Every once in a while I recommend Telegram to my Facebook friends, mostly as a privacy-centric alternative to Facebook Chat / Messenger. Recently a friend of mine pushed back against this recommendation, and suggested that I try out Signal instead. Incidentally, I use both, so here are some ramblings on Telegram vs. Signal.
Update 2016-01-11: Wire seems to be close to the perfect text/voice/video chat service. Thanks to Wolfgang Bremer for letting me know of Wire in the comments. If you’re interested you can read a review of Wire’s whitepapers by by a security researcher at the University of Waterloo, with responses by Wire. My original blog post follows.
Keep in mind that 1) while I’m a bit of an idealist when it comes to privacy, I’m pragmatic above all,1 and 2) I have no idea what I’m talking about. If I’m wrong, or if I have overlooked significant aspects, please leave a comment.
What is Signal?
Signal is an app for Android and iOS by the non-commercial organization Open Whisper Systems. It’s basically an SMS app which, when you chat with someone who also uses Signal, sends an encrypted message over the Internet instead of a normal unencrypted SMS.2 This means that it’s not possible to naively think of it as an SMS app, because the message will not be received until the recipient connects to the Internet. Since you don’t know whether or not your friend is online when you send the message, you can’t count on it being delivered instantly, like you can with SMS.
Signal is completely open source. Open Whisper Systems are funded by a combination of donations and grants.
What is Telegram?
Telegram is a non-commercial chat service with apps for mobile devices (iOS, Android and Windows Phone) as well as desktop and web. Messages are encrypted in transit and on their server, but unless you specifically start a “Secret Chat” it’s not zero-knowledge (i.e., end-to-end encrypted with no possibility of Telegram seeing the message contents).
Telegram’s clients, API, and protocol is open source. They haven’t open-sourced their server back-end (yet). Telegram is funded by a significant donation from a guy named Pavel Durov.
What’s the issue with Telegram?
Well, that depends on your reasons for using it. My friend highlighted the closed source back-end, and the fact that end-to-end encryption is turned off by default (as previously tweeted by Snowden himself, though it’s incorrect that the messages are stored in plain text on Telegram’s servers). In addition to that, Telegram once held a cryptography contest which was criticized for being little more than a play to the gallery (, , ). They are also closing down known terrorist-related chats/channels, which IMHO is a good thing, but not philosophically unproblematic given that “terrorism” is a rather vague term.
If you’re the next Snowden, I’m sure you’ll have several other problems with it. I’m not and I don’t.
Why I don’t recommend Signal to my friends
I have two main gripes with Signal:
First, it’s only on mobile. I want something on desktop too, because I don’t see a reason to awkwardly type on a smartphone if I’m in front of a PC anyway (which I am most of the time). They do have a kind of desktop client they’re working on, but it’s a Chrome app and connects with your Android phone. I want something I can use to communicate even without my phone,3
not to mention a solution which doesn’t lock me into a specific browser. Update 2017-04-26: You don’t need Chrome running in order to use it. Still, I’d still like not to be forced to install software I’m not using.
Second, Signal’s SMS/web identity crisis is not particularly user friendly. “Hey, why isn’t my secure SMS delivered”, I hear the potential users yelling before heading back to the warm embrace of Facebook Messenger. The question of an SMS fallback has been discussed several times on the Signal issue tracker; see #3220 and referenced issues for more information on why we won’t see it.
I started using Signal because I was curious how it worked, and I’ve only continued using it because it delivers a better SMS experience than my stock SMS app (literally none of my contacts are using Signal).
Privacy vs. Security
When I recommend Telegram to friends, it’s mostly out of privacy concerns, not security. There’s a difference between privacy and security. Highly simplified, security is confidentiality of your data, while privacy is appropriate use of your data. Of course, without confidentiality (encryption), your data can be intercepted and used inappropriately (e.g., collected by the NSA et al.), so entirely unencrypted transmissions are always susceptible to privacy violations. But Telegram’s protocol is encrypted, so the security is not a big issue for me here.
The only remaining “problem” then is the fact that Telegram technically has access to your messages. I don’t like that, but hey, I’m using Facebook Chat (and Facebook in general, though I’ve had it with the Messenger app), and Facebook is confirmed to both have access to my messages AND analyze/use that data for commercial purposes (also they have backdoors for the NSA, if I remember the PRISM thing correctly).
Since Telegram has access to your messages (although they swear they’re not looking at it), you are required to trust Telegram, which may or may not be a problem for you. Let’s discuss that.
On trusting Telegram
Consider their closed-source back-end: Even if Telegram had an open-sourced their back-end,4 you could never be 100% certain that they were actually running that version. Some trust is required anyway. ProtonMail recently mentioned this in an article on spam protection. In fact, the only way to be 100% certain that no-one can see your unencrypted data is to use a service which does full end-to-end encryption, verify their client source code (years of cryptography experience required)5, download the source and compile it, and only use the client you have compiled yourself. And of course, vet the changes to each new update (which may be required in order to continue using the service, what with it being a service and all) and repeat the process. No-one does that. Or close enough to no-one as to make no difference.
Security vs. user-friendliness
There’s a good reason for Telegram not enabling encrypted chats by default: It would be significantly less user-friendly, since messages could only be read on the device from which they were sent. From their FAQ:
The idea behind Telegram is to bring something more secure to the masses, who understand nothing about security and want none of it. Being merely secure is not enough to achieve this — you also need to be fast, powerful and user-friendly. This allows Telegram to be widely adopted in broad circles, not just by activists and dissidents so that the simple fact of using Telegram does not mark users as targets for heightened surveillance in certain countries.
I respect that decision and think it is a good move. I have lots of friends who are not that technically proficient, or care enough about privacy and security to suffer through using an unintuitive app. These days, user’s expectations of ease of use are out of this world. Apps and services should “just work” out of the box, with all the essential stuff being immediately clear even without tutorials. Telegram is massively better than Facebook Messenger and other apps from companies who are commercially invested in obtaining, analyzing, and exploiting as much data about you as possible.
The real battle is with Facebook Messenger
Now, don’t get me wrong. I’m not defending Telegram’s particular choices as much as I am defending my using and recommending Telegram to my friends and acquaintances. Naturally, the ideal solution would be a service which is as easy to use as Telegram, which allows you to chat and access your chats from an arbitrary number of devices, and which is completely zero-knowledge. Unfortunately I fail to see any such candidates (please let me know if they exist).
So let’s take a step back: Most of my instant communication presently occurs on Facebook, because that’s where all my friends are. That means I’m up against Facebook Chat and Messenger when I’m recommending an alternative. Looking at this pragmatically, I want (and I want my friends to use) a messaging app that doesn’t eavesdrop on my real-life conversations or analyze my chat messages in order to show me more relevant ads (assuming that’s everything Facebook does with my data).
With that perspective, I think Telegram is a great alternative.
Header image: Made it myself, SVG and more info here.
At least when pragmatism seems to be the right approach. Oh, the meta.↩
Yes, I realize that’s turning Signal on its head, but it’s a very accurate description when you mostly communicate with people who don’t use Signal.↩
You need your phone to set up the desktop app, though I’m not sure whether you actually need your phone present to use it. I can’t test since it’s set up by scanning a QR code, and my phone camera doesn’t work.↩
According to their FAQ, they intend to do at some point. Sure, words are wind, but I think Telegram would be hurt in the long term by lying to their users. As for not having open-sourced it already – open-sourcing a back-end is not necessarily trivial, something the ProtonMail post linked to in this paragraph shows.↩
Alternatively, you can trust that the organizations having vetted the source code have done their job well and have your best interests at heart, and make sure to use the exact revision of the source that they vetted. Or trust/check that the recent changes to the source code are safe.↩