The problem with Telegram is that it doesn't default to E2E; using it means to go through that additional step of starting a secret chat which I venture a lot of people won't do unless they're very conscious of it.
I keep seeing this accusation get flung around whenever someone mentions telegram but never proof. I remember telegram had a vulnerability once and then it was patched just like any other security software.
You shouldn't throw around accusations without proof.
The word "broken" means susceptible to practical attack, and attacks aren't always of the "cryptanalyze the ciphertext and read the plaintext because you're a clever mathematician" variety.
To add, Telegram's crypto is completely and totally off the walls crazy in terms of design. Add to that the fact that there are cryptographic breaks (though not we can read your ciphertext breaks), and you should be careful.
iMessage would have been reasonably secure had they used AEC-GCM or a MAC. The design at least made sense: compose a scheme out of known primitives. They just missed (very important) details. Telegram is just turtles all the way down.
Signal is a niche service. Its selling point is security. Viper and WhatsApp are general services and their selling point isn't security.
I'm not trying to imply that WhatsApp are the first secure chat, but I am saying it is the first major platform to switch to end-to-end security and this looks like the first step in a trend of switching.
