Telegram founder Pavel Durov recently criticized the privacy mechanisms of the encrypted messaging app Signal, calling them a “circus trick.” However, given Durov’s history with Signal and the privacy credentials of Telegram itself, his comments seem more like an attempt to undermine a market competitor rather than a legitimate concern about backdoored software.
The rivalry between Signal and Telegram has been ongoing for some time. Durov made a prediction in 2017 that we would find a backdoor in Signal’s protocol within five years, but that prediction has proven to be false. Signal founder Moxie Marlinspike even suggested that Telegram should not be considered an encrypted messaging app.
In the midst of this historical beef between the two apps, Durov’s recent post appears to be a calculated attack on Signal rather than a genuine warning about compromised software. Signal was already facing scrutiny due to comments made by Signal Foundation Chair Katherine Maher, which sparked controversy on social media. Durov took advantage of this situation to redirect the anger towards Signal.
Signal has since addressed the claims and provided context to counter the controversy. However, this rivalry is far from over and has the potential to become the cybersecurity version of Kendrick Lamar vs. Drake.
Interestingly, there seems to be an emerging anti-Signal sentiment in certain circles, despite Signal being one of the most respected messaging apps globally. This sentiment may have been influenced by ex-Fox News anchor Tucker Carlson’s appearance on a podcast where he questioned the security of Signal.
Carlson also claimed that the NSA obtained his Signal messages related to his attempts to interview Russian President Vladimir Putin and leaked them to the media. This claim, along with Carlson’s interview with Durov, seems to have fueled Durov’s recent post about exploited Signal messages.
However, Telegram is not a suitable alternative to Signal. Unlike Signal, Telegram does not have end-to-end encryption by default and lacks end-to-end encrypted group chats. Telegram’s opt-in privacy features leave the majority of users without adequate protection.
Despite this, Durov continues to cast doubt on Signal to promote Telegram. Conflict between the two apps is likely to continue.
Signal has distanced itself from Maher’s controversial comments, emphasizing that users only need to trust the code, not the people behind it. This trustless model, supported by highly audited and open source code, is one of Signal’s strengths. However, there are other alternatives, such as Session, an end-to-end encrypted messaging app that operates on a decentralized network. Session’s open source code allows users to verify its authenticity and ensures that trust is not required.
However, decentralized networks come with their own challenges, particularly when it comes to complex cryptographic processes like key ratcheting. Telegram prioritizes user experience over encryption, but this trade-off means sacrificing certain cryptographic properties.
In conclusion, no messaging app has it all, and anyone claiming to have the perfect solution is likely trying to sell you something. The rivalry between Signal and Telegram continues, and users must carefully consider their privacy needs and the trade-offs involved in choosing a messaging app.