The problem with Telegram is that it is not an E2EE messaging platform, period. It is a non-E2EE platform that has an option to encrypt 1:1 messages with a criticised algorithm. Whoever uses Telegram does it for all the nice features that are not E2EE.
> all of a sudden people started claiming it was self evident that "of course Meta can read your WhatsApp messages".
Because some people say stuff like this doesn't make it right. WhatsApp messages are E2EE encrypted, unlike Telegram. There are other things to criticise with WhatsApp, but not that.
> Signal who refused to stop collecting phone numbers until recently even though they never needed it
As you said, you're confused. Signal needed the phone numbers for convenience, so that you could reach your friends. Exactly the same reason as WhatsApp. Could they have done without it? Yes, but maybe Signal would not be as popular. That's a valid tradeoff, and Signal never lied about it. Also having to share your phone number with Signal is still better than any of the other popular platforms. Anything that is "more private" than Signal hasn't managed to get on the map.
> Because some people say stuff like this doesn't make it right. WhatsApp messages are E2EE encrypted, unlike Telegram. There are other things to criticise with WhatsApp, but not that.
Is this verifiable fact or Meta's claim? As far as I know neither the server nor the client are open source.
> As far as I know neither the server nor the client are open source.
That is correct. I have a few things to add:
- Meta employees (and there are many of them) have access to the sources. So if Meta was downright lying about it, chances are that someone would leak it.
- Thanks to the Digital Markets Act, we see that the encryption protocol exposed by Meta for interoperability is based on Signal. If Meta wanted to lie, they would have to either use a different protocol internally (but again, we know that the Signal authors contributed to integrate the Signal protocol in 2016, and a Meta employee could relatively easily see if WhatsApp had removed Signal and re-added it just for interop recently) or use the Signal protocol but have the app send the content of the messages to the Meta servers after decryption (which would be fairly easy to see by a Meta employee).
- People who don't want to trust WhatsApp should use Signal. Moving to Telegram because of a lack of trust would be weird, as Telegram is most definitely not E2E encrypted.
In other words, the WhatsApp situation is not perfect, but telling people to move to Telegram because "it's safer" is actually dangerous. Telegram is strictly less private, period. Signal is strictly more private.
I am not saying people shouldn't use Telegram. As far as I'm concerned, people can do whatever they want (and I hear that the Telegram UX superior). What I do not tolerate is wrong statements about the privacy situation. Telegram is strictly less private, Signal is strictly more private.
> There are other things to criticise with WhatsApp, but not that.
Nitpick: Facebook can obviously grant themselves the ability to read your WhatsApp messages, by pushing out a new client. What they can't do is covertly read your WhatsApp messages: WhatsApp is well-studied enough that people would notice the malicious client update within a year.
Google or Apple can also grant themselves the ability to read your WhatsApp messages. Someone grabbing your phone while it's unlocked has the same ability.
Absolutely, and this is why one of the only viable options for truly private communication is Signal on a degoogled ROM like Graphene. Matrix also works, but you need your server.
Yep, I can see that.
The problem with Telegram is that it is not an E2EE messaging platform, period. It is a non-E2EE platform that has an option to encrypt 1:1 messages with a criticised algorithm. Whoever uses Telegram does it for all the nice features that are not E2EE.
> all of a sudden people started claiming it was self evident that "of course Meta can read your WhatsApp messages".
Because some people say stuff like this doesn't make it right. WhatsApp messages are E2EE encrypted, unlike Telegram. There are other things to criticise with WhatsApp, but not that.
> Signal who refused to stop collecting phone numbers until recently even though they never needed it
As you said, you're confused. Signal needed the phone numbers for convenience, so that you could reach your friends. Exactly the same reason as WhatsApp. Could they have done without it? Yes, but maybe Signal would not be as popular. That's a valid tradeoff, and Signal never lied about it. Also having to share your phone number with Signal is still better than any of the other popular platforms. Anything that is "more private" than Signal hasn't managed to get on the map.