From: noreply@mixmin.net   
      
   On Mon, 26 Aug 2024 13:24:52 -0000 (UTC), George Musk    
   wrote:   
   >https://blog.cryptographyengineering.com/2024/08/25/telegram-is-not-   
   >really-an-encrypted-messaging-app/   
   >Is Telegram really an encrypted messaging app?   
      
   (using Tor Browser 13.5.2)   
   https://blog.cryptographyengineering.com/2024/08/25/telegram-is-   
   ot-really-an-encrypted-messaging-app/   
   >Is Telegram really an encrypted messaging app?   
   >Matthew Green	in messaging   August 25, 2024   2,290 Words   
   >This blog is reserved for more serious things, and ordinarily I wouldn't   
   >spend time on questions like the above. But much as I'd like to spend my   
   >time writing about exciting topics, sometimes the world requires a bit of   
   >what Brad Delong calls "Intellectual Garbage Pickup," namely: correcting   
   >wrong, or mostly-wrong ideas that spread unchecked across the Internet.   
   >This post is inspired by the recent and concerning news that Telegram's   
   >CEO Pavel Durov has been arrested by French authorities for its failure to   
   >sufficiently moderate content. While I don't know the details, the use of   
   >criminal charges to coerce social media companies is a pretty worrying   
   >escalation, and I hope there's more to the story.   
   >But this arrest is not what I want to talk about today.   
   >What I do want to talk about is one specific detail of the reporting.   
   >Specifically: the fact that nearly every news report about the arrest   
   >refers to Telegram as an "encrypted messaging app." Here are just a few   
   >examples:   
   >This phrasing drives me nuts because in a very limited technical sense   
   >it's not wrong. Yet in every sense that matters, it fundamentally   
   >misrepresents what Telegram is and how it works in practice. And this   
   >misrepresentation is bad for both journalists and particularly for   
   >Telegram's users, many of whom could be badly hurt as a result.   
   >Now to the details.   
   >Does Telegram have encryption or doesn't it?   
   >Many systems use encryption in some way or another. However, when we talk   
   >about encryption in the context of modern private messaging services, the   
   >word typically has a very specific meaning: it refers to the use of   
   >default end-to-end encryption to protect users' message content. When used   
   >in an industry-standard way, this feature ensures that every message will   
   >be encrypted using encryption keys that are only known to the   
   >communicating parties, and not to the service provider.   
   >From your perspective as a user, an "encrypted messenger" ensures that   
   >each time you start a conversation, your messages will only be readable by   
   >the folks you intend to speak with. If the operator of a messaging service   
   >tries to view the content of your messages, all they'll see is useless   
   >encrypted junk. That same guarantee holds for anyone who might hack into   
   >the provider's servers, and also, for better or for worse, to law   
   >enforcement agencies that serve providers with a subpoena.   
   >Telegram clearly fails to meet this stronger definition for a simple   
   >reason: it does not end-to-end encrypt conversations by default. If you   
   >want to use end-to-end encryption in Telegram, you must manually activate   
   >an optional end-to-end encryption feature called "Secret Chats" for every   
   >single private conversation you want to have. The feature is explicitly   
   >not turned on for the vast majority of conversations, and is only   
   >available for one-on-one conversations, and never for group chats with   
   >more than two people in them.   
   >As a kind of a weird bonus, activating end-to-end encryption in Telegram   
   >is oddly difficult for non-expert users to actually do.   
   >For one thing, the button that activates Telegram's encryption feature is   
   >not visible from the main conversation pane, or from the home screen. To   
   >find it in the iOS app, I had to click at least four times -- once to   
   >access the user's profile, once to make a hidden menu pop up showing me   
   >the options, and a final time to "confirm" that I wanted to use   
   >encryption. And even after this I was not able to actually have an   
   >encrypted conversation, since Secret Chats only works if your conversation   
   >partner happens to be online when you do this.   
   >Starting a "secret chat" with my friend Michael on the latest Telegram iOS   
   >app. From an ordinary chat screen this option isn't directly visible.   
   >Getting it activated requires four clicks: (1) to get to Michael's profile   
   >(left image), (2) on the "..." button to display a hidden set of options   
   >(center image), (3) on "Start Secret Chat", and (4) on the "Are you sure..."   
   >confirmation dialog. After that I'm still unable to send Michael any   
   >messages, because Telegram's Secret Chats can only be turned on if the   
   >other user is also online.   
   >Overall this is quite different from the experience of starting a new   
   >encrypted chat in an industry-standard modern messaging application, which   
   >simply requires you to open a new chat window.   
   >While it might seem like I'm being picky, the difference in adoption   
   >between default end-to-end encryption and this experience is likely very   
   >significant. The practical impact is that the vast majority of one-on-one   
   >Telegram conversations -- and literally every single group chat -- are   
   >probably visible on Telegram's servers, which can see and record the   
   >content of all messages sent between users. That may or may not be a   
   >problem for every Telegram user, but it's certainly not something we'd   
   >advertise as particularly well encrypted.   
   >(If you're interested in the details, as well as a little bit of further   
   >criticism of Telegram's actual encryption protocols, I'll get into what we   
   >know about that further below.)   
   >But wait, does default encryption really matter?   
   >Maybe yes, maybe no! There are two different ways to think about this.   
   >One is that Telegram's lack of default encryption is just fine for many   
   >people. The reality is that many users don't choose Telegram for encrypted   
   >private messaging at all. For plenty of people, Telegram is used more like   
   >a social media network than a private messenger.   
   >Getting more specific, Telegram has two popular features that makes it   
   >ideal for this use-case. One of those is the ability to create and   
   >subscribe to "channels", each of which works like a broadcast network   
   >where one person (or a small number of people) can push content out to   
   >millions of readers. When you're broadcasting messages to thousands of   
   >strangers in public, maintaining the secrecy of your chat content isn't as   
   >important.   
   >Telegram also supports large public group chats that can include thousands   
   >of users. These groups can be made open for the general public to join, or   
   >they can set up as invite-only. While I've never personally wanted to   
   >share a group chat with thousands of people, I'm told that many people   
   >enjoy this feature. In the large and public instantiation, it also doesn't   
   >really matter that Telegram group chats are unencrypted -- after all, who   
   >cares about confidentiality if you're talking in the public square?   
   >But Telegram is not limited to just those features, and many users who   
   >join for them will also do other things.   
      
   [continued in next message]   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)