We at Team XenoX love Telegram as much we love Dev.to. Telegram is our go-to place for day-to-day team chats, whether formal or informal. We tried ...
For further actions, you may consider blocking this person and/or reporting abuse
Telegram sticker collection and programmability seem cool but I've managed to stay away from it until now, mostly because they don't have end to end encryption on by default and don't use a peer researched protocol ;)
Has the situation changed :D ?
I hope they will never default to end-to-end encryption if it means I can't seamlessly switch from mobile to desktop and vice versa for continuing my conversations anymore. Secret Chats are a good feature as any but you must drag the cloud syncing off from my dead cold hands.
It's the single most enjoyable feature of Telegram and makes competitors like WhatsApp so irritating to use.
Thing is, you actually can do that even with e2e encryption. Wire does it, Keybase does it. Signal and Whatsapp still go the odd you-need-a-phone-route, but Wire and Keybase don't. So there's actually no excuse for Telegram's self-rolled encryption, especially without e2e encryption on by default.
Heck, you can even do it with XMPP/Jabber and Omemo.
And Wire even offers the full set of video and voice calls. e2e encrypted, too.
From a security focused point of view, Telegram just doesn't cut it. The only thing I see where Telegram is still ahead is with regards to bot support. While many alternatives have some variation of it, it's most mature with Telegram. But for everything else, it's a nope from me.
/edit
Something else about the validity of the criticism with regards to the encryption of Telegram: It's less about "do they use the same algo/libs as Signal" and more about "do they use algos/libs with a proven track record and review". With cryptography/cryptanalysis it's traditionally seen with scepticism when someone "rolls their own algo", as the algorithms as well as the implementation might subtly make it insecure, and with proven and well-reviewed algorithms there's just a lot more of "yep, it's probably fine". Telegram went and wrote it's own, coming from a non-crypto-background. It might be the best algorithms there is, but when it comes to cryptography that's not enough, unless you have good reasons to write something new and until it is reviewed by people with expertise in the field. Signal's protocol (axolotl/double ratchet) pretty much heavily improved upon existing tech with focus on mobile messaging, dropping/changing connections and multiple devices/clients, which is why it's become the "de-facto standard" when it comes to "proper" encryption for messengers nowadays.
/edit
Ah, another edit, because why not. Just two more things: I get that people like Telegram a lot, mostly because it "just works". My focus is, obviously, a bit more on the security of the messengers, so I'm certainly biased. Still, Signal (on the phone) is nowadays pretty much a "drop in replacement" for SMS/Whatsapp/etc., usability-wise, as those things that made secure messaging user-unfriendly before (getting keys, checking fingerprints etc.) is either gone or optional (you can just use it, discover contacts TOFU-style and never care about what's going on, or you can go and actually verify fingerprints through a secure channel). Wire is a tiny bit more complicated, or rather: nudges you a bit more toward verifying/checking keys/devices, but not very much. Plus, you don't need a phone number for it, which is a plus for quite many people, compared to, say, Signal and Whatsapp.
So I'd probably not go out and say "don't use Telegram", but I'd be happy if Telegram wouldn't be marketed as a "secure" messenger. And if you use it, you should keep in mind that your communication might be somewhat secure (from you to the Telegram servers), but only in a limited fashion.
And lastly, for the interested: OTRv4 is actually being worked on, with (not only) the intention on improving on OTRv3 and the axolotl/double ratchet algo: github.com/otrv4/otrv4/blob/master...
A bit more about it github.com/coyim/coyim/issues/233, and a somewhat in-depth look at developments and background in that area (olm [matrix), signal, otr, omemo): blog.jabberhead.tk/author/vanitasv...
Came for copper, found gold. Thanks for this wonderful explanation.
I'm not sure I understand what you mean here. I use WhatsApp's desktop client and the phone every day with e2e encryption enabled. Same with Signal. You mean the fact that the encryption goes through the phone so the phone has to be online?
Yes, and being an active user of Slack and other popular messaging applications makes the odd always-on approach of WhatsApp and Signal feel tedious and outdated.
I wouldn't also promote WhatsApp to be more secure than Telegram due to their tight coupling with Facebook but that's a whole another discussion.
Man, I knew about the "@gif" inline bot, but I recently discovered the "@vid" and "@wiki" functionality to quickly search Youtube videos and Wikipedia articles respectively. My mind is still blown at how awesome this is and how creative the Telegram user/developer base is!
"it cares about our privacy"
The server is proprietary software. Therefore, this sentence cannot be proven true - and chances are quite often against the user in these times. It's a fairly dangerous affirmative specially to innocent people that might be interested in the subject, so be careful, yes?
This was the single most-important requirement for me, otherwise I might as well just use any other hosted service... If you can't self-host, there's no accountability - or TRUE privacy, for that matter. Will be interested to see what they decide to do moving forward on this front.
An acquaintance of mine was fired for installing telegram on his work computer. Installation of software wasn't the problem, it's because Telegram is "for use by terrorists", apparently.
Wait what 🤯🤯
If that's what qualifies one as a terrorist to some, then the bar has been set very low
Clearly it is
Finally someone agrees
🔥
Looks like xenox and me have common interests 😅😃
There are many more awesome channels too
t.me/githubtrending
t.me/devchampions
t.me/thedevs
Also if someone wants to join and talk with random devs
t.me/randomdevs
Good find, Bhupesh! Telegram rocks! 🤘
I use telegram as messenger and as simple error tracker for my work project. Telegram bot have white list of ids and send message if some error happened. (my team use another instruments for an error tracking)
Wow, that’s new.
Since this is dev.to I was hoping to read something about the internals of Telegram. Massively scalable systems that need real-time latency are an interesting beast. I guess we all know that WhatsApp is built on Erlang/OTP, but what are the foundations of Telegram?
Alright, I did some research myself. The server is closed-source and its architecture seems to be a secret, as well as the programming languages. But since it's been written by the Durov brothers, who previously developed VK (the Russian facebook), it's very likely that a lot of parts are written in C/C++, since that's the technology stack they seem to be using mostly.
Now get ready for a sensation. Ever heard of TON, the Telegram Open Network? It's the Durlov's blockchain project and it's huuuuuuge! It's 1.7 Billion Dollar huge, to be precise. That's what some rich investors in the Bay area paid the Durlov brothers in an 2018 private ICO. Check out the white paper to see all the things they've promised, e.g. the blockchain architecture contains a master blockchain and as many worker blockchains as necessary, the consensus algorithm is PoS, and the promised speed is amazing (more transactions per second than Mastercard and Visa). Too ambitious, you say? Well, they better keep their promise, because one of the ICO terms is that TON must go live until November 2019 or else they will have to refund the 1.7 Billion Dollars ...or at least what's left.
I love telegram but didn't know about many of these channels, thanks!
I think the only thing that slack does glaringly better though is code formatting even when using the code fence markup.
😊
t.me/bxjsweekly I would add this too if you love JS
I actually made a side project to aid in moderation of telegram chats.
modr8.net 👍 quite popular too. Not a bad hobby project built in the few hours before work each day.
Finally some people that share my opinion. Some new channels for the daily business, thanks for that.
Still on my todo list to write a telegram bot!