Telegram has become one of the top social outlets for people operating online that care deeply about their security and privacy. Group conversations that take place on Telegram are characterized as private affairs that are fully encrypted from the moment they leave your phone to the moment they arrive in your conversation partner’s inbox. This front-facing image combined with its unlimited file-transfer size, and its position as the “Anti-Facebook” has garnered the trust of well over 700 million users. It’s disappointing for the future of privacy and security on the internet, then, that Telegram and similar services have not been operating in their user’s best interests. Thousands of users have been exposing themselves to unique vulnerabilities that they may have been entirely blind to for years now. How can we protect ourselves online in a way that is effective and convenient? How do we know when a service has poorly represented itself before it’s too late?
Telegram WhatsApp and Security Missteps
Telegram’s story owes much to Meta’s mismanagement of WhatsApp user trust. For years, users of WhatsApp were trusting their conversations to the messaging platform believing that their data was securely in the hands of WhatsApp and no other company. In 2021 a clarification of WhatsApp’s privacy policy turned that understanding on its head[1]. It turns out that, for years, WhatsApp had been sharing user data with its overbearing tech parent, Facebook.
WhatsApp is a communication platform that advertises its privacy and security features above everything else. Naturally, this attracts users that are concerned about keeping their information secure and their conversations private. One could argue that this oversight falls on the user for glossing over the terms and conditions, this, however, ignores an unfortunate reality — we live in a world where fully reading and comprehending the terms and conditions for just 13 of the most popular apps on the market right now would take over 17 hours[2]. Terms and conditions exist to obfuscate shady practices, as we saw with WhatsApp, and they operate in defense of Big Tech, giving their legal teams a leg up on the layperson.
This revelatory reframing of WhatsApp’s practices turned millions of WhatsApp users off. When presented with the porous reality of WhatsApp’s privacy policy, Telegram, a similar service became a safe harbor to millions of users in a clearly-identifiable 24-hour period[3]. Seeing a service that promised the privacy and security WhatsApp once claimed it had, Telegram and Pavel Durov saw a spike in downloads never before seen in their first seven years of business.
How Telegram Falls Short
It turns out that Telegram isn’t perfect either. Conversations will not benefit from Telegram’s end-to-end encryption until users dance through a brief series of hoops to enable a ”secret chats” feature, and even after doing so, they need to remember to flip the feature back on every time they pick the “secret” conversation back up. The feature works like a charm when engaged, but the fact that it must be reengaged as often as it does, leaves users twisting in the wind. Telegram users also tend to have their conversations in group chats, an area Telegram, and its encryption, fall apart. Group chats on Telegram are stored on servers, unencrypted, and open to prying eyes[4]. Unfortunately, it seems like Telegram’s bid to become a home for private conversations has fallen short of expectations, and this shortcoming seems to be the norm when it comes to creating spaces on the internet that are geared towards privacy. The disappointment doesn’t stop there, either. Telegram’s encrypted conversations are run through a proprietary encryption process called MTProto rather than something established and well-proven like AES encryption[5]. Telegram’s encryption has admittedly held its own so far, but it stands alone where more well-established encryption protocols have the benefit of shared knowledge between all of its users.
How Can We Maintain Privacy without Sacrificing Security?
It seems that the internet of today is going to remain constantly subjected to security shortcomings. As it stands now, the security onus rests firmly on the shoulders of the user. The internet as we know it is built on a series of services that rely on centralized infrastructure run by tech giants ready to trade your data for a quick buck. Terms are stacked against you, and companies that want to garner the good faith of law enforcement like the Ring Video Doorbell will poke a hole right in the middle of your expectation of privacy in exchange for an approving nod. There are three main things we can do as things stand, currently.
Start by carefully reviewing the terms and conditions for any service you add to your technology rotation. This can be a difficult thing to do on your own. Luckily, we have crowd-sourced summaries that break them down into plain, manageable English so you can make informed decisions as an end-user. Second, check for feature fine print, Telegram’s opt-in encryption is an excellent example of this. Design, speaks louder than words, so if you need to constantly flip a key feature on before you use it, then there’s a good chance that the app would rather you behave differently to their benefit. Third, you must diversify. Telegram may make group conversations easy and Discord may be an excellent tool for creating an online community, but neither of these services are built to protect your privacy or security like a dedicated file-sharing service.
AXEL Go is the perfect way to maintain excellent digital hygiene. Telegram and similar services will offer to handle your sensitive shares, but they will also hold onto your documents way past their intended shelf life. Their servers aren’t designed to protect your files the same way AXEL Go and its decentralized servers, are. AXEL Go uses military-grade AES 256 encryption, there are no surprises or lagtimes between it and cutting-edge encryption technology. AXEL Go also has zero interest in peering into your activity, your files are your own, and only yourself and authorized recipients are capable of seeing what your storage holds.
You can try AXEL Go and all of its features for free with our 14-day trial. See the difference a simple, secure tool backed by our $10,000 guarantee can make in your practice today.
Citations
[1] Condé Nast. 2022. “How Telegram Became the Anti-Facebook”. Wired. https://www.wired.com/story/how-telegram-became-anti-facebook/.
[2]Axis, The. 2022. “It Would Take 17 Hours to Read the Terms & Conditions of the 13 Most Popular Apps”. PCMAG. https://www.pcmag.com/news/it-would-take-17-hours-to-read-the-terms-conditions-of-the-13-most-popular.
[3]Joel Gehrke, Foreign Affairs Reporter | . 2022. “Telegram is ‘not a secure platform,’ NATO-backed strategic comms chief warns”. Washington Examiner. https://www.washingtonexaminer.com/policy/defense-national-security/telegram-secure-platform-nato-warns.
[4] [5] Condé Nast. 2022. “Fleeing WhatsApp for Privacy? Don’t Turn to Telegram”. Wired. https://www.wired.com/story/telegram-encryption-whatsapp-settings/.