Telegram told to give encryption keys to Russian authorities

they haven't

End-to-end is supported

https://telegram.org/faq#secret-chats

It also would have had much worse usability in the most common case: when government agencies aren't a real risk factor, but you want conversations synced between different apps.

Seriously, disregarding trade-off between security and usability is exactly how we ended up with very secure, 20-digit passwords, containing every possible unicode symbol, updated every Monday, written on post-it notes hanging on the wall.

Similar to another discussion I'm on in this same thread, Signal is simply non viable for my use case at this time. I have the app on my iPhone but I have no conversations in it. For background, my primary IM service is Facebook Messenger, followed by Telegram for some chats, followed by Discord for larger groups around games.

Signal doesn't have a native (or even near-native) desktop app for macOS and Windows nor does it support my iPad. For an app I rely on as much as my messaging software it must be available and high quality on every platform I commonly use. Signal's desktop app is poor compared to the extremely polished Telegram macOS app and the nearly as well made Telegram Windows/Linux/macOS app. Admittedly Messenger doesn't have a very good Windows app but in my opinion it is still better than Signal's, while it completely lacks a macOS app which is a bummer.

The Signal iOS app has no way for me to back up my messages, and I understand they are not backed up on Signal's servers. This means if I lose my phone I will lose all my messages. On IM services such as Facebook Messenger and Telegram this is a non-issue for non-E2E chats. I realize this is considered a feature for many, but for me it is a strong anti-feature.

And finally yet most importantly - practically no one I know uses Signal. Even the 5 or 6 contacts it found haven't even set profile photos nor did they reply to a test message I sent - it's likely they've uninstalled it from their phone. Everyone I routinely interact with save maybe two people are on Facebook Messenger or at least visit Facebook.com eventually.

edit: grammar and expanded responses

I just convinced my political discussion Whatsapp group to move to Signal. The client is not as polished, but works well, and we feel more comfortable sharing political opinions. I'd say it was worth the hassle.

My friends used to use Signal, but we were put off by needing real phone numbers, as well as some persistent errors in the app (communication-breaking ones).

Personally, I'm rather unhappy that Signal isn't federated, and they don't allow third-party apps to use their server.

Finally, the Signal app isn't compatible with my phone. Conversations (XMPP+OMEMO) and older versions of Riot.im (MAtrix) are available to me.

Signal is outstanding. I've convinced a few dozen friends and coworkers to migrate over, I'm a member of several group chats, and everything works great. There were a few issues last year with group chats and keys breaking pretty badly, but everything's been a lot more polished (and idiot-resistant) since the last major overhaul a few months ago.

Group chats silently break, that's pretty bad. For 1:1 chats it works fine though, and quite a few of my contacts are on it.

Me, my partner, all my friends and my mom uses it. It is my main messaging app and has been since the TextSecure times.

Signal is awesome. If know several people who work for a very large company that has their own chat/message system that actually use Signal instead — specifically for security reasons.

Unfortunately Signal doesn't have a desktop client (and no, Chrome apps don't count. They will be retired and unsupported too in the near future)

Everyone is already using other messengers and do not understand or value encryption and privacy enough.

It is makes me smile. I never heard any news that Signal has been done anything or it were used by anybody. But in every Telegram article there is 100% chance that somebody will come with advertisement about Signal.

The personal intellectual highlight of my life was when I published my PGP fingerprint on my Wikipedia userpage.

This has been the chief complaint about Telegram, and the entire reason I've never even tried using it. As long as you're trusting the corp with your keys, you're just as secure as any other site that provides chat over HTTPS.

Remember in 2013 when Lavabit said their email was so secure that even their sysadmins can't read it? And then, after the secret US government subpoena was made public it turned out that Lavabit's claim of "can't" was more like "won't".

Better to not have to trust the intentions (or ability to resist torture, etc) of Telegram, Pavel Durov, et al. Better to have end-to-end encryption by default, like in Signal.

https://www.techdirt.com/articles/20131002/17443624734/lavab...

So you agree that "time will tell". So what's the point of releasing a statement, except virtue signaling?

This distorts the usual meaning of end-to-end encryption, which is that data over the wire is encrypted and can't be MITMed, even by the "service provider" (Telegram in this case).

You are bringing up a good but different point, which is that the application environment on a mobile device may not be protecting you from certain privacy violations. I'm no fan of Telegram, but that's not really within their control.

Put another way, if unbeknownst to Telegram someone had installed a keylogger on my device, would you consider that to be broken end-to-end encryption?

Could you please provide some home-reading material on the topic? I understand that the notion of "secure messenger" linked to your phone number and running on a phone is laughable, but it's the first time I hear accusations that my mobile operator can retrieve basically any info from my phone, like actually right now, without breaking a sweat.

Does it apply to all mobile operators or only to american ones?

I don't understand how Android phones in the US can be backdoor-free considering it's the carriers that provide the final update to devices and they are the ones to sign it. Would the OEMs know if the carriers included a backdoor in there on NSA's behalf? Probably not.

You see Russia is in a unique position. They want to fight dissent online, they have a very competitive ISP market with lots and lots of ISPs that are hard to control, they have a lot of foreign companies taking a huge share of internet usage, they alienated IT professionals and don't really have smart loyal people who can help them figure these things out. So they seek guidance in China and follow Chinese ideas to monitor and filter online communications. Meaning that they are trying to figure out how to pressure foreign companies like Telegram to cooperate, how to pressure ISPs to cooperate, how to block access to the services foreign companies provide, given how many different ISPs there are. So at this point it's more like a process, not an actual end goal of getting access to this one particular platform. And family is definitely not the line they would want to cross, as it would undermine the whole process if the word gets out.

Couldn't that be rephrased to "As long as Telegram founders still have family, they are vulnerable"?

Do the founders have family in Russia? I'm not really up to date with Telegram as a company or the people behind it.

But what if their family members are sitting on a bench in the UK? Lets face it, there are less places you are safe from russia than places you arent.

WhatsApp cant cooperate by design they don't have the keys although they do have some metadata, not sure about Viber.

Viber and WhatsApp are integrated into Russian lawful intercept (I know, right) since November 2016. Skype since 2013.

They do, this is discussed many times on russian tech sites as fact by experts.

Why use Telegram over something actually secure like Signal?

That is not correct. WhatsApp syncs messages between devices (mobile client must be connected to the internet to use WhatsApp web on the desktop).

They store undelivered, encrypted messages on the server.

This is not the only way to sync encrypted messages between devices with different keys. Matrix and XMPP+MAM+OMEMO both allow for message synchronization between devices, while having different keys on each device.