this post was submitted on 23 Aug 2023
503 points (100.0% liked)
Technology
37739 readers
500 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You mentioned "plain text" specifically - where else would they be holding those plain texts?
So far, there is no evidence to suggest your messages are stored in plain text. And in 2015, Telegram was using MTProto 1.0 for their cloud chat encryption and Secret Chats E2EE. It's been about 5-6 years since they've upgraded to MTProto 2.0 which has been proven to be a sound encryption protocol.
It was Moxie Marlinspike that also made the claim messages are stored in plain text on Telegram's server with no evidence. And so far, the only thing we have are hypotheticals and nothing of substance to support that claim.
The audit done in 2020 goes over how Telegram encrypts their cloud chats and those encryption keys are not stored on the same servers. While E2EE is preferable, the reason why Telegram works the way it does is because how messages are handled by default.
Hopefully soon they will roll out Secret Group chats. But I do like we all have the option to use Telegram however we want.
If you (user 1) are talking with your friend (user 2) through me (telegram) and I have the encryption keys, then for me (telegram) communications are essentially in plain text. I can even encrypt them 100 times... I have the keys and can read your (user 1 + user 2) messages.
You're again talking about storing messages (not sure why). Telegram might encrypt their storage (I never claimed they didn't), but they have the keys and therefore can read what's stored. They also have the keys for the messages, so there's no hypotheticals or claims here: they have the keys for everything, so they can read everything.
E2EE is opt-in and currently only available for direct chats. Unless you manually start a "secret chat", there's no E2EE MTProto 2.0 to help you. They can read everything.
So... Telegram has the keys to decrypt your messages?
I mean, it's not hard to understand. The party that holds the keys can read the messages.