Some people say it’s really privacy-giving and that you should use it as a privacy alternative. Others say it’s alao on the big tech side. What’s going on with telegram, really?
You must log in or # to comment.
Libre software app, we control it, good.
Relies on a service we do not control, BAD!
The only reason people think it is private is because for a long time it refused to corporate with governments (which is why plenty of criminal activity happens there)
It is about the least private option of all modern messaging apps (literally not e2ee, which means that the server owners have potentially full access to all chat content)
The only thing that makes it special is the bot support.
last time i tried making a acc to see what its like there they wanted me to buy premium
It probably has worse privacy than e-mail or IRC, because it has the same level of encryption (transport encryption only, i.e. Telegram LLC can read your messages), but it also requires a phone number to use, linking your account to your real identity. In short, do not use it for communications if you desire them to be private.
deleted by creator
Signal is at least e2e encrypted, so they can’t read your messages. But also, I do complain and refuse to use it for important stuff. Matrix/XMPP are much better.
The alleged the connections to FSB give me pause. https://www.themoscowtimes.com/2025/06/10/investigation-uncovers-telegrams-potential-links-to-russias-fsb-a89400
Its main “security” feature is that they are uncooperative towards most governments. If a government makes a legally binding request to signal, they recieve IP, Account creation date and other unavoidable stuff and signal is transparent about that. If telegram gets that request, they probably ignore it, but maybe they don’t and there is no way to know as a user.
Also telegram is the platform of drug dealers, nazis and conspiracy theorists. So even if it had e2e by default, I would still prefer using another platform.
Telegram talks a pretty big privacy game, but consider that the feature that actually enables end-to-end encryption, called “Secret Chats” in the app, is OFF by default. Couple that with everything else said in this thread and you start to see a picture forming. And it’s not pretty.
https://www.messenger-matrix.de/messenger-matrix-en.html
Take a look at the comparison and judge for yourself.
It depends. By default, it uses a weaker encryption than WhatsApp. You can turn on e2e encryption, but not in group chats.
On the other hand, it has multiple FOSS clients, will work on pretty much any platform, and has a great UI.
If you want a fairly secure chat app that your grandparents can use, then Telegram is perfect. If you’re sending highly confidential stuff, then no.
It’s also suitable for project groups, because of the better tools (and moderation bots) available to the mods.
Some people obviously do not know what they are talking about. Telegram stores clear text chat messages on their servers. That’s not even near privacy
A lot of debate has been had about whether the CEO is trustworthy, but I guess if they’re not doing end to end encryption then there’s no point.
There’s no debate. The CEO is a compulsive liar who misleads people about how encryption works. Every one who knows how encryption works and have looked at Telegram will tell you Telegram is not encrypted
stores clear text chat messages on their servers.
Does it really?
By default, yes. It is possible to create a so-called secret chat, which is standard for signal and similar, but that’s something you have to manually do. Furthermore, it’s not even possible to make secret chats for groups. When it was initially released, I was cautiously optimistic that it could turn into a good, secure application, but knowing it’s been this long and it hasn’t, I wouldn’t consider that likely.
It absolutely doesn’t mean they store chats in plain text. There is no reason for it at all, it’s extra work and extra stupidity. It’s encrypted when the client sends it, no reason not to store it that way.
I’m not entirely sure what you’re trying to say here. To clarify, telegram uses a store-forward architecture, meaning that it deletes messages from the server once they have been received by everyone. Until that time, the messages are stored on the server in plaintext, unless you’re using a secret chat. They do this to avoid having to exchange keys between different clients, but what that really means is that it isn’t actually private most of the time.
All I know is that every scammer under the sun uses it these days
Telegram allegedly complied with a government to give them user data, and their e2e encryption was switched to be off by default. I know because when I started the chat with someone we raved about how it says ‘end to end encrypted’ before sending a message. Well, between then and when I decided to migrate off it, that private one-to-one chat’s encryption was switched off.
I say it’s okay, but only ensure that e2ee is on
Even with e2ee, I wouldn’t trust it since they use a closed-source, proprietary encryption protocol.
How far they have fallen… Which would you recommend, sans self-hosting a service? Signal?
Signal is easy to on board folks to. Not a huge fan of the phone number requirement, but it’s worth the trade off for me. I used Session for a while, but media sharing was buggy. I’ve heard good things about Simplex, but the inability to have a desktop client was deal breaker for me.
Yeah, it seems that everything has an imperfection, unfortunately. Just gotta choose one. I’d jump on Signal if they remove the phone number, but like you I think it’s the shiniest of the bunch. I just want media with captions, uncompressed uploads, the ability to search messages, full e2ee for calls and messages, the ability to conference call, secure message migration/sync to a new client, emoji/rich text and markdown format support, by a company that promises not to access its users’ messages, location or other identifying information.
its not private, but its FOSS, it has great mobile&desktop client
Telegram is not FOSS. The client is, but the server-side implementation is not, which is important if you consider the fact that encryption is turned off by default.
I don’t think that is disqualifying, because you can’t control what is running on someone’s else machine anyway. It’s centralization that is the problem.
If it was impossible for the other side to read the content of the messages, I’d agree. Hence, why it is less problematic that Signals server software is closed source.
There’s a FOSS version of signal called molly that’s opensource.
That’s a signal client, not server. While I think there are reimplementations of the signal server that you can theoretically use, you’ll be bound to only communicating with people also connecting through that server (ie no federation)
You are 100% correct.
Use Forkgram off of F-Droid. Its an open source app with extra features. You have to have the regular app to verify the login on forkgram. Then just uninstall the regular app. I only use it for news channels and mod’d app channels. I don’t use it for communications. Its not good for that.
It was much better in the past in years 2017 ,now don’t use it.they put many limitations to custom clients and still not published source code of server as it was promised
