Just two more things: I get that people like Telegram a lot, mostly because it "just works". Signal's protocol (axolotl/double ratchet) pretty much heavily improved upon existing tech with focus on mobile messaging, dropping/changing connections and multiple devices/clients, which is why it's become the "de-facto standard" when it comes to "proper" encryption for messengers nowadays.Īh, another edit, because why not. It might be the best algorithms there is, but when it comes to cryptography that's not enough, unless you have good reasons to write something new and until it is reviewed by people with expertise in the field. Telegram went and wrote it's own, coming from a non-crypto-background. With cryptography/cryptanalysis it's traditionally seen with scepticism when someone "rolls their own algo", as the algorithms as well as the implementation might subtly make it insecure, and with proven and well-reviewed algorithms there's just a lot more of "yep, it's probably fine". Something else about the validity of the criticism with regards to the encryption of Telegram: It's less about "do they use the same algo/libs as Signal" and more about "do they use algos/libs with a proven track record and review". But for everything else, it's a nope from me. While many alternatives have some variation of it, it's most mature with Telegram. The only thing I see where Telegram is still ahead is with regards to bot support. e2e encrypted, too.įrom a security focused point of view, Telegram just doesn't cut it.
KEYBASE VS SIGNAL FULL
Heck, you can even do it with XMPP/Jabber and Omemo.Īnd Wire even offers the full set of video and voice calls. So there's actually no excuse for Telegram's self-rolled encryption, especially without e2e encryption on by default. Signal and Whatsapp still go the odd you-need-a-phone-route, but Wire and Keybase don't.
Thing is, you actually can do that even with e2e encryption.
0 kommentar(er)
