Share this page!

Rafay Baloch Profile picture
Twitter logo
13 Jan, 8 tweets, 3 min read
Whatsapp's new privacy policy has triggered a debate among masses about its alternatives from Privacy/Security standpoint. Clearly, @telegram & @signalapp are popular candidates leading to Q's on which one being more secure. Lets discuss key security differences in this thread
Secure by default: Both, Signal and Telegram support End to end encryption (E2E), however, the Signal has E2E is enabled by default, where-as in the case of Telegram a secret chat has to be initiated to enable E2E on the conversation to conversation basis
Data Storage: Telegram chats are stored on cloud unless secret chat is enabled. This means the encryption keys are stored on the server and technically telegram can decrypt conversations. Signal stores messages in a local SQLite database.
Metadata collection: Telegram collects info such as IP addresses, device details, history of username changes etc. Signal only collects timestamp of account creation and last-time when the user connected to the signal server that was too limited to the day instead of hrs/sec.
Contact Discovery: To discover Social graph, Telegram uploads the entire address book on it's cloud servers. Signal does not learn about address book by running their contact discovery service under secure enclave on a signal server.
Source Code: Source code for both Signal applications and servers are open-source for anyone to examine, Telegram's client is open source, however it's server side is still closed source till date.
Crypto: Signal protocol is built on well known, tried and tested security standards. The protocol has gone under extensive scrutiny by prominent crypto experts. Telegram's MTproto has been widely criticized for non-standard custom designed using a non-standard crypto protocol.
Clearly, Telegram is less secure than both Signal and Whatsapp, where security and privacy are paramount Signal should be used. Detailed explanation on key differences can be found on my blog post here - rafaybaloch.com/2021/01/signal… CC @Snowden #SignalApp #Telegram

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Rafay Baloch

Rafay Baloch Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @rafaybaloch has new unrolls!

Check out other threads from @rafaybaloch!

Read all threads by @rafaybaloch