• Opisek@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    2
    ·
    23 days ago

    Except Telegram doesn’t use TLS :) They use MTProto.

    This is not me endorsing Telegram. I’m just pointing out your mistake. Telegram has other issues but it definitely does have transport encryption.

    • Justin@lemmy.jlh.name
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      edit-2
      22 days ago

      The above commenter said that their end-to-end MTProto protocol is not enabled by default.

      Defaulting to just using transport encryption like TLS on a messaging app isn’t sufficient in 2024.

      • Opisek@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        22 days ago

        MTProto is not end-to-end. MTProto is their obfuscated client-server transport encryption.

        What the commenter above is referring to is Telegram defaulting to saving your messages on the server in plaintext. You can use a “secret chat” which enables end-to-end encryption, but that is separate from MTProto.

        Your sentiment is correct though. Messages should not be visible in plaintext to the server.

          • Opisek@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            22 days ago

            You’re right, it is misleading. There are different “flavours” of MTProto. See here:

            https://core.telegram.org/mtproto

            This page deals with the basic layer of MTProto encryption used for Cloud chats (server-client encryption). See also:

            • Secret chats, end-to-end-encryption

            • End-to-end encrypted Voice Calls

            (The major difference is simply whether the server and client share a key or two clients)