Anecdotal evidence, so take this with a grain of salt - I work with a bunch of people from Ukraine and almost all of them exclusively use Telegram to keep up with the news and family back home. From talking to them for a while, it's mostly because it's free, has excellent support for sync across multiple devices (including audio, video and other media), has support for proxies to circumvent any kind of blocking, public channels for news updates.
Honestly it would be better if Telegram dropped the facade of having E2EE. It's generally very low on the priority list of most people anyway, as much as it would hurt anyone reading this, but that's the truth. People are not using it for secure messaging, but for a better UX and reliability.
EDIT: Telegram does require a phone number to sign up.
Actually I was wrong. Just checked and Telegram does require a phone number to sign up. I haven't used it myself much, but was relaying the general reasons why regular people use it.
Yep but you still need to have it staying activated and on whenever you need to activate the telegram app on a device.
I was using telegram for one single usage, which was a group organizing local meetups events for expats. When I switched smartphone I really didn't want to install an app just for one group and would have preferred using telegram web to consult it occasionnally. Every time I tried logging in on a computer/smartphone it told me to validate the login from telegram on my original, now wiped clean, smartphone. I just gave up.
> You need it to register, but afaik it's not shown to anyone in any way.
Then why is a phone number needed to register? If PII is "not shown to anyone in any way" then it should be completely unecessary to provide it to the service. Do not let that particular wool be pulled over your eyes.
Those who need to dissociate with a number have anonymous sim cards in abundance. Costs around $2-5 a piece when ordered in bulk.
That said, such high-tech operation is just a geeks fantasy about spies. When you cross the line where it becomes reality, you’re either a very big name with a sudden drug/rape history or a subject for waterboarding which is the most effective cryptoanalysis tool invented.
While this is a well-trodden stereotype, and it certainly has merit, not all crimes are Snowden-level crimes against the state. Felonies such as embezzlement, fraud and trafficking are often investigated by exposing the digital trail. Law enforcement most definitely do pull those records with a subpoena. It's often one of the first things done (pull all banking and phone records) and is often a key ingredient in a successful conviction.
Yes, burner sims definitely help evade investigations, but they are harder to get nowadays, depending on jurisdiction. For instance you can't pay cash for a SIM in North America. It has to be a credit card or a bank transfer and that's a form of ID.
Ah that's interesting, I did not know this. Maybe this is why authorities are all up in a tizzy over it. Because it can't be their platform security, which is largely theatre.
Not a single person I know who uses Telegram cares about or thinks of it as e2ee. Whether "techie" or "non-techie" (whatever the definition of that is). People use it because it has a nice interface, was one of the first to have good "sticker" message support (yes, a lot of people care about that kind of stuff), and of course because of the good old network effect.
It's only on HN I ever see people set up Telegram as some supposed uber-secure private app for Tor users and then demolish that strawman gleefully.
Do you read other news sites that mention Telegram or is this an N=1 situation?
Today, on the same topic, another tech site which generally gets a lot of things right (but whoever is responsible for writing about Telegram, or maybe their internal KB, is consistently wrong and doesn't care about feedback) wrote that it is an encrypted chats service: https://tweakers.net/nieuws/225750/ceo-en-oprichter-telegram... ("versleutelde-chatdienst" means that for those fact checking at home)
> Do you read other news sites that mention Telegram
The average person I know that uses Telegram ("non-techie" as GP comment put it) certainly doesn't. People join telegram because it has a group they want to join, or via word-of-mouth of a friend recommending it. Normal people don't read tech news, and if they do they don't give it much weight.
Maybe that sucks, maybe they'd be better off somehow if they did, but the reality is that most people live in a different universe from those of us who care about e2ee security or read tech news with interest.
You could also ask about whether they think it's private. And if they say yes, ask them what it means. Does it mean only sender and intended recipients can read the message, or is it fine if the service has someone check the content. Would they agree on the notion "it's OK my nudes I send to my SO are up for grabs for anyone who hacks Telegram's servers", or do they think should Telegram plug this gaping hole.
Also, people tend to state they have nothing to hide, when they feel they have nothing to fight with. But I can't count the number of times I've seen a stranger next to me on a bus cover their chat the second I sit next to them. Me, a complete random person with no interest in their life is a threat to them.
You may try sitting near a completely open-space developer and watch what they are doing, and see the 10x performance drop on average, while there was zero privacy on screen at all times. It helps to realize that people not always behave logically (we have lots of group instincts legacy) and it doesn’t always work as a proper argument.
So they take theatrics over logical evaluation of the situation. Cool. Tell them Durov could have locked himself out of their data and spared himself the trip to behind bars.
Durov is in jail because he is not doing moderation of public chat channels, as far as has been shared. It has exactly nothing to do with encryption or privacy, in both directions (that is, it doesn't in the slightest prove that Telegram doesn't share private data with various states; and E2EE of private chats would not have done one iota to keep him out of jail).
You probably don't use Telegram channels much. There are some drug and prostitution related channels you can search for but they disappear rather quickly or are totally empty.
Christo Grozev shared screenshots of a few CSAM channels yesterday, but if you search for them, they do not seem to exist.
Telegram clearly does less pre-moderation than Facebook, but they are smaller and have less computing and they do not seem to rely on the masses of Nigerian moderators that work for 5$/day as Facebook does.
For the past few weeks I've been using Telegram to create my own cool sticker and when talking with people in whatsapp (eughh) I find myself having trouble finding the words my telegram stickers would mean
Telegram is mostly used by people in the US for drug deals and chatting with people in Eastern Europe, so it's very common to believe it's a secure messenger.
Amplified by journalists, and most frustratingly to me even some techies that just can't be bothered to properly examine all available facts despite their technical capabilities to examine them.
100% this. most people do not realize that all those non-secrete messages from private chats and group chats are stored in database that people at telegram has access to.
I’d guess (not gonna test it but it feels reasonable) that “almost every non-techie” has a very vague idea of what e2ee even is, so it’s not clear where the worst part comes from. Pretty sure the best ideas they have about security are from hacker movies best case on average.
BS. Vast majority of non-tech users do not, for a simple reason that they can't know it even if they cared, and they do not. Even tech users can't be bothered to read links to the faq on tg site.
There is so much misinformation around telegram that alone made me trust it more (if a known liar tries to discredit something, it increases chances of it being good--it is about comments here on HN).
