But the standard we should apply to secure chat protocols isn't how many awards it won, but whether it's watertight. Obviously winning a prestigious prize means it's watertight, but the converse doesn't follow. A protocol can be safe for practical use without winning any prizes.
It can, but given Telegram's history and professional cryptographers like Schneier[1] and Green[2] saying DO NOT USE IT, it's obvious it's _anything_ but watertight.
No. Still not E2EE by default, still no E2EE for groups, still no E2EE for desktop clients. Why do you want to imagine Telegram magically got better when it's so obvious it didn't?
Because they “magically” updated and improved tons of stuff in the last four years. So I think it’s not unreasonable to consider whether their encryption improved too.
But yes, not having encryption on by default speaks poorly of them. OTOH it’s not concrete proof that the encryption still sucks as of now.
Don't get me wrong, I'm not saying the E2EE encryption itself is flawed. I'm saying it's not being used at all by default. And I'm saying it's not possible to use it for groups or desktop clients. That's _the_ travesty, and the proof that this is the state of things is so obvious people don't realize how serious it is. And my concern is that will lead to a tragedy.
Yeah, it’s true that not having E2EE makes Telegram a bad choice for the purposes of the protesters. Convenience and inertia wins out though. And when you have groups of hundreds of thousands of people, there aren’t too many choices in the first place.
The expectation of privacy loses it's meaning when the group size grows. It's more likely what you said remains private when you say it in a group of five people than if you say it in a group of 50, 500, 5000, or 500,000 people. IMO supergroups and channels don't need E2EE, normal groups in Telegram definitely do. It's not an all-or-nothing thing. E2EE where expectation of privacy can be assumed from group size isn't a problem.
Also, Signal has no upper group size limit but E2EE would make group with 100,000s a bit sluggish. But that's a problem that reduces with Moore's law.
No, and obviously it doesn't have to, because I'm replying to you. You hint at Telegram's protocol being inferior based on the number of awards it won, a heuristic that isn't too relevant in practice.
