The Importance of End-to-End Encryption
It's hard to overestimate just how important end-to-end encryption (E2EE) is. If your data is E2EE protected, only you can access it. Neither service providers, nor governments, nor even hackers can break properly-implemented encryption of this kind. They'd have to compromise you by other means. At a very high level, E2EE means the data is encrypted on your device before being sent, only to be decrypted by the recipient — and no one else. Both WhatsApp and Signal support it right out of the box. With Telegram, E2EE is optional.
By default, Telegram uses server-client encryption, which means the data is encrypted as soon as it arrives at the server. This creates two major problems: one, the data could potentially be intercepted en route to the server; two, you have to trust the server holding the information not to access it. Trust is a terrible policy for security. E2EE means you don't have to worry about a server security breach (hackers) or an inside job (company employees) compromising your data. Even if you could trust Telegram completely, data breaches are something of an inevitability — as the saying goes, it's not if they hack you, but when.
Telegram does support E2EE, but they call it Secret Chats. It's not made clear to new users what secret chats are, or that you have to specially enable one yourself. Until Telegram enables E2EE by default, or makes it crystal clear that it doesn't, then users should look elsewhere for a platform to host their private conversations.
Telegram's E2EE Isn't Great for Security Researchers or End Users
WhatsApp and Signal employ the Signal Encryption Protocol, a form of E2EE that has been vetted and praised by security experts. Importantly, it's open-source, meaning anyone can examine the code and contribute to building it, and the Signal app itself was built by actual security experts. It's a case study of good security, so good authoritarian governments and ignorant politicians despise it. Despite this, it's still easy to use, without major compromises to user convenience. The same can't be said for MTProto, Telegram's proprietary encryption protocol.
As early as 2015, MTProto 1.0 had concerning security vulnerabilities, and one person even discovered a potential backdoor. Thankfully, 1.0 was replaced with a more sound 2.0 in 2017, but the problems didn't stop there. In 2019, Shielder discovered 13 new vulnerabilities. Researchers from Royal Holloway University of London did an in-depth analysis of MTProto in 2021 and discovered "several cryptographic weaknesses in the protocol that ranged from technically trivial and easy to exploit, to more advanced." All of these were patched, but it's impossible to know how many more exist. Meanwhile, the Signal Encryption Protocol's record is practically spotless.
Plus, Telegram's secret chats are not as fun or convenient to use. They are dreadfully slow, remain on a single device, are separate from normal Cloud chats with the same person, and lack basic functionality like message reactions, which is not the case with WhatsApp and Signal. Considering MTProto has such a flawed history, you're getting the double whammy of worse security and an inferior user experience. Are Telegram's features really amazing enough to overlook these glaring issues? I'd say no.
Telegram's Cooperation with the Kremlin
Pavel Durov, Telegram's founder and CEO, is Russia's version of Mark Zuckerberg, if Zuck were a little more anti-establishment. He founded VK (the Russian equivalent of Facebook) in 2006, then sold all his shares and fled the country in 2014 rather than comply with an FSB (Russia's FBI) seizure of VK user data. However, Durov's clashes with th...