WingNews logo WingNews
top | item 41379287

(no title)

jiiam | 1 year ago

There is quite a large amount of people believing that Telegram stores messages in plaintext. I would like to know how they got that idea.

So far the best I've got is something along the line of: if you can get your chats when you log in with a new device, then so can a Telegram employee. With no proof of the claim of course.

discuss

order

barsonme|1 year ago

If the chat is not end-to-end encrypted, which Telegram “cloud” chats are not, then by definition Telegram (the company) has access to the chats. Full stop.

jiiam|1 year ago

Something being true only by definition is unfortunately a very weak claim.

For example the company servers could be hosted on an island with armed guards instructed to burn everything if anyone approaches and the decryption happens only on those servers: sure they have access by definition, but they really don't.

mr_mitm|1 year ago

Somehow they must transfer the chat history from their servers to the user. Either it's plain text, or encrypted and they either use the keys to decrypt or send the keys to the user along with the encrypted content. In all cases they can simply access the contents themselves.

jiiam|1 year ago

I think this statement requires a stronger argument, since even if they could have access to the data in theory there are concrete implementations where it could be extremely unfeasible.

For example, since we are in the realm of speculations, I propose the following alternative to the plaintext or accessible decryption keys: the decryption could happen inside a nitro enclave making it essentially impossible to access the data without changing the application code.

I'm not saying that this is what happens, just that I don't think that one can so easily deduce that "they can access the data" just from the fact that "they send you chat history to you".

emptysongglass|1 year ago

The protocol is fully documented. You are free to read it for yourself without resorting to guessing. [1]

Messages are not stored in plaintext. The claim they are stored in plaintext is false.

One can have cogent arguments about one's preference for E2EE or not but the repeated claim here and elsewhere that messages are stored in plaintext is simply hearsay.

[1] https://core.telegram.org/mtproto/AJiEAwIYFoAsBGJBjZwYoQIwFM...