A company specializing in digital security solutions (Kaspersky) has published a blog post warning Telegram users that the popular messaging app may not be as secure as its users think.
The person behind the app said that its app is considered one of the most secure messaging apps due to the encryption and privacy features it offers, which Kaspersky says is not as accurate as the company claims. Kaspersky explains seven reasons in its blog post:
1- Not all Telegram messages are created equal
While encrypting messages on Telegram, the app uses two types of encryption:
- Encryption via company server: In this case, the message is encrypted on the sender's device and then sent through the company's server for decryption before being sent back to the recipient's device.
- Peer-to-peer encryption: Messages are encrypted on the recipient's device and then sent directly to the recipient's device, where they are decrypted without going through the company's servers.
Encryption across the server means that the company has a copy of the content of the message and can theoretically see its content, the problem with this is that this encryption method is the default method for chat via Telegram, while other applications from messaging providers such as WhatsApp or default refer to peer-to-peer encryption, which They do not require user intervention, and are therefore considered safer in this respect.
2- Default settings
Telegram does not use encrypted peer-to-peer chat by default and does not tell users it exists, users need to enable it (secret chat) to use secure chat, but the option is hidden in the settings. to have.
3- Why do you have a cat (secret)?
Here Kaspersky criticizes naming its encrypted peer-to-peer chats "secret" instead of inserting words like (secure conversation), (protected) or (private). According to Kaspersky, the term (secret chat) gives the user the feeling that he is (a spy) or a member of a secret organization and intends to discuss dangerous or illegal topics, which creates a bias against the unknown use of this feature and then the use of this feature is considered unimportant because it does not discuss things Really discreet in conversation. In its blog post, the company claims that there is no such sentiment among users of apps like WhatsApp and Signal that can oppose the use of secret chats because peer-to-peer encryption is the default and the only discussion mode.
4- Secret chat lacks functionality
To make matters worse, according to Kaspersky, secret chats lack some of the features that regular chats provide within the app, such as: b- the inability to interact with messages using emojis and the inability to pin messages, which may result in inappropriate messages. Some users are using secret chat. Kaspersky sees no technical reason to prevent this, as there are interactions with messages using emojis in WhatsApp.
5- There are no secret group messages
Even if a user can convince their friends to use the secret chat feature in their chats, which Kaspersky says is not an easy task, but if they need to discuss a topic in a group, they will find that there is no secret voting returns from newsgroups. Kaspersky acknowledged the technical difficulties in providing peer-to-peer encryption for groups, but said that other secure chat applications offer this feature not only for text chats but also for video calls.
6- You need to open a separate dialog
According to Kaspersky, one of the annoying things is that a separate chat window has to be opened to have a conversation with the same person on a different device, which doesn't make the experience very comfortable and can therefore make users reluctant to use Secret Chat. . Kaspersky admits that this is for technical reasons. Peer-to-peer encrypted messages are associated with an encryption key stored on the device and cannot be transferred to another device. Therefore, when using a different device, a new dialog device must be opened. But on the other hand, WhatsApp was able to fix this problem and then Telegram should be able to fix it in the same way.
7- Confidential information cannot be transferred to the new phone
If a user buys a new phone and wants to transfer their secret message history to their new phone, this option is available for normal chats but not for secret chats. Although there are unofficial ways to transfer conversations on Android, they are complex and unsafe while on iPhone it is not possible. This is one of the reasons why users are reluctant to use Secret Chat.
Finally, Kaspersky said that while it is possible to use the secret chat feature to have secure conversations on Telegram, it is actually not an easy task as most users prefer to use virtual chats to easily enhance their experience. The company added that backing up all user conversations on Telegram would not be easy as it would require a lot of effort without guaranteeing success.