Activists at this year’s Hong Kong July 1 march made a big push for mobile chat app Telegram, but for all the wrong reasons. While we marched across Hong Kong Island, voices on the megaphone urged us to “download Telegram, because it is more secure than WhatsApp.” As we passed the booths of various political and civil society groups on the road, they told us to befriend Telegram bots: one bot allowed attendees to signal their participation at the march; another polled voters about their top picks in the upcoming Legislative Council elections. While these new grassroots-organizing tools were exciting, they misled us about one piece of crucial information. Telegram is not more secure than WhatsApp; in many circumstances, it’s worse.
Telegram first landed onto the tech scene as a fast, “free and secure” messaging app way back in 2013. Since then, data security, specifically its encryption features, has been one of its big selling points:
Unfortunately, not all encryption is made equal:
Not encrypted: Any third party who intercepts the message can read it as it was inputted, in “plain text.”
Regular encryption: Messages are encrypted so that third parties cannot read them. But the platform (e.g. Google or Facebook) still has access, and may hand messages over to law enforcement if they are required to do so by the courts/the government.
End-to-end encrypted: Messages can only be read by the original sender and receiver. This means not even the platform has access. So if law enforcement calls, the service provider can’t hand over the messages because they don’t have them either.
Despite its reputation, many conversations hosted on Telegram are not end-to-end encrypted:
Only “secret chats” in Telegram are end-to-end encrypted. By default, conversations are not protected end-to-end encryption. Only by going out of the way to tap “New Secret Chat” is end-to-end encryption turned on. What’s alarming is that many people we’ve spoken with are not aware of this discrepancy – they think that by all communication within Telegram is “automatically” secure.
Telegram’s end-to-end encryption protocol violates cryptography best practices. As this Stack Overflow thread points out, “the first rule of Cryptography is Don’t Roll Your Own Crypto.” But that’s exactly what the Telegram team has done, and it has led to severalproblems.
Group chats have no end-to-end encryption support. There is no “secret chat” option for conversations involving more than one person.
Conversations with bots are not end-to-end encrypted either. There’s no indication that any conversations or interaction with bots is end-to-end encrypted.
Ironically, WhatsApp, which was criticized at the march, automatically applies end-to-end encryption to all of its conversations, including its group chats. (This feature was only rolled out earlier this year in April, so you might not have heard of it.) Not only does WhatsApp encrypt all of its messages, it does so using the open and peer-reviewed Signal protocol developed by the team at Open Whisper Systems. Unfortunately, WhatsApp itself is not open source, so there is no guarantee that the protocol has not been tampered with during implementation. So far though, there is no evidence of no foul play, and the team from Open Whisper Systems have written publicly about their partnership and implementation process. In any event, it’s no worse than Telegram, which is only partially open source, requires users to opt-in for end-to-end encryption, and uses an encryption protocol that violates best practices.
For maximum, assured security, we recommend using Open Whisper System’s very own Signal Private Messenger app. Signal is both an open source app and uses a peer-reviewed encryption protocol. Unfortunately, because it’s a not-for-profit, open source project, it lacks both the bells and whistles, and the user base of commercial chat apps like Telegram and Whatsapp. If Signal doesn’t appeal to you for those reasons, we’d recommend WhatsApp – it’s the only widely-used chat app that a) turns on end-to-end encryption for all conversations, and b) uses an open and peer-reviewed encryption protocol.
Telegram was not wrong in promoting its security features back in 2013 – end-to-end encryption in mobile chat apps was rare back then. Since then, however, other chat apps have caught up and in many cases surpassed its security features. This isn’t to say Telegram doesn’t have its merits – neither Whatsapp nor Signal have support for channels (public groups) or bots, and Telegram does have a handy, Snapchat-like, self-destruct feature for conversations. But to recommend Telegram, without reservation, to protesters and activists is simply irresponsible. Dear activists: please stop telling people Telegram is more secure – either stick with WhatsApp or direct people to Telegram’s “Secret Chat” feature.
Thank you for the good folks at Citizen Lab and Professor Jedidiah Crandall for helping us out with some background research for this article.
August 6 update: We previously stated that Telegram’s encryption protocol is not open source. We have amended references to that based on feedback we received from our readers over Telegram’s ambiguous open-source-client, closed-source-server status.