Back to top

Please Stop Saying "Telegram Isn't Encrypted"

You’re not helping - draft 2

Telegram is back in focus these days – and, as usual, not for good reasons. I will write more on this later, as I will have to figure out how to deal with the very real concerns I have with the chat app I use the most. But now I wanted to focus on one thing that’s annoying me a lot, for instance in the latest Vergecast episode.

Another annoying thing in that episode, is that they all say they've (more or less) never used it, while still saying it's a bad app. The reason I think it's hard to know what to do with Telegram, is that it's simultaneously problematic, and objectively a great app for regular chatting. It's significantly better than the alternatives (I go into why here) – so it shows when people talk about it without having used it. But I won't go into my qualms around it in this post.

Why it’s a bad idea to say things that aren’t true

I think it’s crucial to get the word out, that Telegram isn’t as safe as Signal1 – and I applaud those who want to shine a light on that fact. The problem is, that many of them (like Nilay Patel) do it by saying that “Telegram isn’t encrypted”. But what happens if someone has heard that phrase, and then later learns the fact: That Telegram is encrypted.2 They will then perhaps disregard the entire notion, and maybe assume that Telegram is as secure as Signal after all.

My issue with that phrase is that it erases the essential distinction between just “encryption” (or “server encryption”) and “end-to-end-encryption”.

Here’s the difference:

Simply put, encryption means that something is “locked”. But the distinction, is: Who has the key?

We can take iMessage/SMS as an example

If you send an SMS, it’s unencrypted – so “open”.

While if you use iMessage, the message gets encrypted – so “locked”.

However, I assume most people have iCloud backups turned on when they use iMessage. And unless all users of the chat have turned on the special Advanced Data Protection, or has iCloud backups turned off, Apple holds the key. Now, to me, that’s a good thing. I don’t mind that they hold it, as they can then help me with the backup. But the downside, is that American law-enforcement can force Apple to give it the key. So while all iMessage communication is encrypted, most of it is probably not end-to-end-encrypted. Because that means that only the chat participants, and not Apple, holds the key.

Something like Signal is always end-to-end-encrypted.

Telegram uses the same approach as regular iMessage: It is encrypted, but not end-to-end. An important distinction in my mind – because occasionally that’s absolutely not enough. And it also gives Telegram a much greater ability to moderate the content on their platform, which I absolutely think they should do. A comment, I got on the first draft of this post, said that this is as bad as plain-text/no encryption. But if this was the case, I don’t think Telegram would be in as much trouble with law-enforcement as they are!

A parallell:

There’s no denying that driving with a seat belt and helmet is more secure than driving with just a seat belt. There’s a reason race car drivers wear helmets! But it doesn’t make sense to say that driving with “just” a seat belt is as bad as driving without one. There are shades between “no security” and “the best security”. If anything, I fear a message like that could lead to people thinking that if they don’t wear a helmet (if they find it cumbersome), they might as well not bother with a seat belt either – as both are “equally insecure”.

I get that I’m trying to thread a tight needle… What I’m trying to say is that both of these two statements are wrong and counter-productive, if the goal is to increase the security awarded to the average consumer:

  • It’s not more secure to drive with a helmet in addition to seat belt. (“Telegram/iMessage is as secure as Signal.")
  • If you don’t wear a helmet, you don’t have to bother with a seat belt. (“Telegram/iMessage is as bad as no encryption.")

Now, security minded people have little trouble distinguishing between all matters of nuance in terms of security – and I agree that we should simplify while communicating these things. But I don’t think a binary understanding, where things are either “secure” or “insecure”, is the right level – as we’ll get lots of over and under estimations. Either we lump Telegram/iMessage in with Signal, or with SMS – and both are wrong. I think we can manage three (broad) categories – that there’s room for something between “No security” and “The best security”.

(Hot Take: I like that Telegram and iMessage mostly isn’t end-to-end-encrypted! But that’s a discussion for another day.)

#Technology #Musings #English

  1. Which I’ll use as a stand-in for end-to-end-encrypted messaging services. ↩︎

  2. Just not end-to-end-encrypted — which is important! ↩︎