Telegram’s Pavel Durov is wrong about Signal and has been for years.
Telegram founder Pavel Durov took the encrypted messaging application Signal under fire this month when he claimed in a May 8 post that its privacy mechanisms amounted to a “circus trick.” Although his comments were made with the intention of undermining competing messaging apps, Durov’s history with Signal and Telegram’s own privacy credentials makes it difficult to take his comments seriously.
Durov has been throwing stones at Signal for years. In 2017, he predicted that backdoors would be discovered in their protocols within five years. Now, seven years later, that prediction was wrong. A few years later, Signal founder Moxie Marlinspike posted a thread suggesting that Telegram should stop calling itself an encrypted messaging app.
Signal and Telegram don’t like each other.
When viewed in the context of the historical conflict between the two products, this latest post looks more like an opportunistic rant against a market competitor than a legitimate PSA against backdoor software.
Malice in Messaging Apps
Signal has already come under scrutiny after Katherine Maher, president of the Signal Foundation, said Wikipedia’s “free and open” nature promoted “white male, Westernized structures.” It was a story that garnered a lot of attention on social media, and drew comments about X from Jack Dorsey, Vitalik Buterin, and Elon Musk.
Related: Proton Mail exposes activist information, exposes limitations of encryption
As people picked up pitchforks about Maher’s politics, it was all too easy for Durov to redirect the angry crowd towards Signal itself.
Signal worked to dispel the claims about the app and its protocols, and President Meredith Whittaker provided important context in her response to cool the story.
The situation has stabilized now. But this fight is not over. Rather, it is just the beginning. This row has the potential to be cybersecurity’s version of Kendrick vs. Drake.
anti signal movement
that easy Get people excited about Signal. There is an anti-signal undercurrent emerging in certain circles. That’s incredible sensitivity for one of the world’s most respected messaging apps.
It probably started earlier this year when former Fox News anchor Tucker Carlson appeared on Lex Fridman’s podcast. When it comes to messaging security, Carlson said, “We all have theories about secure communication channels: Signal is secure, Telegraph (sic) is not, and WhatsApp (owned by Mark Zuckerberg) is untrustworthy.” “
In the same conversation, Carlson claimed to have obtained signal messages related to the NSA’s efforts to interview Russian President Vladimir Putin and later leak them to the media. This may have sowed a source of doubt, and it certainly feels like a precursor to the latest controversy.
Connecting a few dots, Carlson sat down for an interview with Pavel Durov last April. Here is Durov’s post a month later: You Rove’s Channel Key figures revealed to him that his “private” Signal messages had been misused.
Unless you’re a natural Sherlock, Carlson is one of Durov’s “important people.” Based on these claims, Durov says that Telegram offers βthe only public way of communicating that is reliably private.β
Related: 3 Tips to Protect Bitcoin Profits Amid Ethereum ETF Mania
Telegram has always tried to fit in with the encrypted messaging crowd, but it’s not a suitable Signal alternative. Telegram has no end-to-end encryption by default, and no end-to-end encrypted group chats at all. Choosing privacy features (especially essential features like end-to-end encryption) leaves the majority of users unprotected.
But none of this can stop Durov from amplifying people’s suspicions about Signal in order to benefit Telegram. Additional conflicts are likely to arise. (Wouldn’t it be nice if we could all get along?)
It’s worth noting that Signal didn’t back up Maher’s comments in this round of the fight. Their line is that Maher’s politics don’t really matter. You don’t have to trust the people running Signal, you just have to trust the code.
This is a good line to take. With its highly audited open source code, Signal has a relatively untrustworthy model. Maher’s politics have nothing to do with the PQXDH key exchange. However, decentralized models can be less trustworthy and already exist.
anti signal movement
I’m developing an end-to-end encrypted messaging app called Session. It runs on a distributed network run by ordinary community members who provide computing resources to route and store messages.
Not only is the client and server code open source, but you can be sure that the open source code is actually code that runs on the network. You can also participate and run it yourself. The session does what it says on the box and no trust is required.
However, this is not a panacea. The decentralized nature of networks makes it difficult to solve the complex key ratcheting associated with signaling protocols. While this ratcheting provides unique cryptographic properties, keeping key state updated does not mix with a decentralized network of community nodes that can enter and leave the network at will.
Remove encryption completely and you can have a great UX like Telegram. Here the message is displayed immediately, like a rabbit.
There is always a compromise. No one has it all. If they say they have it, they probably have something to sell to you.
Alexander Linton He is a board member of Session, an encrypted messaging app, and OPTF, a non-profit foundation. He graduated with a Bachelor of Journalism from RMIT University and then went on to graduate school at the University of Melbourne.
This article is written for general information purposes and should not be considered legal or investment advice. The views, thoughts and opinions expressed herein are those of the author alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.