While Telegram continues to claim to be a secure app for communicating, the founders of Signal say otherwise. According to Moxie Marlinspike, the Telegram application actually has shortcomings in terms of data privacy.
The founder of Signal said it through his personal Twitter account @ Moxie on Friday (12/24/2021). According to him, it is too much to think of Telegram as a safe application.
“It’s amazing to me that after all this time, almost all media coverage of Telegram still refers to it as an ‘encrypted message’. Telegram has lots of great features, but when it comes to privacy and data collection, there’s no worse choice,” tweeted @Moxie.
It's amazing to me that after all this time, almost all media coverage of Telegram still refers to it as an "encrypted messenger."
Telegram has a lot of compelling features, but in terms of privacy and data collection, there is no worse choice. Here's how it actually works:
— Moxie Marlinspike (@moxie) December 23, 2021
It is explained that the application with the paper airplane logo stores all contacts, groups, media, and every message that the user has ever sent or received in plaintext format on their server. Worse, Telegram can see all the data.
“The apps on your phone are just a ‘view’ to their servers, where the data actually resides. Almost everything you see in the app, Telegram sees too,” said Moxie.
To confirm Moxie’s claim, users are asked to delete the application on their cellphone. Then download again and login using the same number. When you return to Telegram, the entire conversation history, until the media will appear in the application.
This is proof that Telegram’s data privacy is problematic, because it stores all data on the server in plaintext or plain text.
“Here’s a simple test: delete Telegram, install it on a new phone, and register with your number. You will immediately see all your conversation history, all your contacts, all your shared media, all your groups. How? Everything is on their servers, in plain text,” he added.
This fact also proves that Telegram does not protect the privacy of user data, and does not implement end-to-end encryption technology by default. Because, if encryption technology is applied, no one can see and access user data.
“Some people may feel fine letting Telegram have access to all their data, messages, pictures, contacts, groups, etc. because they trust Telegram. But the point of encrypted messengers is that you don’t have to trust anyone other than the person you’re communicating with,” Moxie said.
“Messages you send should only be visible to you and the recipient. Group details are only visible to other members. Looking up your contacts shouldn’t reveal them to anyone else,” he added.
It is feared that if there is no end-to-end encryption in the application, then anyone can hack Telegram servers and easily find out all user conversations.
Information from Moxie has not received a response from Telegram, but if it is true then the application is apparently not able to maintain user privacy properly.