MTProto is not end-to-end. MTProto is their obfuscated client-server transport encryption.
What the commenter above is referring to is Telegram defaulting to saving your messages on the server in plaintext. You can use a “secret chat” which enables end-to-end encryption, but that is separate from MTProto.
Your sentiment is correct though. Messages should not be visible in plaintext to the server.
TLS isn’t sufficient for messaging apps in 2024
Except Telegram doesn’t use TLS :) They use MTProto.
This is not me endorsing Telegram. I’m just pointing out your mistake. Telegram has other issues but it definitely does have transport encryption.
The above commenter said that their end-to-end MTProto protocol is not enabled by default.
Defaulting to just using transport encryption like TLS on a messaging app isn’t sufficient in 2024.
MTProto is not end-to-end. MTProto is their obfuscated client-server transport encryption.
What the commenter above is referring to is Telegram defaulting to saving your messages on the server in plaintext. You can use a “secret chat” which enables end-to-end encryption, but that is separate from MTProto.
Your sentiment is correct though. Messages should not be visible in plaintext to the server.
I dont know much about it, but Wikipedia says that MTProto is specifically for “secret chats”:
https://en.m.wikipedia.org/wiki/Telegram_(software)#Architecture
Maybe Wikipedia is misleading here
You’re right, it is misleading. There are different “flavours” of MTProto. See here:
https://core.telegram.org/mtproto
(The major difference is simply whether the server and client share a key or two clients)