@Havn yeah no, sorry. If anyone else except you and the people you're texting with hold the keys to decrypt them, it's as good as (or as bad as) plain text. One entity holding keys = anyone holding the keys; at least when it comes to encryption
@zer0 I think that’s unnuanced to an unhelpful degree. Me giving a copy of my keys to my neighbour ≠ leaving the door open. I don't think it's productive to say that "Everything that's not the best security = No security" - in no parts of life, as I fear that will lead to people just not bothering at all.
(And If Telegram’s security was as bad as plain-text, they probably wouldn’t be in so much trouble, right?)
However, I absolutely don’t mind only E2EE being good enough for some people/some use-cases! And that’s why I think it’s important that people know, so they can stay away from Telegram and iMessage. People should know how to get the best security (re my first paragraph here) if they want that.
(And I find it annoying how often iMessage gets lumped into the same bracket as Signal — when the security is much closer to that of Telegram. If you’re OK with iMessage, you should be OK with Telegram (in terms of security), and if you’re not OK with Telegram’s security, you shouldn’t use iMessage.)
@Havn I don't think that lowering what lay communication means by encryption (they can't read it) to a different standard (it's not plain text) is actually helpful here. This is especially true as Telegram, the company, has gone through considerable efforts to create alternative methods of obfuscation that are explicitly about getting around law enforcement without using end-to-end encryption.
Your love for the application, I think, is causing you to take up arms to defend a group whose ethics are quite poor. It may be that encryption here is being used in a way to communicate the vibe, but it's not being used wrong, either technically or on vibes.