The world seems to be shocked by the news that WhatsApp turned any phone into spyware. Everything on your phone – including photos, emails and texts – could be accessed by attackers just because you had WhatsApp installed [1].
This news didn’t surprise me, though. Last year WhatsApp had to admit they had a very similar issue – a single video call via WhatsApp was all a hacker needed to get access to all of your phone’s data [2].
Every time WhatsApp has to fix a critical vulnerability in their app, a new…
This is an article written by telegram’s founder and CEO Pavel Durov in 2019 on “Why whatsapp will never be secure”. Your thoughts?
It’s been a while since I looked into it, and things might have changed since then, but some stuff off the top of my head:
Messages are stored on the server, not on the device
end-to-end encryption not enabled by default
uses proprietary encryption, making security audits difficult
Apart from that it’s somewhat politically questionable, based in Dubai (I think), with dubious financial backing and Russian developers. Because it’s closed source and the encryption is proprietary, there’s no way of knowing how much info it leaks.
Messages are stored on the server, not on the device
Yes, pretty much necessary to provide multidevice support
end-to-end encryption not enabled by default
True that and telegram sucks big here, but I donth think e2ee can be enabled in a feasible way for multiple devices.
uses proprietary encryption, making security audits difficult
The MTProto isnt open source but its fully documented, there have been security audits on it.
dubious financial backing
No. Pavel Durov have always said since starting he paid for telegram’s servers from his pocket, in recent years telegram has started monetisation programs to cover its costs.
Russian developers
The founders were born in Russia, but they now have dual citizenship of UAE and France.
If you are talking about politically questionable, even signal have been accused of having backdoors for CIA.
It’s been a while since I looked into it, and things might have changed since then, but some stuff off the top of my head:
Apart from that it’s somewhat politically questionable, based in Dubai (I think), with dubious financial backing and Russian developers. Because it’s closed source and the encryption is proprietary, there’s no way of knowing how much info it leaks.
Yes, pretty much necessary to provide multidevice support
True that and telegram sucks big here, but I donth think e2ee can be enabled in a feasible way for multiple devices.
The MTProto isnt open source but its fully documented, there have been security audits on it.
No. Pavel Durov have always said since starting he paid for telegram’s servers from his pocket, in recent years telegram has started monetisation programs to cover its costs.
The founders were born in Russia, but they now have dual citizenship of UAE and France. If you are talking about politically questionable, even signal have been accused of having backdoors for CIA.