70 comments

[ 2.7 ms ] story [ 173 ms ] thread
>Because the chat app doesn't encrypt conversations by default—or at all for group chats—security professionals often warn against it.

Everytime this story comes up it just complains about the default setting.

Terribly reasearched articled. It offeres no insight to HNers compared to previous discussion. A bad workman blames his tools. Defaults are powerful -- I will concede. Not understanding defaults counts as not understanding your tool.

I don't even believe WhatsApp is E2E but I've no evidence to proove that -- I'm just that skeptical of FB. I believe FB are reading WA messages but again -- nothing to base that on other than FB being heavily incentived to do so.

Terribly reasearched article

It’s not an article, it’s a hit piece. Established publication protecting established vendor. Classic Wired.

You reckon this is PR paid for by FB and expressed in the media via Wired?
Although I'm not the original commenter, direct cash payment isn't the only incentive for established media to protect established product. Let's not forget they're apps from different, rival countries.
Why would they interview only other Facebook-adjacent people? It's even disclosed on TFA.
The journalist is just wrong. Security professionals don't warn against it because it doesn't encrypt by default, they warn against it because Telegram wrote their own encryption protocol and they haven't allowed an outside audit. Basically "trust us we know what we're doing.

If something has changed feel free to correct me, but as far as I know MTProto is still all in-house closed source code and hasn't ever been audited.

https://eprint.iacr.org/2015/1177.pdf

There was some analysis done recently, though not being a crypto expert I don't know how relevant it is:

https://news.ycombinator.com/item?id=25722076#25724978

One note: Telegram doesn't need to "allow" experts to audit their code - E2E is all in the clients which have source available. I don't think it's had enough scrutiny to be trustworthy though.

> E2E is all in the clients

But only mobile clients, no E2E on the desktop or for groups sadly.

Mac client has it. The one written with swift. In Windows you have Unigram (unofficial, but opensource)
Interesting thanks. Maybe it'll get to Linux one day then. Not that I'm too fussed, I use telegram for larger groups mostly, and secure chats on Signal.
I don't even know what Telegram does, but if I have Signal and iMessage I'm not sure what anything can offer me that I'm missing...
I'm not sure what anything can offer me that I'm missing...

Very large groups, if that’s your thing.

Keybase handles that, zoom purchase aside.
I like channel, I even use it as RSS reader. Sticker, Gif feel so much better in telegram. Saved messages, 1 member private channel for quick notes. And telegram has true native app for all major OS, not electron like signal.
Don't forget about their API. My systems at work send me Telegram messages when things are down.
You can also get one-to-many groups, which effectively act like you were following someone on Twitter.
Telegram is substantially more feature rich. However Signal is open source. However that only really matters on the front - end. Nobody can inspect the code on a server unless you have access.

You'll ultimately have a make a descision based on who you trust more.

> However Signal is open source.

Not a telegram fan at all but their clients are also open source

Telegram is opensource the same way Signal is - clients are opensource and server is not (Signal didn't have a source dump for awhile now).

But Telegram has one big advantage - they publish a public tdlib library with which you can easily build your own Telegram client.

(comment deleted)
Although the article does not add anything new, I do have to agree that the way Telegram is positioning itself is rather frustrating: they are really pushing the "secure" nature of the service and try their best to make it seem even _more_ secure than WhatsApp or Signal (eg. speculating other encryption standards are US-funded and therefor not trustworthy), while it is clear that they have made some design decisions that make it less secure. And that's fine!

The user experience is great, and I like the service in general. The fact that it's not tied to an advertising company that is profiling users and making money of it is of course the biggest plus, but please stop with the whole "totally secure" BS. It's confusing and is probably even hurting their image: I have had to explain multiple times to friends and family I finally moved off of WhatsApp that we did not do it for the security, but rather to be free of being mined for personal data... Same thing goes for these non-tech 'news' sources that make a big deal out of it as well, while it's totally obvious if you investigate a bit more.

(Apologies for the rant, I guess had to get this off my chest.)

Absolutely! Telegram provides nice to have features like cloud message history, but those inherently mean it's less secure.

I actually wish Signal had a "trade some security for convenience" option like that.

WhatsApp pushes you to upload your encryption keys to the cloud by default. Therefore, in its default configuration it is not end to end encrypted. Even if you don't do this, you have no idea if your contacts have.
Secret Chats are three instead of two steps (not four steps like the article says), why make such a drama about it?
Yes, turn to federated Matrix instead, if you don't want to end up in another walled garden (Telegram or Signal).
What is a good place to start with Matrix? Which app is like Telegram or Signal that uses Matrix? I can never figure out how me and my family would use something based on Matrix together.
Element (formerly called Riot) is the de facto standard client for Matrix. Set-up is very easy and the user experience is solid on the Android and mobile versions. You can even easily cross-sign keys.
In retrospect, renaming the app was probably a good idea.
That is actually pretty Hilarius and spot on.
May I point you to https://communick.com? I provide a Matrix server and manage everything. My idea is exactly to help small groups to migrate.

Documentation is still lacking, but if you want you can reach me directly to help you set things up.

https://element.io/get-started

I wouldn't even mention Matrix to get someone started. But this page will lead them to the Web App and mobile apps. By default they will sign you up to the matrix.org homeserver with E2E encryption. It is a great way to get people started. You can then send them a link to your profile or they can find you be email or phone number if you have verified those.

Thank you.

What if I want to host my own instance? Can I communicate with people who are signed up at element.io?

Yes, matrix is federated so from the communication side it doesn't really matter who you sign up with you can chat with anyone and join any rooms. What homeserver you pick is really just for the service and how much you trust them with your (meta)data.
Thanks so much for explaining.

I will give it another try based on your info.

What an absolute nonsense article. It does everything it can to miss the huge main reason people are migrating from WhatsApp.

I don't want my data mined and sold so Facebook can profit from pushing ads at me, I'm not worried about someone hacking into my messages.

So yes, even the article TITLE is wrong. No, it may not be more 'secure', but you'd have to be a fool to argue it isn't more 'private'.

This article is absolutely paid for by Facebook, no doubt it my mind.

I read your comment and thought it was a little over the top. Then as I was reading the article I saw the embedded tweet without any context and it was just so bizarre I had to see why on earth it was even featured. A search for “toothpaste” and, sure enough:

> Telegram's MTProto protocol isn't obviously broken in a practical way, concedes Matt Green, a cryptographer at Johns Hopkins University who has consulted for Facebook on encrypted messaging systems. But it's uniquely "weird," he says, in a way that suggests its inventors don't understand tried-and-true cryptography practices and raises his suspicions that it may yet have undiscovered vulnerabilities. "It's like if everyone else in the world has agreed that we're going to use drywall to do the walls in a house, and then you've got somebody who's using toothpaste," says Green. "Even if the toothpaste works and makes a nice wall, that's weird. How do you know they're not doing other weird, nonstandard things when they put the electrical wiring into the house? And that's what scares me."

I prefer to give the benefit of the doubt (maybe this guy is just terrible at analogies?) so I’m not sure I’d say facebook definitely seeded the article but this is just such a wacky, nonsensical thing for someone to say I don’t really know what on earth to make of it.

Bunch of researchers from another country with a different cryptographic tradition creates different cryptographic primitives and a competing school of cryptography calls them weird and "toothpaste". What did I just read?
> different cryptographic tradition

...Thats not how maths works... cryptography is just math.

There are different traditions within topology. Cryptography is much larger.
That was my impression as well.

"You're not doing it the way we did it, so we're assuming you must be doing other nefarious things as well."

That's some pretty serious hubris and not something I've seen before in the crypto space. I've just always assumed most of the people in crypto worked together to build a better product which seems to be constantly under attack from governments. This is the first time I've seen one group call out another group simply because they didn't do it "the FB way"?

Is this just some healthy competition between two competing products or is FB actively trying to undermine Telegram's product??

> who has consulted for Facebook on encrypted messaging systems

I mean, bonus point for the disclosure, but why should I believe is any word of that quote?

Let's pretend that Telegram servers and all your data is stored in Russia, regularly data-mined by the KGB, whatever.

The fact is that many Americans would prefer to have their data mined by the KGB than by the FBI.

It honestly seems less risky at this point. What is the KGB gonna do with my data? They've got no jurisdiction in the US, the best they might hope is to blackmail me. The FBI, on the other hand, does have jursidiction.
I can imagine at least the following: - impersonate you - mine some data they think important for them
Telegram was banned in Russia. The founder was forced out of his own billion dollar company in Russia because he wasn't "in" with the Kremlin.
I know, I’m just saying that this is the common meme statement about Russia.
Telegram wasn't banned in Russia, it was just a PR show.
In essence it was not a show, but it turned out to be. Roscomnadzor (same as FCC in US) was desperately trying to block Telegram by KGB (FSB) resolution, because Telegram did not obey to their orders to provide keys and it turned out into complete farce. During this endeavor as a side effect they blocked almost any service that was using AWS and/or other cloud services, a lot many companies in Russia had been suffering from IT ifrastructure disruption including government institutions, yet Telegrams was up and running. And the most fannies thing was that almost all middle rank officials continued to use Telegram for their daily work and leasure. In the end Roscomnadzor "silently" quit their attempts. It was so humorous to follow the event. That was the first time in the modern history of Russia when govt completely failed while acting against their citizens. After that, Durov turned into real "rock star" here. :)
And all of that doesn't contradict with the "PR Show" hypothesis (not to say - supports)
but thats literally not how the laws in the US works. The fact thats it going to a foreign country gives the FBI less restrictions when it comes to intercepting that communication.
It also gives them less ability to do it.

Which do you think is safer:

- The FBI can easily read all your messages, but they're not allowed to.

- The FBI is allowed to read all of your messages, but they can't.

idk signal where they would require a warrant to intercept the encrypted data and metadata vs telegram where they already intercepted data/ metadata that they can then use the metadata to get a FISA warrant to hack ur phone based on metadata. Signal is clearly better for Americans.
And suffer from identity theft and possibly malicious acts against their employees? I don't think it is preferable for many Americans.
The FBI doesn’t protect your data from breaches. On the contrary, they desperately want it and will do what it takes to get it.
Same "security professionals" suggested WhatsApp as a replacement. It really does not look good for them.
You clearly don't know anything about security if you think E2E is a bad thing.
Not the person you responded to. But they may be talking about FaceBooks's recent change to WhatsApp's privacy policy.
I didn't move to telegram because I want to secretly plan an insurgency. I moved there because of the threat of censorship from big tech. It's way more than a messaging app and incredibly feature rich.
Yea, Telegram is a great middle ground.. sort of.

It has secure options at least. But importantly doesn't require my phone number to create an account and contact people. But also has a lot of features that are missing in something like Signal.

Signal is my preferred option, but I'm not keen on sharing my phone number with everyone.

Telegram doesn't require your phone number? It did for me to sign up.
Sorry, you don't need to use your phone number to contact someone. You can just give them your Telegram username. Which is sufficient for me in my use case for Telegram.
So Facebook is afraid of Telegram? Got it.
OK, Telegram uses boring and reliable encryption in a reasonably straightforward way. They get heck for "rolling their own encryption". Signal on the other hand uses new and exciting encryption they made up themselves but no one seems to be criticizing them for it.
It says a lot about trust in US big tech when people happily switch to a Russian platform.