Hacker News new | past | comments | ask | show | jobs | submit login

I don’t understand why people say telegram is missing e2e. There is a convenient way to create e2e chat when you need them (which is “rare” for me).



Several problems: On mobile. Desktop not supported. Everything else is clear text and readable by telegram and authorities. Of course it’s missing encryption!

Really, telegram is being naked for 99% of the time, with an optional clothes feature that is limited and mobile only. Whereas signal is fully dressed, all the time.

Signal is 100% encrypted, all groups encrypted, all messages encrypted, all contacts encrypted. The vendor knows when your registered… that is all.

Of course people who don’t understand the sheer dystopia of cleartext coms and visible social graphs — They will say “when I need them “ I will encrypt. No, you must encrypt all the time. Messages must be indistinguishable. You don’t just encrypt the sensitive stuff, you should encrypt everything!


It is effectively missing E2E, because it misses the point completely. The point of E2E (and, particularly, PFS) is to a) exist before you even realize you need it; and b) make your private and not-so-private conversations indistinguishable from each other.

In other words, you want your chats with news and memes E2E by default, so when you chat about something sensitive you a) don't have to do anything, b) won't forget about it until it's too late and c) won't give away the fact that this particular conversation suddenly went private.

Telegram management is weirdly stubborn af in this regard. Which could be either "we know better" syndrome, simple ignorance, or even malice. They, however, undeniably know their ways with UX and marketing, so, once again, as in an old Russian proverb, we end up with a barrel of honey, with a spoonful of tar - the nicest-looking but crappily implemented tech always wins.


Majority of Telegram users don't really care about E2EE, IMO. I've been using the platform since 2016 and have been very happy thus far. What we care about are the ease of use, richness of the platform and rapid release of new features. Things you don't see on E2EE-focused services.


It's unethical to be the honey in the surveillance trap of any communications system that is not e2ee always and by default. You're exposing your friends and associates to easily avoidable and unnecessary hazards.


the fact that e2ee chats are tied to the device you start them on makes it useless, it's clearly not a priority for them

In my case it is not rare to prefer my conversations not to be stored in plaintext on someone else's computer




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: