After tech behemoths like Twitter moved to ban Trump and thousands of other far-right accounts, millions moved to apps like Signal and Telegram for their encrypted messaging services.
There’s one rub, though: Telegram, unlike Signal, doesn’t have end-to-end encryption by default.
End-to-end encryption means that only the message sender and receiver can read the message. Even the server that hosts it, such as Signal or iMessage on Apple devices, can’t decrypt and read what someone wrote. If those servers were ever hacked, hackers wouldn’t be able to read the messages, either. It’s safe to say, then, that end-to-end (e2e) encryption is an imperative element to secure messaging.
As New York Times tech reporter Mike Isaac pointed out on Twitter, those conflating Signal and Telegram are doing so wrongfully because of this difference:
a few things:
signal and telegram are kind of getting smushed together in recent coverage, but they’re pretty different
signal is p much a classic “messenger” product, end-to-end encrypted by default
Telegram acts more like a social network+messenger and is NOT e2e by default
— rat king (@MikeIsaac) January 14, 2021
“Signal is [pretty] much a classic ‘messenger’ product, end-to-end encrypted by default,” Isaac explained. “Telegram acts more like a social network+messenger and is NOT e2e by default.”
Indeed, according to its FAQ, a user has to make a Telegram chat “secret” in order for it to be e2e encrypted. Telegram has public, private, and secret chats; secret chats are only between two people. This means that Telegram’s private group chats are not e2e encrypted, and those outside the chat can potentially access their messages.
How does Telegram’s encryption compare to other messaging systems?
Signal, as already said, has e2e encryption by default. Out of the major messaging apps, however, it appears to be the only one (at the time of this publication). Facebook Messenger is not automatically e2e encrypted. Like Telegram, one has to make the chat “secret.”
Whatsapp, which Facebook owns, has end-to-end encryption for chats between family and friends, but the rules get murky when it comes to business chats. The app planned to change its business chat encryption in a policy update on Feb. 8, but due to backlash they pushed it to May 15.
For businesses that want e2e encrypted messaging after May 15, it seems that another app is the way to go. WhatsApp will still be a viable option for those businesses, but they’ll have to accept that e2e encryption may not be an option if they’ve granted access to third-party vendors, like Facebook.
In those cases, a message will appear at the top of the chat explaining what kind of privacy features are active. It’ll be light blue when e2e encryption isn’t an option and yellow when it is.
To recap: Signal is always e2e encrypted. Whatsapp has e2e for friends, family, and currently business; business chats will change in a few months. Facebook Messenger and Telegram are not e2e by default. One has to make the chat “secret” on either app for it to be so. In Telegram’s case, that means only chats between to people have the potential to be e2e encrypted.
There you have it. Go forth, and choose your messaging service wisely. (Hint: Make it Signal.)