[skrowl]

The skepticism is right. The person leading the charge for "but but Telegram rolled their own crypto, so you shouldn't use it" is actually one of the developers of Signal.

Not a single working proof of concept attack on telegram has been released and no one even claimed to have decrypted a single message.

I'm not saying Telegram is impervious to ever being cracked, but it's certainly not cracked yet or at all proven to be insecure.

[pfg]

Being able to decrypt messages should certainly not be the benchmark you use when evaluating crypto, especially when it comes to rather new protocols. History has shown that severe theoretical issues that cryptographers have been warning against for years (see: CBC and padding oracle attacks) will almost always lead to practical attacks eventually.

Telegram has a number of those weaknesses, and many of its implementation details don't paint a good picture in terms of security either[1].

[1]: https://twitter.com/matthew_d_green/status/72646884513381171...

[tptacek]

Can you cite anyone working professionally in cryptography, whose reputation we might be aware of, who has said anything positive about Telegram's crypto? It's not just Moxie Marlinspike criticizing Telegram. Look what Matthew Green has had to say.