Moxie Marlinspike Profile picture
Dec 23, 2021 9 tweets 2 min read Read on X
It's amazing to me that after all this time, almost all media coverage of Telegram still refers to it as an "encrypted messenger."

Telegram has a lot of compelling features, but in terms of privacy and data collection, there is no worse choice. Here's how it actually works:

1/
Telegram stores all your contacts, groups, media, and every message you've ever sent or received in plaintext on their servers. The app on your phone is just a "view" onto their servers, where the data actually lives.

Almost everything you see in the app, Telegram also sees

2/
Here's a simple test: delete Telegram, install it on a brand new phone, and register with your number. You will immediately see all your conversation history, all of your contacts, all the media you've shared, all of your groups. How? It was all on their servers, in plaintext

3/
The confusion is that Telegram does allow you to create very limited "secret chats" (no groups, synchronous, no sync) that nominally do use e2ee, even if the security of the e2ee protocol they use is dubious.

There's no e2ee by default, but they talk about it like there is

4/
FB Messenger also has an e2ee "secret chat" mode that is actually much less limited than Telegram's (and also uses a better e2ee protocol), but nobody would consider Messenger to be an "encrypted messenger."

FB Messenger and Telegram are built almost exactly the same way.

5/
Some may feel okay letting Telegram have access to all of their data, msgs, images, contacts, groups, etc. because they "trust Telegram."

However, the point of an "encrypted messenger" should be that you don't have to trust anyone other than the ppl you're communicating with

6/
Actual privacy tech is not about trusting someone else w/ your data. It's about not having to. A msg you send should only be visible to you & recipient. A group's details should only be vis to the other members. Looking up your contacts should not reveal them to anyone else.

7/
Privacy tech is really about making the tech consistent with the UI. But if Telegram's UI were consistent with the way the tech worked, every chat would be a group chat with everyone that works at Telegram + everyone that hacks Telegram + every gov that accesses Telegram, etc

8/
For the folks writing about this space, my request is that when you write "encrypted messenger," it should at *minimum* mean an app where all messages are e2ee by default. Telegram and FB Messenger are built exactly the same way. Neither are "encrypted messengers."

9/

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Moxie Marlinspike

Moxie Marlinspike Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @moxie

Jun 6
Easy to overlook: most people's first encounter with despotic systems is not usually with the KGB or Gestapo knocking at their door. Instead, it's usually with clean streets and improved material conditions.

I don't think the way we talk about this stuff serves us well:
The truth is that there are real perceivable benefits to living in a police state! Your bicycle won't get stolen, your car window is safe.

The problem is that you've swapped every street gang for One Big Gang, and that turns out to almost always be really bad in the end...
Imagine being a child at the dawn of the USSR. You live in a country of literal peasants. The lowest literacy rate in Europe. No electrical grid, and near-zero industrial infrastructure. A rural culture of religious superstition and gender inequality...
Read 8 tweets
Nov 15, 2022
One unique thing about software as an engineering discipline is that it offers abstractions which allow ppl to start contributing in the field w/o having to understand the whole field.

To be great, though, imo understanding what’s under the abstractions is really important:

1/
These abstractions are the “black boxes” in your work.

Maybe you make HTTP requests all the time, or submit queries to a DB, or read and write to files, or make a syscall, or even type useState—but have never interrogated what’s happening under the abstraction when you do.

2/
These abstractions are great for most things, but are still “leaky” at some point — and understanding their underlying complexity is incredibly valuable for being a great software dev.

Here are some books I found valuable for learning about these abstractions early on:

3/
Read 8 tweets
Dec 23, 2021
Since my last NFT was banned, I made another NFT and dApp. This time for autonomous art: autonomous.graphics

It's a collective work. Anyone can mint a token for it by making a visual contribution, and the price to mint is paid to all previous contributors.
Wow, that was fast. There are already three visual contributions!
Whoa, 44 contributions in an hour. Almost $12k USD has gone into making a collective art piece. Got pretty weird pretty quick, but fun to watch so far!
Read 4 tweets
Oct 12, 2021
I created an NFT, but the image renders differently based on who's looking at it.

For example, on OpenSea: opensea.io/assets/0x5c61a…

...vs on Rarible: rarible.com/token/0x5c61af…

...vs if you own it, it currently renders as a large 💩 emoji in your wallet. How this works:

1/n
NFT image data is not on-chain (too costly). Instead, what's on-chain is just a URL that *points* to the image. But surprisingly, there is no hash commitment in the NFT for the image at the URL. This means whoever controls the URL host can change the NFT image at any time.

2/n
Looking at popular NFTs, there are tokens trading for crazy $$ where the NFT image comes from a random VPS running Apache. The VPS admin, or anyone who controls the domain name, can change the NFT image/name to render as 💩 (or whatever) at any point w/o owning the token.

3/n
Read 5 tweets
Jul 9, 2020
I've had a bunch of discussions with people here about Signal PINs over the past day.

I don't usually spend this much time on Twitter, so parallel to the direct discussion, these are a few of the adjacent thoughts that have come up for me:

1/14
1) I think it's increasingly important to consider how discussions around technology are perceived across the full spectrum of backgrounds (from technical to non-technical) for everyone interested in the topic of their own privacy/security -- which is basically everyone now!
Its interesting that some folks who see discussion around PINs conclude "switch to app X!" where X invisibly stores the same data in plaintext rather than e2e.

Signal's efforts are a discussion b/c we're designing not to store data in plaintext, while plaintext got no discussion
Read 14 tweets
May 2, 2020
Many trends in modern programming language design seem to focus on developers pressing fewer keys on the keyboard. To me, that's a strange priority.

For large systems where the industry spends most of its time, I think "readability" is much more important than "writability."
1/5
For example, even simple features like "type inference" feel like misplaced priorities to me.

People say "it's annoying I have to write String foo = new String()," but realistically, you're more often writing "String foo = bar.getBaz()"

If that becomes "val foo = bar.getBaz()"
...what is "foo?"

"The compiler can figure it out!" they say. But what I care about is whether someone looking at the code can figure it out.

We're writing 3 fewer characters one time, at the cost of less information for the ~years people will have to read and understand it.
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(