• @Opisek
    link
    English
    97 days ago

    Except Telegram doesn’t use TLS :) They use MTProto.

    This is not me endorsing Telegram. I’m just pointing out your mistake. Telegram has other issues but it definitely does have transport encryption.

    • Justin
      link
      fedilink
      English
      7
      edit-2
      7 days ago

      The above commenter said that their end-to-end MTProto protocol is not enabled by default.

      Defaulting to just using transport encryption like TLS on a messaging app isn’t sufficient in 2024.

      • @Opisek
        link
        English
        67 days ago

        MTProto is not end-to-end. MTProto is their obfuscated client-server transport encryption.

        What the commenter above is referring to is Telegram defaulting to saving your messages on the server in plaintext. You can use a “secret chat” which enables end-to-end encryption, but that is separate from MTProto.

        Your sentiment is correct though. Messages should not be visible in plaintext to the server.

          • @Opisek
            link
            English
            2
            edit-2
            6 days ago

            You’re right, it is misleading. There are different “flavours” of MTProto. See here:

            https://core.telegram.org/mtproto

            This page deals with the basic layer of MTProto encryption used for Cloud chats (server-client encryption). See also:

            • Secret chats, end-to-end-encryption

            • End-to-end encrypted Voice Calls

            (The major difference is simply whether the server and client share a key or two clients)