid trusting the server with the data if the user isn't going to always hold onto a key.
[automerge]1592672502[/automerge]
Telegram uses questionable homemade encryption, so maybe.
[automerge]1592672991[/automerge]
The other issue with all of these is that even with e2ee enabled, users don't verify each others' identities unless they go really out of the way. As far as most people know, the server could be MitM attacking them (reading all their messages). One pair of victims could discover that the server is guilty, but there's no way to prove that to others, so I'll bet they could get away with it selectively.
Worse, AFAIK Telegram doesn't even use the same identity across chats with the same user, so you'd have to check every time. Though I haven't used it in a long time, and the link might be outdated.
[automerge]1592673029[/automerge]
It's more like the Antichrist. I don't mean to be dramatic. It's ok as a messaging app but is by no means trustable, yet people trust it. The homemade encryption is their biggest offense. There are many more secure alternatives like Signal (endorsed by Edward Snowden and Jack Dorsey).
Last edited:
Yeah, that’s true (if you only have one device) I suppose. You’d think privacy focused apps would at least give you the choice though. Personally I’d take convenience, but I’m sure some people would like the security.
I wish they would make it so when the message is encrypted, it still goes to all of your devices.
Last edited:
“Normal thing” means it’s their standard behaviour? Please list more of them to validate your talking...
A lot of them do give a choice. I think with Telegram you choose between "secret" and regular chats, and I know FB is like that. With iMessage, it's secret by default, but you can enable iCloud backups and/or iCloud iMessage syncing.
Oh, that’s cool then. But Messages is ticked by default in iCloud settings isn’t it?
I'm not sure actually. It wasn't for me, but maybe that's because I had iMessage before that feature existed.
You're assuming that Telegram is secure. It's not end-to-end encryption if it isn't. And there have been no publicly disclosed third-party audits of Telegram's "end-to-end encryption," nor is it based on any closed-source trusted standard -- or any standard at all, really.
You're operating on the assumption that Signal and Telegram are equals, but one has mountains of credible and verifiable evidence to back up its claims of security and privacy. The other simply rolled their own, refused to let anyone look at it and share their findings, and instead just tells their users "don't worry, just trust us. 😉"
Telegram does have a secret chat feature that is end to end encrypted but you are absolutely right, there is a huge trust factor with Telegram. That trust has been built over many years and from my personal knowledge, Telegram has never had any major security breaches.
People are willing to trust Telegram because it is the most feature rich messenger currently on the market. Signal is the leader in security but it's a pretty barebones messenger.
If I were to transmit the blue prints to the Death Star I would use Signal but I'm just some nobody chatting with friends on Telegram.