The blog addresses the misrepresentation of Telegram as an “encrypted messaging app” when it fundamentally lacks default end-to-end encryption. Despite CEO Pavel Durov’s emphasis on Telegram’s security, the platform does not automatically provide encryption for most conversations. The process of activating the optional end-to-end encryption feature for “Secret Chats” is convoluted, involving multiple clicks and may not secure private conversations with offline users. The lack of default encryption exposes the content of messages to Telegram’s servers, raising concerns over user privacy. The blog also discusses Telegram’s unusual encryption protocols, suggesting that end-to-end encryption alone may not guarantee data security.
https://blog.cryptographyengineering.com/2024/08/25/telegram-is-not-really-an-encrypted-messaging-app/