Telegram responds to WhatsApp allegations
Telegram spokesperson Remi Vaughn reached out to us to refute claims by Wired and WhatsApp head Will Cathcart about the security of the popular chat app. According to Vaughn, the Wired article contains many errors and the editorial team ignored comments and responses from Telegram, which in turn mislead Cathcart.
Telegram has compiled a list of 9 errors in the Wired article, which you can find over on telegra.ph (a minimalistic publishing tool by Telegram). The post ends with “This list is being expanded”.
This post addresses various claims in the Wired article, including the one about location tracking – this is only possible if the user explicitly makes their location publicly visible, which only 0.01% of users have done, writes Telegram.
As for the privacy of secret chats, Vaughn points out that Cathcart is wrong about Telegram’s End To End Encryption (E2EE) protocol not being independently verified. A team from Italy’s University of Udine has verified the MTProto 2.0 protocol used by Telegram for securing its chats – you can find their paper here (PDF).
Note that this is a verification of the protocol rather than a specific implementation. But Telegram’s app is open source and has used reproducible builds since version 5.13. “Reproducible builds” means that you can compile the publicly available source code and verify that the resulting machine code is identical to the one hosted on the Apple App Store, Google Play Store and Telegram’s own website. Telegram servers are not open source, though the Udine team also verified the MTProto 2.0 protocol in the presence of malicious servers.
They do point out one problem that could break the security of secret chats – when starting a secret chat, it is vital for the user to check the fingerprint of the authentication keys through a safe external channel. Otherwise, man-in-the-middle attacks are possible (i.e. a third party eavesdropping on and possibly even altering messages). The researchers point out that such user error is possible when using the Signal app as well.
So if you’re using either app, make sure to properly check the fingerprint – a secret chat isn’t truly secret until you do and you can’t use the same or other unsecure chat to check that the fingerprint matches.
- 17 Feb 2023
Data wise is whatsapp better? Wait, waht? How do you thin whatsapp can bakup your fata? Or delete for the other person what you wrote? And those are just the small parts of the lie behind what you think is better. Actually telegram has a true end-to-...
- 17 Feb 2023
What exactly is an "internet era". In your context are you referring to the last few years? Internet publicly Has been booming since the late 80s. However as far as privacy is concerned you make or break that on your own. However a lot of p...
- 17 Feb 2023
Telegram is way superior to WhatsApp in most fronts. Just that data-wise WhatsApp is better, that’s it. If people switched over to telegram, the experience is much better now