Not a user, but I've only heard good things about Telegram.

People often throw "Signal" into that conversation, and what has become public as of recent is, Signal was developed with C(eye)A funding to provide a false sense of security to users seeking private communications. Nothing was truly private on there.

I currently am using Telegram to communicate with my IPTV subscriptions and troubleshooting help. never had a problem and neither have my contacts.

Something

Signal is open source


and has been independently audited


Not sure how the CIA factors into that

Machine Gun Montana uses Telegram and it seems OK, but they use Facebook as well. These apps are fine for legal operations and don’t seem to be targets of censorship, yet.

Regarding Signal, there are a few articles out there that note the CIA early development funding and collaboration link. Unless you write your own encryption software and provide it to everyone you communicate with, you should assume that someone has the ability to read it fairly easily.

There is no privacy or freedom on the Internet.

Rule number 1 in cryptography is: Don't roll your own code. You are dangerously bad at cryptography.

Compile an open source, independently audited build? Sure. If you know what you're doing. Write your own code? Absolutely not, unless you're willing to hinge your entire security value on secret method. But to use that on a non-air-gapped device? Yikes.

So much for assurances that Signal is a secure app. Audited open source software is a completely BS smokescreen intended to fool the lazy and feeble minded.

There is no privacy on the internet. Whatever you write will be collected, stored, categorized and analyzed.

I introduced Telegram to my buddies a few years ago and we have been using it every day.

We chose it over Signal for extra features, and use Signal as a backup app.

We also use Proton email and it's VPN apps.

Layered approach to security.

Nothing is 100%, but why give your private info away on a platter?

Cryptography is notoriously hard, because so many mistakes are possible with just a partial understanding of how it works.

By way of a recent example, I re-learned how easy it is to make your encryption weak:

The authors of the ISC BIND DNS server have been very good about implementing solid cryptography in named, yet still have patchable errors. But, one thing they get right is using a REAL source of entropy-based randomness in their key generation. By default using the BIND keygen and signing utilities uses /dev/random on Linux, but takes a long time for high-quality entropy to filter into the kernel, making key generation a long exercise (sometimes hours, even with an entropy generating program).

As an alternative, you can use /dev/urandom to generate keys, and most Linux programs that utilize cryptography use this device, as it doesn’t block and easily produces random data.

But why do the BIND maintainers suggest the former device? Because /dev/urandom is a pseudo-random generator with seeds and salts from host data, meaning that it’s MUCH easier to guess at values that make your primaries weaker than in cryptography generated from true-random data. This is exposed in DNS keys because of the frequency and shorter length necessary for the protocol.

Now, audit how many of your programs utilize only a pseudo-random generator in your OS, and to what extent they go to maximize its cryptographic worth, with longer salts and seeds. With a hack like what occurred with SolarWinds, it wouldn’t be that hard to introduce a weakening of the seeds and salts to where the result is sufficiently weak enough to crack with existing computing resources.

This is on top of the continual suspicion of TLA-induced weaknesses in crypto primitives like hashing and prime shortcuts and you start to get a feeling of why well-funded state actors can potentially break or significantly weaken commercial crypto, e.g. what is in use, and why they never really pressed for crypto export restrictions to be reinstated for new ciphers.

A good compromise is a hardware random number generator, utilizing Brownian Motion (heat fluctuations), electronic noise or weak ionizing radiation. Each are available in USB format and help to protect one link in the chain.

Telegram is very popular in Iran, a country not tolerant of opinions that don't echo the state's. That said, the government of Iran tried to block Telegram after Telegram's developers refused to give up the encryption tools. Then Iranians started using VPN plus Telegram with notable success. Even phone conversations over Telegram are good quality!

lol... some of you are a wet dream for manipulation... Signal is way better than Telegram... Did of you geniuses realized that your regular chat is not even encrypted in Telegram? You have to enable a secret chat for that and the encryption has not been audited like with signal since its proprietary, not open source? Oh yeah, all the group/room chats are not encrypted and as of recently they found a way to even get your location and ip.

Who is the genius that posted the link: https://bigleaguepolitics.com/court-...ed-signal-app/ ?

Did you ever bother to read the article from fox news that the stupid site referenced as the real study about it? How about the original paper by the researchers? They would need physical access to the phone, and I am sure even your telegram can be compromised in that way! Oh yeah and Signal already mitigate that by releasing a new update!

Man, some you of you are ridiculous!

lol... from their site...