• JustinA
    link
    fedilink
    English
    arrow-up
    8
    arrow-down
    1
    ·
    edit-2
    1 month ago

    The above commenter said that their end-to-end MTProto protocol is not enabled by default.

    Defaulting to just using transport encryption like TLS on a messaging app isn’t sufficient in 2024.

    • Opisek@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 month ago

      MTProto is not end-to-end. MTProto is their obfuscated client-server transport encryption.

      What the commenter above is referring to is Telegram defaulting to saving your messages on the server in plaintext. You can use a “secret chat” which enables end-to-end encryption, but that is separate from MTProto.

      Your sentiment is correct though. Messages should not be visible in plaintext to the server.

        • Opisek@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          1 month ago

          You’re right, it is misleading. There are different “flavours” of MTProto. See here:

          https://core.telegram.org/mtproto

          This page deals with the basic layer of MTProto encryption used for Cloud chats (server-client encryption). See also:

          • Secret chats, end-to-end-encryption

          • End-to-end encrypted Voice Calls

          (The major difference is simply whether the server and client share a key or two clients)