In fact, WhatsApp is better than Telegram because whatsapp has e2e by default.
Personally I use Telegram because of public searchable groups. Nice way to meet new people with same interests.
You’re definitely, definitely wrong. This is not true.
WhatsApp messages have E2E encryption by default, you can not opt out, and the keys (each message has a different one) are never sent to WhatsApp or anybody else.
Users may OPTIONALLY enable a cloud backup, which puts an encrypted backup on iCloud or Google Drive. WhatsApp (Facebook) holds the key for this, but not the data, and law enforcement would need the cooperation of Facebook and Google/Apple to access the messages.
But that is all completely opt-in. By default, messages are not backed up, contrary to what you said.
Full disclosure: I use WhatsApp but am eager to switch away from it a soon as Signal implements a local backup on iOS.
> WhatsApp (Facebook) holds the key for this, but not the data, and law enforcement would need the cooperation of Facebook and Google/Apple to access the messages.
It is a plaintext backup to Google Drive, whatsapp does not encrypt it before uploading it to Drive or iCloud.
You cannot control your contacts backup settings. Every contact I have (100+) has enabled the backup option, meaning all my 'e2ee' chats are uploaded in plaintext to Google servers.
With Telegram, I can be sure e2ee/secret chats with my contacts are not going anywhere other than the device they were delivered to.
You can reverse-engineer an App and check its logic and protocol. Whatsapp is popupar enough, so I'm sure that many people do that and if E2E were fake, they would let everyone know.
Yet WA defaults to not notifying contacts when keys change. So silent interception is more likely to go unnoticed. And any app could send an automatic update with a backdoor at any moment.
Disassembly and analysis is also harder with binaries than original sources and an open, reproducible build process.
Did they change this? I distinctly remember that after WhatsApp introduced e2e encryption I got a message every time somebody got a new phone. Haven't seen one in a while, though.
This is false, because WhatsApp backs up your keys to the cloud by default, meaning anyone can read your messages with a simple court order. Additionally, even if you decline to back them up your contacts may have.
So you have no idea whether it's actually E2E encrypted, and by default it is not.
It sounds like you are suggesting it is not E2EE because keys are backed up to Google/Apple. That’s not true, it still is E2EE. It just by default has a backup of the key.
Sure, if your threat model means you are worried about the key backups and particularly your friends key backups, you shouldn’t use WhatsApp.
I’m not sure how you end up at Telegram with that threat model.. but whatever floats your boat.
I’d wager most people care more about FB not being able to read their messages. And they can’t. Maybe one day that changes but they will be required to communicate those changes.
Telegram secret chat keys are never uploaded anywhere.
Encryption is literally not E2EE if the private keys are uploaded to some random third party, maybe even without your knowledge (you have no idea what your contacts have done).
