152 comments

[ 2.8 ms ] story [ 204 ms ] thread
While interesting, I would be curious to see if people stay on Telegram now that WhatsApp is restored.
And one day later close to none of them are messaging over Telegram
We'll see. The long-term behavior is what's more important. Now those users have the app downloaded, have it set up, and many have tried it out in a real way. All of those are major barriers to adoption, and Telegram has now overcome those barriers. I see that as significant even if it does not result in immediate full adoption of Telegram.
Indeed. And don't forget how well Telegram works compared to the competition. If anything will draw them away on convenience grounds (rather than some moral high ground, which was apparently not convincing enough or these new users would have installed an alternative sooner) it will be Telegram.
Messaging systems "working well" primarily means "the people I want to talk to are using it". Operational failures are a level-zero hurdle to pass, and after that it's all network effect.
I would agree that it's mostly network effect, but I don't agree that it's all network effect. How the app or service works and feels does count, at least a bit.

Operational failures are honestly not a big factor unless they happen often. Facebook has had 2 such failures now in the past 3 years. Will this really cost them users? No. WhatsApp, Signal, Telegram, and Apple's Messages have all had approximately that same level of reliability.

Indeed. One reason I don't use Element/Matrix much is that I barely know anyone with an account (on any homeserver). The other reason is that it's unstable and missing features, so I won't be recommending this to any but the greatest of nerds. A bad user experience does matter.
Maybe, but now they have an alternative installed on their phones/laptops.
I've seen this comment repeated about 4 or 5 times in the last 30 minutes. HN is not a place for vacuous and lame comments like these.
Even luckier, their system handled the load apparently. Hopefully their eng team is proud of it.
Other than the 1:30 hour downtime that happened to a lot of old accounts.

I actually think it's genius if they throttled old accounts just to let new people see how good telegram is.

Source re 'old accounts'?

I have an account as old as you can get, and had no problems, so I'd be interested in proof of a disproportionate impact on older accounts.

Just mainly me and two other people.

Specifically happened to US users.

What downtime? There were rumors of degraded video chat capacity, which is a nuisance but not a catastrophe.
Notifications didn't work until about 5PM PDT for me
It didn't work on mobile for me in Ireland for about an hour or so -- couldn't get a call or messages out on WiFi or data, but it worked perfectly fine on my laptop.
I also had minor issues for an hour or so. Messages not sending or loading for example.
A lot of could also be related to down graded DNS resolver performance due to DDoSing by FB clients.
Nah I have 3 telegram accounts. Two were fine. One was dead. Specifically the one that I had signed up with in 2013
Sending videos was extremely slow/timing out for ~1 hour, ~24h ago
Same. No issues.
I was sending a few short videos to several contacts (during the FB outage) and the upload speed was something like 20KB/s, whereas normally 2MB are uploaded before I blink.

My account is from 2016, if not 2015 even.

I have an old account but images did not load correctly. Seems the experience is not the same on other countries.
I wonder if they meant longest idle accounts. It would make sense to throttle them if they're just running tmux with an idle shell or ten. Like a bigger renice that shuts off when the process stops being idle.
On my phone i only had problems with media, text worked okay.

On my laptop instead it was slow until I enabled traffic over ipv6, then it went mostly okay.

There were definitely some issues some time after noon PST
Not really, plenty of users were unable to connect for some time. Just about my whole friend group and I myself were unable to use Telegram for about an hour or so around the peak of the surge.
I swore off whatsapp years ago and never going back! And my uncle was one of them..
How many are left after whatsapp returned ?

The same thing happen when Signal took off, followed by 3 days of outage that to date has had no explanation. All those people joined and promptly returned to WhatsApp

Signal did explain what happened. I can’t remember but there was something about the initial auth that got screwed up on Android and kept retrying. And the retries kind of ddos’ed themselves
People explained but it was never officially explained by Moxie or Signal with a write up of sorts.
From my experience, many friends in Iran strongly prefer Telegram even though it is blocked there are WhatsApp (inexplicably, since they are nearly the same service) isn't. So there does seem to be some brand loyalty in the chat market besides for convenience.

I suspect in general their losses were far greater in chat than in Instagram. Most students in the US use both Insta and Snap already and just have some overlapping and some different content on each, so I don't think one being down for a day will seriously bug anyone enough to stop using it.

Telegram offers the absolute best user experience IMHO.

I would love to use Signal, but I can't really stand it.

Are they competitors? As far as I can tell, Telegram focuses on non-E2EE messaging and is more of an alternative to Facebook Messenger, Google Talk, etc. for non-private messaging.

That's fine, but its support for E2EE is incredibly limited compared to Signal (or even WhatsApp), which includes multi-device support, a fairly-functional encrypted backup method especially in the case of Signal, etc.

Usually i find Telegram side by side with Discord for communities groups.
Multi device yes. The unlimited member functionality and seemless sync without having the phone turned on are the biggest pros. Also, in e2e the contents aren't revealed in notifications.
Assuming I'm interpreting your comment correctly, I'm not sure I understand. Telegram doesn't have the option to backup and restore E2EE chats, let alone sync between devices, unlike Signal and (beta) WhatsApp. It very much feels like an afterthought in Telegram with the focus remaining on usability, compared to the often privacy-first approach of Signal which can come at the cost of end-user functionality.

https://tsf.telegram.org/manuals/e2ee-simple

The difference is that Telegram has better UX than Signal. Actually Telegram has even better UX than WhatsApp.
I am used to seeing these numbers when talking about social media but really… 70 mln is a huge number. It’s a total population of many countries.. combined!

Retention will be much smaller of course.

Facebook has what, almost three billions users across its platforms? 70M is ~2% of that, so a small percentage. While I too doubt that 70M figure, WhatsApp is the de facto communications application in a lot of countries, with many businesses highly reliant on it. In a pinch, you download something, anything to try to continue messaging.
Fair point. However, 70 million in a single day is almost unheard of.
Would be an achievement if they even retain 1% of it as active users.
Is there a way to join telegram without giving them my phone number?

That just feels like a honeypot/dataleak waiting to happen.

That would be a no-go for me too... if I had a phone number. These days, it's actually surprisingly hard to get a free email account without having to provide a phone number.
how do you live life without a phone number?
I did it for a year in Japan, not easy but doable. I also hate giving out my phone number. It's just another way for companies to track users.
I've never had a phone. I suppose it's harder if I ever had one but since I never had to give up the conveniences, I don't really have a problem with it.
I just made an anonymous phone number at textnow.
How did you sign up to textnow without an email address?
You can use a VOIP number or a Google Voice number or Call/SMS forwarding services, you don't have to use your actual number.
Those 70m are mostly Whatsapp users, so...)
They went back as well.Nothing really matters to them.
I mean, they don't mind giving out their phone numbers, and contact lists as well.
It's a UAE company with a custom encryption protocol, e2ee off by default, and no e2ee for group chat. You're damn right it's a honeypot.

Use Signal or Element/Matrix.

Doesn't Signal also require a phone number?
69.99 million won't log in again when the social network they actually wanted is back up.

Retentions are more important than subscriptions.

Without Subscriptions there is no scope for retention.

Telegram only directly competes with WhatsApp , not Instagram, FB platform or even Messenger. Social network is of limited value in pure play messaging platform, where everyone is just interested in 1:1 or private group messaging.

I don't think anyone cares what network they are on, they care only about where the people they want talk to are at.

Yes, it is hard to break the network effort of any social media platform, however once that critical mass is reached, people move very very rapidly.

Offtopic, but "mln" really!? I swear I read "70 min new users", which is quite confusing. Is "70 Million" really too long? I can't say I've seen this one before so I'm reeling a bit. I saw "ml" used recently and almost had a heart attack, so perhaps I'm wondering why now?

SI clearly states "M" no? I'd have kept it short and sweet as "70M", just saying. Heh, or perhaps 70 mega-new-users, but I digress.

Would it be possible to get a title change from dang ?
(comment deleted)
Two small notes:

- The 'mln' abbreviation was probably used to shorten the title so that it would appear complete on search engine results.

- I have also seen "MM" used to shorten "million". I believe that "M" means "Molarity" in SI units, and only means millions when prepended to another SI unit abbreviation.

- I do not understand how 'mln' is more SEO than 'M'

- https://en.wikipedia.org/wiki/Mole_(unit) states that it's 'mol', but what do I know, I'm not a chemist

Without context '70M' should be assumed unitless, and therefor must be interpreted as a power suffix symbol. Better yet, it falls outside the hex range, making life even better for everyone.

Perhaps, if I'm really trying to be difficult, we could try to interpret 'M' as a modifier on 'new users', but that seems silly when there's no space between 70 and M.

</rambling>

>" - I do not understand how 'mln' is more SEO than 'M'"

There are limits to how many characters and pixels Google and Bing will display before cutting off a title and appending an ellipsis. I believe that mln was chosen for stylistic reasons, to differentiate from molarity...

>"[Wikipedia] states that it's 'mol', but what do I know, I'm not a chemist"

'M' is used for molarity (molar concentration), not moles.[1]

[1] https://en.wikipedia.org/wiki/Molar_concentration

Some of my closest friends and I moved to Telegram a few months ago. It's actually quite good. I've to be on WhatsApp as it'd be a pain to teach parents how to use a new app!
It's much more convenient indeed, just be aware (I kinda trust that you, being on HN, already are) that it's all encrypted-to-the-server, so any sysadmin can read or hand over your messages. Choosing between known metadata gathering on WhatsApp and a potential Telegram data breach (intentional or unintentional), it's really a devil's dilemma for me.

Since a few months (now that Telegram has failed to deliver on the encryption promise and profit model for many years, making it a bit too shady) I've been moving more and more to Signal (after also trying Keybase, Threema, Wire, Riot/Element, Jami/Ring, and evaluating others), but man usability and features really take a hit with any of them. Enjoy Telegram, but be aware of the trade-off!

Yes, thank you. I wasn't aware of Telegram's shady models. I'll read about it. But its UI is far better than Signal. I don't use FB and their other products, except for WhatsApp. I've disabled all tracking features on IOS just to be safe! :)
Why, in conversations about chat apps, does telegram get brought up so frequently as a private alternative? Is it not also mostly proprietary the same as whatsapp/messenger whatever?

Is it just a matter of a dislike for facebook?

Very good point. There's a free-ish client on F-Droid (probably even official), but it's still a proprietary and centralized service. I would not really consider it better than the other proprietary options, but for whatever reason some tech people are into telegram.
Back in high school when I started using telegram (2010ish?), I started using it because it wasn’t Whatsapp, it wasn’t owned by Facebook, and it had a really great UI. And I didn’t really understand the encryption implications.

Today I really wish it had full encryption. It says something about the developers that they’ve avoided default E2E for a full decade or more now. I’m trying to use signal more. But I also have years and years of telegram group chats to migrate…

The clients are open source, which provides better assurances around the E2E encryption than whatsapp.
Except who the hell even use E2EE on Telegram?
Fair enough, not me. But it's there and verified if you want it.
Yeah it's here, but it doesn't sync between devices, there is no group chat support, etc. While marketing trying to sell Telegram as good privacy by default.
Some people use secrets chats if you want to hide something, they have the auto destruction of messages and chat way before it was implemented on WhatsApp.
You can keep it for personal chats. Also it has no contents revewled in notifications so apps with notification access cancan't steal it.
Note that telegram chats are not e2e encrypted by default.
And that it uses a proprietary encryption protocol, "MTProto", which has been repeatedly found to have vulnerabilities, like every other self-made encryption scheme.

Now add in the fact that it's a UAE company...

You're misusing the term proprietary here.

Telegram's protocol might be custom, but it's well described and there are open source client implementations.

Whatsapp is totally closed and non-interoperable.

And whatsapp is made by an US company, that's an assurance for data collection and massive surveillance.

Do not roll your own crypto is meant for software engineers, not a team of professional cryptologists.
> Now add in the fact that it's a UAE company

I don't know why you keep saying that. They have servers and offices distributed in different countries, but IIRC most of the team including the founder and CEO are Russian. They say the distribution is so that no single jurisdiction can force them to do too much.

As if we are supposed to trust US or any other countries. Lol
It probably is, but it is also more convenient than whatsapp (or any other messenger for that matter) in many ways.
PR. And not being owned by FB.

Telegram actually do have ecosystem of open source clients, but on other side E2EE is opt-in that no one uses.

It's about a few things:

- If you have at least one alternative to Facebook installed, you lessen their network effect. People now have a choice how to talk to you. (I have another five messaging systems installed myself, but I will settle for everyone picking just their one favorite alternative to avoid a complete monopoly.)

- If you install a Facebook messenger, you know what they're going to do with your metadata. If you install Telegram, you have to be afraid that your data contents might somehow leak in the future. What's better: a definite moderate privacy invasion or a potential worse one? I have trouble answering that for myself, let alone advise others (when it's only between these two and only about privacy).

- Telegram has by far the best UX of any messenger I've ever used. Of course, this is helped by being unencumbered by any and all encryption problems by not having proper encryption, but it sure draws users.

> - If you install a Facebook messenger, you know what they're going to do with your metadata.

No that's false. Didn't you learn anything from the Cambridge Analytica scandal?

Apparently not, what should I have learned that you think I didn't? Because I'm not understanding what you're referring to (of course I know of the CA thing and that it used Facebook data, but that would mean we agree I think?).
I'd rate the Cambridge Analytica scandal about the same as the Panama Papers: the only surprise was that we actually caught them in the act for once.
Telegram server is proprietary, clients are open source. And the protocol is open, and it is quite robust despite being garden variety cryptography.
As others have mentioned the many open source clients, I would add that they are quite ahead in reproducible builds as well.
I'm actually quite thrilled that end users found a way to communicate in spite of "the everyday solution" being down. That gives me some hope that smaller vendors do stand a chance against incumbents, even in Facebook's space.
Well, not sure how much smaller vendors have a chance when it takes a historic amount of downtime for this to happen.
The chance is a window of 2 to 24 hours every decade, but you’re not sure it will happen… After that, customers go back to the leader.
I'm not particularly thrilled, given Telegram is based in the United Arab Emirates, its client-server encryption is almost purposefully garbage (they basically rolled their own TLS, and predictably researchers keep finding vulnerabilities in "MTProto"), they don't enable e2ee chats by default, and they don't e2ee group chats at all.

Do. Not. Use. Telegram.

Don't use it for e2e, then? There are plenty other solutions for incredibly sensitive chats (Signal, Tox, etc)

I think Telegram is a good trade off for group chats, personally. It's feature rich compared to others.

Signal is asking phone number to use, I don't see how this is good for sensitive communication (since metadata alone are often very informative).
Exactly. I have found the phone number requirement idiotic from day one. I recognize the decision was made as a trade off between usability and security (enabling discovering friends via phone etc), but they seem unwilling to admit that this does compromise security.
I've thought about a phone-numberless messaging app, but then it'd be full of spammers.
Is that really a problem though? Most people would just add their friends via username and bypass the whole user discovery process. Discord has demonstrated that this works perfectly fine, even with anonymous accounts not tied to emails.
I’ve only used discord a couple months in a handful of servers and I get spam dms..
Matrix seems to be doing just fine.
that problem was solved like 25 years ago, just ignore everyone who you didn't seek out yourself by default. Basically, make liberate use of the block functionality.
Any messaging app that allows users to communicate without E2EE is actively harmful.
99.999% of people simply don't care about e2e, and even if they may have some concern about privacy (most don't), they'll prioritize a top-notch UI that let's them talk with friends and family over anything else.

For the remaining people who are concerned about privacy there are plenty of options.

Telegram is miles ahead in terms of scalability and features that makes it fun to use and work with their API. Kudos to the engineering team for creating such a great product. Imagine you can have groups up to 200 000 people, post files up to 2GB, have options to share your screen with unlimited amount of users - both desktop and mobile. Its really good. Yes if you need secrecy you may look elsewhere.
Any sources about any real vulnerabilities in MTProto?
Mtproto did have. Mtproto 2.0 hasnhasn't seen such vulnerability. Reporters are still on the older method as that's what creates an effective login.
One thing I know is that it was possible in mtproto 1.0 to append something to a packet and have a client still accept it. This didn't allow anyone to modify the contents of the packet or see its plaintext. This was possible because the plaintext hash (the one in header, used to verify packet integrity after decryption) didn't include the padding. In mtproto 2.0, the hash is sha256 instead of sha1, and it does include the padding.
Post some links with any evidence that any researchers have found vulnerabilities in MTProto?
Same as Discord, Teams, or Slack. If you do not want to chat sensible messages just use Matrix.
That was the MTProto. The newer one is MTProto 2.0 but they are still on the older method. Also they have servers distributed across regions so there's no single point of failure. Perhaps they are considering e2e for smaller groups.
You're exaggerating the state of MTProto 2.0. They haven't rolled their own with this release.
Handwavy rants about shoddy cryptography tend to be just that, handwavy. Repeating that Telegram does not enable end-to-end encryption by default does not make it more of a reason not to use Telegram. Here's what you can do to live comfortably on the net, having conversations with the world and its dog while still being able to plot the overthrow of the government without inviting prying eyes: use Telegram for the former, use your private XMPP server with OMEMO for the latter. There, done, problem solved. No need for angry righteous rants about MTProto or the Emirates - and why exactly would that be the reason not to use Telegram by the way, would it have been less of an issue had they been located in Jakarta or Ouagadougou or Silly Valley - and all the bragging rights of using trusted cryptography for your local knitting club meetings where you plan to overthrow the government.

Source: this is what I do, except for the knitting. Telegram for talking to the family, XMPP standby on the server-under-the-stairs for when the going gets tough, with Conversation (which supports OMEMO) installed on target devices.

To quote a popular movie from my youth; I dunno, man; that sounds like a lot of work.

I don't want to have to decide if every message I send is sensitive or not, then if it is, swap to a totally different app. Even worse: convincing friends and family to do the same!

> I don't want to have to decide if every message I send is sensitive or not, then if it is, swap to a totally different app

Only those messages which are sensitive enough should be sent over the secure channel, the rest goes over Telegram. Assuming that you're not a full-time professional anarchist of the comic-book type (picture man in cloak with a lit bomb in hand) you won't have all that many messages which are so sensitive that you don't want to run the risk of the enemy getting hold of them so don't worry, you'll be fine. As said, there is always the end-to-end encrypted 'private chat' function in Telegram for exchanging passwords and such, those have not caught the ire of the handwave-brigade (yet).

> Even worse: convincing friends and family to do the same!

Unless they're all wearing black cloaks while holding lit bombs in their hands (see above) the same goes for them. It is not the knitting patterns the enemy is interested in. Even more, the enemy might become suspicious if you all of a sudden stop sharing them in such a way that it might be theoretically feasible to decrypt them. What are you planning on knitting next, they'll wonder, sweaters with subversive messages on them? Before you know it they'll be hiding bugs in your cereal, and I don't mean weevils.

(comment deleted)
I don't believe it for a second.
Why not? Six months ago they were already celebrating half a billion users.

People don't realize how big Telegram already is.

I think this says more about the significant amount of control Facebook has with its messaging platforms and the implications of them losing that control for even a few hours, rather than who happens to benefit when Facebook's users are forced to find alternatives. What happens to Facebook can now have ramifications for the entire Web.

It's gotten to the point where Facebook's userbase can act as a massive DDoS network not out of malice, as what the term usually implies, but because of the sheer number of people in the billions who willingly chose to use Facebook.

Wonder what the retention and falloff rates will be.
That can explain their slowness yesterday!
That can explain their slow service yesterday!
So, maybe <5% of WhatsApp users. Bit less headline grabbing when put that way. Not saying that its completely insignificant number, but considering that most likely all of them will not be leaving WA, or even staying on Telegram, it doesn't sound like major thing either.
70M people were so worked up about not being able to use FB they signed up for Telegram -- the not-quite orthogonal alternative? Sounds 'sus
It is WhatsApp and Messenger users who were moving, if you need to talk to someone right now and the platform both of you were using is not working for hours, then it is not surprising people moved to another platform quickly, especially if phone calls/sms are not feasible (expensive/international/no video etc)

Few people have that much brand loyalty to delay communication with all their friends and family when a platform is down for so long and there is viable alternative available.

It is not because they ideologically cared either way, they just want a platform that is easy to use and other person is ready use as well.

My problem with telegram is, 60% of my friends joined when whatsapp changed terms. After that I got no messages. Essentially most of them are dormant. It would be great to find out the percentage of active users in Telegram vs Whatsapp.
Is telegram better than signal? I vaguely remember hearing about Telegram having nefarious roots so I never investigated further.
I don't think so, personally. Everyone on here is going off on how great of a UI experience Telegram is, so I just downloaded it and signed in to my old account. Seems fine. No complaints. But Signal has message reactions and E2E at all times. What are people fawning over Telegram for?

I guess a benefit is that Telegram store messages on the server, so if you sign in with a new device you get all your messages, not just the new ones. But that's why I use Matrix now; security of Signal with the UI features of Telegram.